0

i am trying to pull image from private registry and i get this error:

i created a namespace called myrelease, my helm command from my chart folder:

helm install myrelease -n myrelease .

http: server gave HTTP response to HTTPS client

i have made all changes required for docker to accept insecure registries.

first of all, i edit every /etc/docker/daemon.json on all nodes to:

{
    "features": {
       "buildkit": false
    },
    "insecure-registries" : [ "http://xx.xx.xx.xx:8082" ]
}

then i tried to login to my repo via:

docker login myrepo

and i SUCCEEDED.

when i try to install my helm chart, i did this configurations:

created templates/secret.yaml:

apiVersion: v1
kind: Secret
metadata:
  name: {{ .Values.imageCredentials.name }}
type: kubernetes.io/dockerconfigjson
data:
  .dockerconfigjson: {{ template "imagePullSecret" . }}

i edited the templates/_helper.tpl file:

//added to the end of the file:
{{- define "imagePullSecret" }}
{{- with .Values.imageCredentials }}
{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" .registry .username .password .email (printf "%s:%s" .username .password | b64enc) | b64enc }}
{{- end }}
{{- end }}

and in my values.yaml i do:

image:
  repository: xx.xx.xx.xx:8082/helloworldwar
  pullPolicy: IfNotPresent
  # Overrides the image tag whose default is the chart appVersion.
  tag: "11"
imageCredentials:
  name: nexuscreds
  registry: xx.xx.xx.xx:8082/helloworld
  username: xxxx
  password: xxxx
  email: xxxx@gmail.com
imagePullSecrets:
  - name: nexuscreds

in docker info command i have my insecure repo listed:

 Insecure Registries:
  xx.xx.xx.xx:8082
  127.0.0.0/8

and i still getting the error:

http: server gave HTTP response to HTTPS client

David Maze
  • 130,717
  • 29
  • 175
  • 215
michael
  • 847
  • 4
  • 10
  • 17

1 Answers1

0

http: server gave HTTP response to HTTPS client this error is due to not allocating the proper insecure Registries in the docker daemon.

 Insecure Registries:
  xx.xx.xx.xx:8082
  127.0.0.0/8

Seems to be you haven't set the Docker Daemon right as per the above insecure registries. 127.0.0.0/8 this shouldn’t be in Insecure Registries and also You are using a linux server and added the Windows syntax to it.

So, Try to add the below highlighted linux syntax and line to Docker's daemon.json file and restart the Docker Daemon:

Syntax format: {"insecure-registries":["host:port"]}

  add this line : {"insecure-registries":["http://xx.xx.xx.xx:8082"]}

The host is the hostname of the server hosting my docker registry and port is the port where the docker registry is available and then restart docker daemon by doing:

$ sudo service docker restart

Refer to the documents Configure the Docker daemon and Configure Docker with a configuration file for additional info.

Edit :

{
    "features": {
       "buildkit": false
    },
    {"insecure-registries" : [ "http://xx.xx.xx.xx:8082" ]}
}
Hemanth Kumar
  • 2,728
  • 1
  • 4
  • 19
  • I didnt understand the difference between daemon.json i set, and what you set, what is the difference between windows and linux? It’s a jason.. – michael Jul 11 '23 at 18:16
  • For Linux servers in the daemon.json file you need to add the Curly bases at start and end of the syntax as shown above in answer. In Windows servers we don't add curly bases as you are given. Refer to this [SO](https://stackoverflow.com/questions/49674004/) for more information. – Hemanth Kumar Jul 12 '23 at 03:22
  • Sorry, but still didnt understand you. I added curly brases at the start and end if file…read again and carefully my description.. – michael Jul 12 '23 at 10:15
  • @michael : Kindly check on the edit part in the answer and let me know if that fixes the issue. – Hemanth Kumar Jul 12 '23 at 10:21
  • ok i tried, giving me file syntax error on systemctl restart docker – michael Jul 12 '23 at 15:49
  • i think the way i wrote it is right! – michael Jul 12 '23 at 15:49
  • also see that docker pull is working fine! – michael Jul 12 '23 at 16:35
  • As per this [Offical doc](https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry), You need to give a full domain like `"http://myregistrydomain.com"` and have a try or else Just give only IP address and Port instead of full domain and try. As per this [SO](https://stackoverflow.com/a/71051880/19230181) try to do some changes mentioned in `Configure URL as HTTP` : They have given as `"buildkit": true` Try this three workarounds one by one and let me know if this fixes your issue. – Hemanth Kumar Jul 13 '23 at 12:29
  • the same....the kubernetes pull still goes for https – michael Jul 13 '23 at 14:09