0 0 Share PDF

With Content Trust enabled, why do I get a 'no such host' error for 'notary.docker.io'?

Article ID: KB000549

With Docker Content Trust capability enabled, you may see the following error:

"Error creating container: Get https://notary.docker.io: dial tcp: lookup notary.docker.io <your_DNS>: no such host"

With Docker Content Trust enabled, your cluster will only run images which have been signed by the image creator. Docker attempts to use the value of the DOCKER_CONTENT_TRUST_SERVER environment variable to determine which Notary server to use for image signing metadata like signatures. If you want to use the Notary service available in your DTR cluster, you do not want Docker to poll the default "notary.docker.io". In this case, you will either need to set this environment variable to your own DTR address, or leave this value empty to have Docker infer the location of your Notary service from the repository in the image name.