docs: Added section explaining how RAM configurations restricting Docker hub interacts with mirror registries #22474
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…b interacts with mirror registries
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
| Error response from daemon: Access to docker.io has been restricted by your administrators. | ||
| ``` | ||
|
|
||
| This happens because RAM restrictions are enforced at the API proxy layer, meaning that the request is blocked before Docker Desktop even attempts to pull from a registry mirror or fall back to Docker Hub. |
Contributor
There was a problem hiding this comment.
@chaomonica we can remove this part (line 57), as it is an implementation detail, end user need not know about it.
Contributor
There was a problem hiding this comment.
Also under Caveats in https://docs.docker.com/security/for-admins/hardened-desktop/registry-access-management/ we can add a link that points to the description here.
chaomonica
requested review from
aevesdocker and
sarahsanders-docker
as code owners
karman-docker
approved these changes
Apr 23, 2025
aevesdocker
approved these changes
Apr 24, 2025
Contributor
aevesdocker
left a comment
aevesdocker
left a comment
There was a problem hiding this comment.
Thank you @chaomonica
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
If a user has configured a mirror registry but has restricted Docker Hub in their RAM settings, they will get an error
Access to docker.io has been restricted by your administrators.even if that image has already been cached in their registry mirror.Related issues or tickets
SEG-1124 (Slack thread linked in ticket for context)
Reviews
Please do not merge until after technical review!
@karman-docker I have tested the commands in the following section. Could you please review "This happens because RAM restrictions are enforced at the API proxy layer, meaning that the request is blocked before Docker Desktop even attempts to pull from a registry mirror or fall back to Docker Hub."?