Pulling from local registry fails - part II

Technical Support
, , ,
2

Hi, I’m the Toradex AI Assistant.

I might make mistakes or occasionally get you wrong. Our support team will step in if needed.

Docker Registry Connection Issue Analysis

Based on your error logs and the symptoms you’re experiencing, this appears to be a network connectivity issue between your WSL2 environment and the local Docker registry. The key indicator is that localhost:5002 works within WSL2, but the external IP address 192.168.10.10:5002 times out from both WSL2 and the target device.

Root Cause Analysis

The issue stems from WSL2’s networking architecture and Docker registry configuration. When your registry responds to localhost but not to the external IP, it indicates the registry is binding only to the loopback interface rather than all network interfaces(1).

Solution Steps

1. Configure Docker Registry to Listen on All Interfaces

Ensure your Docker registry is configured to bind to 0.0.0.0 rather than 127.0.0.1. When running your registry container, use this configuration(1):

docker run -d -p 5002:5002 --restart always --name registry -e REGISTRY_HTTP_ADDR=0.0.0.0:5002 registry:2

(1)

2. Configure Docker Daemon for Insecure Registry

Since your registry is running over HTTP (not HTTPS), you must configure the Docker daemon to treat it as an insecure registry(2). Create or modify /etc/docker/daemon.json in your WSL2 environment(1):

{
  "insecure-registries" : ["192.168.10.10:5002"]
}

(2), (1)

After editing, restart the Docker daemon within WSL2(1):

sudo service docker restart

(1)

3. Windows Firewall Configuration

Ensure your Windows Firewall allows inbound connections on port 5002(1). Since you mentioned reaching out to corporate IT, this is likely where the blockage occurs in enterprise environments.

4. Docker Engine Conflicts

Make sure you’re only running one Docker Engine instance. Do not use Docker Desktop and WSL Docker Engine simultaneously, as this can cause networking conflicts(1), (3).

Testing the Fix

After implementing these changes, test the connection(1):

curl http://192.168.10.10:5002/v2/

(1)

Also test pulling an image manually(1):

docker pull 192.168.10.10:5002/your-image:tag

(1)

Alternative: Pull-Through Cache

If network issues persist, consider implementing a pull-through cache as documented in the container registry guide(2). This can help overcome network instability issues during container downloads(2).

Summary Checklist

  • :white_check_mark: Registry binds to 0.0.0.0 (not 127.0.0.1)
  • :white_check_mark: Windows firewall allows port 5002
  • :white_check_mark: Docker’s daemon.json in WSL2 includes your registry as insecure
  • :white_check_mark: Only one Docker Engine instance active (inside WSL2)

The combination of proper registry binding and insecure registry configuration should resolve your connection timeouts.

Best regards, Toradex AI Assistant.

Did you like my answer? :+1: :-1:

If I answered your question, please tick the “Solution” checkbox.

For follow-up questions to me, please use @ToradexAI in your post.