Container Registry Proxy
Access Control
This site has access control enabled. Complete this check first before Docker configuration or pull troubleshooting.
Quick check (click to open in browser): /-/access/test
You can also verify it from CLI:
curl -sSL https://docker.kubectl.org/-/access/testAccess Check Matrix
| HTTP status | allowed field |
Meaning | Next action |
|---|---|---|---|
200 |
true |
Access is allowed | Continue to mirror configuration |
403 |
false |
Access is denied | Fix access policy first, then retry |
For support and inquiries: mail to dev@intellij.io
Container Registry Mirror List
| mirror | source | description |
|---|---|---|
| https://docker.m.kubectl.org | https://registry-1.docker.io | Dockerhub |
| https://dhi.m.kubectl.org | https://registry-1.docker.io | Dockerhub Hardened Images |
| https://k8s.m.kubectl.org | https://registry.k8s.io | K8s |
| https://quay.m.kubectl.org | https://quay.io | RedHat |
| https://ghcr.m.kubectl.org | https://ghcr.io | Github |
| https://gcr.m.kubectl.org | https://gcr.io | Google |
| https://mvcr.m.kubectl.org | https://mcr.microsoft.com | Microsoft |
| https://nvrc.m.kubectl.org | https://nvcr.io | Nvidia |
| https://elastic.m.kubectl.org | https://docker.elastic.co | Elastic |
| https://jfrog.m.kubectl.org | https://releases-docker.jfrog.io | Jfrog |
Docker Configuration
Before configuring Docker, make sure /-/access/test returns allowed for your current network.
Edit /etc/docker/daemon.json:
vim /etc/docker/daemon.jsonBasic (recommended)
{
"registry-mirrors": [
"https://docker.kubectl.org"
]
}Full list
{
"registry-mirrors": [
"https://docker.m.kubectl.org",
"https://k8s.m.kubectl.org",
"https://quay.m.kubectl.org",
"https://ghcr.m.kubectl.org",
"https://gcr.m.kubectl.org",
"https://mvcr.m.kubectl.org",
"https://nvcr.m.kubectl.org",
"https://jfrog.m.kubectl.org"
]
}Save the file and restart Docker:
sudo systemctl restart dockerDocker Hub usage and limits
Reference link Docker Hub usage and limits
The following table provides an overview of the included usage and limits for each user type, subject to fair use:
| User type | Pull rate limit per 6 hours | Number of public repositories | Number of private repositories |
|---|---|---|---|
| Business (authenticated) | Unlimited | Unlimited | Unlimited |
| Team (authenticated) | Unlimited | Unlimited | Unlimited |
| Pro (authenticated) | Unlimited | Unlimited | Unlimited |
| Personal (authenticated) | 200 | Unlimited | Up to 1 |
| Unauthenticated users | 100 per IPv4 address or IPv6 /64 subnet | Not applicable | Not applicable |
For more details, see Pull usage and limits.
Fair use
When utilizing the Docker Platform, users should be aware that excessive data transfer, pull rates, or data storage can lead to throttling, or additional charges. To ensure fair resource usage and maintain service quality, we reserve the right to impose restrictions or apply additional charges to accounts exhibiting excessive data and storage consumption.
Abuse rate limit
Docker Hub has an abuse rate limit to protect the application and infrastructure. This limit applies to all requests to Hub properties including web pages, APIs, and image pulls. The limit is applied per IPv4 address or per IPv6 /64 subnet, and while the limit changes over time depending on load and other factors, it's in the order of thousands of requests per minute. The abuse limit applies to all users equally regardless of account level.
You can differentiate between the pull rate limit and abuse rate limit by looking at the error code.
The abuse limit
returns a simple 429 Too Many Requests response. The pull limit returns a longer error message
that includes a link to
documentation.