Docker pull results in tcp "connection reset by peer" error

[ramasubramanianshcl]

Hello,

I am trying to pull the image using the docker pull command, as given in the description, but it results in tcp "connection reset by peer" error.. I dont think it is a proxy issue, since docker.io and other pulls are working fine.

$:~/docker$ sudo docker pull ghrc.io/nokia/srlinux Using default tag: latest Error response from daemon: Get "https://ghrc.io/v2/": read tcp 10.10.213.22:53496->103.224.212.220:443: read: connection reset by peer

I tried to use curl command for the same URL and following is the output :

$:~/docker$ curl -v https://ghrc.io/nokia/srlinux

• Trying 103.224.212.220:443...
• Connected to ghrc.io (103.224.212.220) port 443 (#0)
• ALPN, offering h2
• ALPN, offering http/1.1
• CAfile: /etc/ssl/certs/ca-certificates.crt
• CApath: /etc/ssl/certs
• TLSv1.0 (OUT), TLS header, Certificate Status (22):
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
• OpenSSL SSL_connect: Connection reset by peer in connection to ghrc.io:443
• Closing connection 0
• TLSv1.0 (OUT), TLS header, Unknown (21):
• TLSv1.3 (OUT), TLS alert, decode error (562): curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to ghrc.io:443 $

I tried to search for the solution but no solution received so far..

[hellt]

Hi @ramasubramanianshcl you have a typo in ghcr.io, you typed ghrc.io

[ramasubramanianshcl]

Hi..

Thanks for the correction.. I tried with the right URL and facing the same issue.. Following is the docker, curl and openssl outputs for the URL :

$ sudo docker pull ghcr.io/nokia/srlinux
[sudo] password for user1:
Using default tag: latest
Error response from daemon: Get "https://ghcr.io/v2/": read tcp 10.10.213.22:48832->20.207.73.86:443: read: connection reset by peer
$

$ curl -v https://ghcr.io/nokia/srlinux
*   Trying 20.207.73.86:443...
* Connected to ghcr.io (20.207.73.86) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: Connection reset by peer in connection to ghcr.io:443
* Closing connection 0
* TLSv1.0 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, decode error (562):
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to ghcr.io:443
$

$ openssl s_client -connect ghcr.io:443
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 309 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
$

[hellt]

There is something wrong on your end with regard to TLS.