Set Up a Private Docker Registry (Insecure) on Ubuntu 18.04 — Part 1
Docker Registry is an application that manages storing and delivering Docker container images. Registries centralize container images and reduce build times for developers.
For example, rather than installing dependencies and packages separately to use Docker, developers can download a compressed image from a registry that contains all of the necessary components. Furthermore, developers can automate pushing images to a registry using continuous integration tools.
Docker also has a free public registry, Docker Hub, that can host your custom Docker images, but there are situations where you will not want your image to be publicly available. Images typically contain all the code necessary to run an application, so using a private registry is preferable when using proprietary software.
Setting up Insecure Docker Private Registry -
Download docker registry official image -
# docker pull registry# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql latest be0dbf01a0f3 3 days ago 541MB
rabbitmq latest 8323c1c9f182 2 weeks ago 156MB
ubuntu latest 1d622ef86b13 7 weeks ago 73.9MB
registry latest 708bc6af7e5e 4 months ago 25.8MB
Run a Registry container -
# docker container run -d -p 5000:5000 — name simple_registry registryVerify the current images available in the local registry -
# curl 127.0.0.1:5000/v2/_catalog
{“repositories”:[]}Lets push our first image to our own local docker repository -
# docker image tag nginx:latest 127.0.0.1:5000/nginx:latest# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1:5000/nginx latest 2622e6cca7eb 2 days ago 132MB
rabbitmq latest 8323c1c9f182 2 weeks ago 156MB
ubuntu latest 1d622ef86b13 7 weeks ago 73.9MB
registry latest 708bc6af7e5e 4 months ago 25.8MB# docker image push 127.0.0.1:5000/nginx:latest# curl 127.0.0.1:5000/v2/_catalog
{“repositories”:[“nginx”]}
Now you can delete all the nginx images and disconnect the internet and try to pull the image from local registry.
# docker image pull 127.0.0.1:5000/nginx:latest
latest: Pulling from nginx
8559a31e96f4: Already exists
8d69e59170f7: Pull complete
3f9f1ec1d262: Pull complete
d1f5ff4f210d: Pull complete
1e22bfa8652e: Pull complete
Digest: sha256:0efad4d09a419dc6d574c3c3baacb804a530acd61d5eba72cb1f14e1f5ac0c8f
Status: Downloaded newer image for 127.0.0.1:5000/nginx:latest
127.0.0.1:5000/nginx:latestDocker only allows secure registry server. It allows 127.0.0.0:8 as an exception.
# docker pull rabbitmq
Using default tag: latest
latest: Pulling from library/rabbitmq
23884877105a: Pull complete
bc38caa0f5b9: Pull complete
Digest: sha256:8582a00a4fd9ab9554985647d3482be95b3efa092c4ad3353e77c8fb9a84fefc
Status: Downloaded newer image for rabbitmq:latest
docker.io/library/rabbitmq:latest# docker image tag rabbitmq:latest 172.42.42.200:5000/rabbitmq:latest# docker image push 172.42.42.200:5000/rabbitmq:latest
The push refers to repository [172.42.42.200:5000/rabbitmq]
Get https://172.42.42.200:5000/v2/: http: server gave HTTP response to HTTPS client
To allow a different CIDR or network to push images to local registry server -
Create a file and allow local host and copy it to /etc/docker location.
# cat daemon.json
{
“insecure-registries” : [“172.42.42.200:5000”]
}# cp daemon.json /etc/docker/# systemctl restart docker
# docker container start simple_registry
simple_registry# docker image push 172.42.42.200:5000/rabbitmq:latest
The push refers to repository [172.42.42.200:5000/rabbitmq]
4d3d749f079a: Pushed
d10ad0d977c1: Pushed
aa30735fd969: Pushed
d48b30e2dc2b: Pushed
b5864ea389b7: Pushed
7b16483de61e: Pushed
latest: digest: sha256:adb6d9abb49783002971073f03f0dc6b713021a5f6e8866058a52e9e2437476e size: 2410# curl 127.0.0.1:5000/v2/_catalog
{“repositories”:[“nginx”,”rabbitmq”]}
NOTE:
Though it is always advised to create a SECURE DOCKER REPOSITORY with user Authentication enabled. That we will learn in next tutorial.
Hope you like the tutorial. Please let me know your feedback in the response section.
Happy learning!
