Docker: Create your own private Docker registry

By | October 24, 2016

Docker is a nice low-cost virtualization solution that is more and more popular.
A very nice use case is to use it to create images of enterprise systems, images that can be used for testing without having to bother to delete databases and reinitialize testing environment. You just simply have to fire up another set of containers and your test environment starts again in a predefined set.

The problem in using the default infrastructure is due to security concerns. I do not want to upload company sensitive data to the public docker.io repository.
In the next steps I am going to show how to install and use a simple local docker register.

Step 1: Get the registry docker image

Docker registry can be very easy deployed from a ready available docker image itself. Search the docker.io global repository for the image “registry:2”
Fetch the image on the local system.

STEP 2: Add a new local private registry

Start a new docker registry container. This will start a simple registry with no security enabled.

$ docker run -d -p 5000:5000 -v $HOME/registry:/var/lib/registry registry:2

STEP 3: Allow the local docker daemon to access insecure registries

Edit on client the docker config file. On Fedora/RedHat/CentOS edit /etc/sysconfig/docker and add at the end of the file:


INSECURE_REGISTRY='--insecure-registry 10.0.0.245:5000' 

In new versions of docker > 1.12, Create or modify /etc/docker/daemon.json


{ "insecure-registries":["10.0.0.245:5000"] }

where 10.0.0.245 is my local IP under which the custom registry will be accessible.

Restart docker daemon to activate the above configuration change.

 service docker restart 

STEP 4: Tag and push local images to the new registry

List the existing images:

 
# docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
docker.io/postgres           latest              f91e27f33f26        9 days ago          263.8 MB
docker.io/registry           2                   541a6732eadb        9 days ago          33.27 MB
docker.io/mtuanp/glassfish   latest              46d7536ed8af        7 months ago        700 MB

Tag local images to the new registry. Note the name used must correspond to the fully qualified name of the registry resources.

 
# docker tag postgres 10.0.0.245:5000/postgres
# docker tag demo 10.0.0.245:5000/demo

List the existing images after tagging. Note that now the tagged images have two aliases,

 
# docker images
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
10.0.0.245:5000/postgres     latest              f91e27f33f26        4 days ago          263.8 MB
docker.io/postgres           latest              f91e27f33f26        9 days ago          263.8 MB
docker.io/registry           2                   541a6732eadb        9 days ago          33.27 MB
10.0.0.245:5000/demo         latest              46d7536ed8af        7 months ago        700 MB
docker.io/mtuanp/glassfish   latest              46d7536ed8af        7 months ago        700 MB

Push the docker images to the new registry.

 
# docker push 10.0.0.245:5000/postgres
The push refers to a repository [10.0.0.245:5000/postgres]
13309175bebc: Pushed 
f5a1e6b07efe: Mounted from postgres 
43988ba6118f: Mounted from postgres 
9e5b8222d901: Mounted from postgres 
51bd5a3a4e97: Mounted from postgres 
2d3580ed25cf: Mounted from postgres 
57655c1c901b: Mounted from postgres 
0df5ee6f45b1: Mounted from postgres 
70df7c5241b7: Mounted from postgres 
dd30fd70f347: Mounted from postgres 
73c4fa66091a: Mounted from postgres 
142a601d9793: Mounted from postgres 
latest: digest: sha256:673ce41a6d5aabc3b4e66471db6382adf7399a9b384bf33372db74c439943d08 size: 2801

# docker push 10.0.0.245:5000/demo
The push refers to a repository [10.0.0.245:5000/demo]
a92c06ee234f: Pushed 
b0aba84ddb59: Mounted from demo 
20f085509075: Mounted from demo 
3d57c68de034: Mounted from demo 
5f70bf18a086: Mounted from demo 
1ebdc7db829d: Mounted from demo 
30e8d17937e7: Mounted from demo 
867d7eaf330f: Mounted from demo 
0a533a9b15d6: Mounted from demo 
1976b08e9302: Mounted from demo 
f34d5ba459d6: Mounted from demo 
b22f38604eb8: Mounted from demo 
162da15b5454: Mounted from demo 
4badccf8a533: Mounted from demo 
ddef881aeaff: Mounted from demo 
latest: digest: sha256:fe8810fc932edc5718c841b915a8fec6554b5702fdc9565256077bdceb9646dc size: 5931

To connect to the new registry just login from any local client, no user/password required, just enter some info.

docker login http://10.0.0.245:5000
Advertisements

6 thoughts on “Docker: Create your own private Docker registry

  1. Andrei Avram

    You should encourage SSL, we have letsencrypt now, it’s easy to get a free certificate.

    Reply
  2. George Voina

    I will give it a try. I use the described registry only for a small test setup. I plan to have a server deploy soon using some proper “enterprise” repository setup. Thank you for the suggestion.

    Reply
  3. Derek E. Weeks

    Another option you might consider is using an open source application like Nexus Repository. Nexus is purpose built to manage artifacts required for builds and deployments, and can also act as a proxy to Docker Hub and other private warehouses. In addition to serving as a private Docker registry, you can use it to store other artifacts needed by Dev and Ops teams. You can read more about this at http://www.sonatype.com/docker

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.