a blog by Sara Farquharson

Virtual Party Space Devlog #20: Docker registries

Today I dug deeper into how Docker works to resolve some error messages, and then started learning about Let’s Encrypt.


  • struggled with running docker compose up due to “authentication failed” message, so I took a multiple-hour detour into how docker registries work
    • NOTE: when you get this error it probably means your image doesn’t exist in an “acceptable” registry (doesn’t matter if you can see it locally)
    • existing images were possibly resolving to wrong hash from docker.io, maybe deploying wrong version?
    • solution: create ECR registry, add all locally built images to it
  • use docker rmi to remove unnecessary images
  • docker “Pool overlaps with other one on this address space” error or being unable to delete things in Docker Desktop indicates you have ghost docker networks, need to prune
  • load balancing ref

Let’s Encrypt time!

  • enabled flag in environment variables, quickly got an API timeout
  • ECS by default has a “Desired count” of 1, so containers keep spawning and re-running the erroneous encrypt script
    • to prevent this, update the service to “number of tasks” 0. Will automatically reset on next Cloudformation update
  • jitsi web host uses acme.sh to do lets encrypt keys in init script
  • tried alternatives to standalone mode…nginx/webroot, still always get failure
    • lets encrypt requires healthy server responding on port 80
    • problem is this init script also creates the nginx config files, and if LETS_ENCRYPT flag is true, nginx can’t start without keys. Chicken & egg

About this series

Back in mid-December I started an ambitious project to create a custom platform for a virtual birthday party in February. I kept notes on my progress, both for personal reference and to turn into a series of blog posts. It quickly became apparent that I did not have time to both do the project and blog about the project. I have retroactively decided to post my raw notes as a dev log.