Running Docker Registry

  • A private image registry for your network
  • Part of the docker/distribution GitHub repo
  • The de facto in private container registries
  • Not as full featured as Hub or others, no web UI, basic auth only
  • At its core: a web API and storage system, written in Go
  • Storage supports local, S3/Azure/Alibaba/Google Cloud, and OpenStack Swift
Registry and Proper TLS
  • "Secure by Default": Docker won't talk to registry without HTTPS
    • Except, localhost (127.0.0.0/8)
  • For remote self-signed TLS, enable "insecure-registry" in engine

Using Docker Registry Locally

  • If we want to preserve registry data we need to use bind mount or volume
~> docker container run -d -p 5000:5000 --name registry -v $(pwd)/registry-data:/var/lib/registry registry
4d56aa4d7f07378bf47aeee48979b07bf5b7608aa6b9a8ac662aa8d5de02f11e

~> docker image ls | egrep "REPOSITORY|registry"
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
registry                    latest              28525f9a6e46        2 weeks ago         33.2MB

~> docker pull hello-world
~> docker tag hello-world 127.0.0.1:5000/hello-world

~> docker image ls | egrep "REPOSITORY|hello"
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
hello-world                  latest              05a3bd381fc2        3 weeks ago         1.84kB
127.0.0.1:5000/hello-world   latest              05a3bd381fc2        3 weeks ago         1.84kB

~> docker push 127.0.0.1:5000/hello-world
The push refers to a repository [127.0.0.1:5000/hello-world]
3a36971a9f14: Preparing
3a36971a9f14: Pushed
latest: digest: sha256:a5074d61e1e0175fb3a46e0bab46b1f764380ad00cac0e71d53bd4917d196988 size: 524

~> docker image rm hello-world
Untagged: hello-world:latest
Untagged: [email protected]:b2ba691d8aac9e5ac3644c0788e3d3823f9e97f757f01d2ddc6eb5458df9d801

~> docker image rm 127.0.0.1:5000/hello-world
Untagged: 127.0.0.1:5000/hello-world:latest
Untagged: 127.0.0.1:5000/[email protected]:a5074d61e1e0175fb3a46e0bab46b1f764380ad00cac0e71d53bd4917d196988
Deleted: sha256:05a3bd381fc2470695a35f230afefd7bf978b566253199c4ae5cc96fafa29b37
Deleted: sha256:3a36971a9f14df69f90891bf24dc2b9ed9c2d20959b624eab41bbf126272a023

~> docker image ls | egrep "REPOSITORY|hello"
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE

~> docker pull 127.0.0.1:5000/hello-world
Using default tag: latest
latest: Pulling from hello-world
5b0f327be733: Pulling fs layer
5b0f327be733: Verifying Checksum
5b0f327be733: Download complete
5b0f327be733: Pull complete
Digest: sha256:a5074d61e1e0175fb3a46e0bab46b1f764380ad00cac0e71d53bd4917d196988
Status: Downloaded newer image for 127.0.0.1:5000/hello-world:latest

~> cd ./data && tree
data
└───docker
    └───registry
        └───v2
            ├───blobs
            │   └───sha256
            │       ├───20
            │       │   └───2075ac87b043415d35bb6351b4a59df19b8ad154e578f7048335feeb02d0f759
            │       ├───48
            │       │   └───48b5124b2768d2b917edcb640435044a97967015485e812545546cbed5cf0233
            │       └───98
            │           └───983bfa07a342e316f08afd066894505088de985d46a9af743920aa9cafd17e7a
            └───repositories
                └───hello-world
                    ├───_layers
                    │   └───sha256
                    │       ├───48b5124b2768d2b917edcb640435044a97967015485e812545546cbed5cf0233
                    │       └───983bfa07a342e316f08afd066894505088de985d46a9af743920aa9cafd17e7a
                    └───_manifests
                        ├───revisions
                        │   └───sha256
                        │       └───2075ac87b043415d35bb6351b4a59df19b8ad154e578f7048335feeb02d0f759
                        └───tags
                            └───latest
                                ├───current
                                └───index
                                    └───sha256
                                        └───2075ac87b043415d35bb6351b4a59df19b8ad154e578f7048335feeb02d0f759

Recap

  • Run the registry image (not preserve data)
docker container run -d -p 5000:5000 --name registry registry
  • Run the registry image (preserve data)
docker container run -d -p 5000:5000 --name registry -v $(pwd):/var/lib/registry registry
  • Re-tag an existing image and push it to your new registry
docker tag hello-world 127.0.0.1:5000/hello-world
docker push 127.0.0.1:5000/hello-world
  • Remove that image from local cache and pull it from new registry
docker image rm hello-world
docker image rm 127.0.0.1:5000/hello-world
docker pull 127.0.0.1:5000/hello-world

results matching ""

    No results matching ""