Docker: Configure Insecure Registry in Boot2Docker

I gotta say there’s some confusing naming that goes on. Boot2Docker was originally a docker client that ran on OSX and Windows. That has been replaced by docker-machine. However, there is also a VirtualBox image (the default one) called Boot2Docker. In this post I’m talking about the latter.

I have a Docker Registry instance I just configured to run in AWS and is backed by S3 for storage. It’s running as a farm of ECS containers behind an ELB. It is running in a private network so I have skipped setting up SSL. Which means I need to configure my docker daemon with the --insecure-registry option so I can pull images to my development machine. And as I mentioned above, I’m currently using the default Boot2Docker image so the configuration is very specific.

You should have a file in your Docker VM: /var/lib/boot2docker/profile. If you open it, it should look something like this:

$ cat /var/lib/boot2docker/profile

EXTRA_ARGS='
--label provider=virtualbox
'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=aufs
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem

To tell Docker to allow you to access an insecure registry you need to add the option to EXTRA_ARGS like so --insecure-registry=[url] like this:

$ sudo vi /var/lib/boot2docker/profile

EXTRA_ARGS='
--label provider=virtualbox
--insecure-registry=myregistry.mydomain.com
'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=aufs
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem

Then just restart the docker daemon:

$ sudo /etc/init.d/docker restart

You should now be able to push and pull using your registry.