• 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Setup trusted Docker registry on a Raspberry Pi to host netPI containers
We currently using version, Portainer 1.19.2

Maybe i have to give you more detailled information

The registry is available at the address docker01.our_domain.local
I can ping docker01 or docker.our_domain.local from a container that is connected to the host network of the NetPi

I setup the custom registry in portainer with

name: docker01
url: docker01.our_domain.local (also tried docker01, https://docker01.....)
username: reg_user
password: regpassword

The result is always the same.

I also tried to do it with the REST API:

curl --insecure -H "Authorization: Bearer eyJ...." -H "Content-Type: application/json" -d '{"username":"user","password":"password","serveraddress":"https://docker01.our_domain.local"}' -X POST https://esta-netpi-01/portainer/api/endpoints/1/docker/auth

{"message":"Get https://docker01.our_domain.local/v2/: dial tcp: lookup atrdocker01.our_domain.local: no such host"}

When i use the ip address the result is of course:

{"message":"Get https://x.x.10.21/v2/: x509: cannot validate certificate for x.x.10.21 because it doesn't contain any IP SANs"}
Well, here is our story that turns your story the way around:

My colleague is running a virtual machine on his windows system. In this Linux VM he installed docker and a registry for me and he using MACVLAN driver to give the VM a separate IP address in our office network. We are both in the same subnet and also my personal netPI is in the same subnet since we use the same network switch in the office network.

The name of this VM is "ps-virtualbox" as the hostname tells us running the "hostname" command in the VM.

I can tell you now that I am not able to ping his VM with e.g "ping ps-virtualbox" command nor "ping ps-virtualbox.local" over my Windows PC nor from a container running on netPI. But I am to ping his ip address

And now comes the BIG but: on my netPi I created a custom registry like you


and you believe it or not ... portainer.io is able to pull an image from this registry server even the registry cannot be pinged (I think it is the MACVLAN driver supressing it ):


So right now I have no clue why it does not work in your constellation. Here it does well.

How about to use the ip-address as docker URL instead of docker01?
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

I recheck my registry running on my Raspberry Pi 3 again. (used for the registry example in this thread by the way). It works like it should under the hostname myregistry. Both pi and netPI are in the same office network, same switch, same DHCP server.

So my settings in portainer are name: any, registry url: myregistry.local.

But let me explain you what here at hilscher happens. We have domains like you e.g. hilscher. But in the registry I never succeeded using "myregistry.hilscher.local" as registry. I always have to use "myregistry.local" as registry URL only. Maybe this helps in your case too.

The only thing I see to analyse the problem is hooking a managed switch to you netPI with a mirror port and listen to its outgoing network traffic and have a look what is really happening. We could check the same tomorrow in the office with wireshark using my netPI.

If nothing helps in the end you need to enter the ip address in the registry url finally till the problem is found why this happens. I know you did that, but one more word to your problem about {"message":"Get https://x.x.10.21/v2/: x509: cannot validate certificate for x.x.10.21 because it doesn't contain any IP SANs"}. The time you have created the certificate you had to fill out the alt names table and you have to add the ip address additionally

[ alt_names ]
DNS.1 = myregistry
DNS.2 = myregistry.local
DNS.3 = myregistry.domain
IP.1 =
IP.2 = <your servers IP address>

and then regenerate the certificate
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)


Possibly Related Threads...
Thread Author Replies Views Last Post
  Application developed with commercial Raspberry Pi tad 4 38 June-24th-2020, 08:37 AM
Last Post: Armin@netPI
  Docker cannot find image COswald 16 68 May-18th-2020, 07:15 AM
Last Post: COswald
  docker.service start failed EUROKEY 6 26 February-6th-2020, 09:49 AM
Last Post: EUROKEY
  After „Rebuild“ of Docker neither the node-RED nor the dashboard can be accessed MAK 4 22 January-31st-2020, 02:14 PM
Last Post: MAK
  Automatic setup of NetPI (for production) Martin Serik 3 29 December-12th-2019, 03:23 PM
Last Post: Armin@netPI
  [SOLVED] Docker GUI login issue MGharat 1 26 September-19th-2019, 11:50 AM
Last Post: Armin@netPI
Information netPI Docker REST API for versions >= V1.1.4.0 patrick 1 86 July-16th-2019, 02:45 PM
Last Post: patrick
  Using Windows Containers a.w.d.m. 3 62 July-16th-2019, 01:46 PM
Last Post: patrick
  [SOLVED] Pull Docker Image a.w.d.m. 8 46 July-8th-2019, 11:17 AM
Last Post: Armin@netPI
  [SOLVED] Docker issues AlexRegev 7 196 June-26th-2019, 02:14 PM
Last Post: AlexRegev

Forum Jump:

Users browsing this thread: 1 Guest(s)