Setup a Private Docker Registry in Rocky Linux 8

Share on Social Media

Learn how to set up a private Docker registry on Rocky Linux 8. This comprehensive guide covers installation, configuration, and security best practices to help you manage your Docker images efficiently. #centlinux #linux #docker

What is a Docker Registry?

A Docker registry is a centralized repository where Docker images are stored, managed, and distributed. It acts as a version control system for Docker images, allowing developers to push (upload) and pull (download) images to and from the registry. Here are the key components and functionalities of a Docker registry:

  1. Storage of Images: A registry stores different versions of Docker images, which are essentially packaged applications or services that include everything needed to run them (code, runtime, libraries, environment variables, etc.).
  2. Image Distribution: It enables the distribution of Docker images across different environments, such as development, testing, and production. Developers can pull images from the registry to run them on their local machines or other servers.
  3. Version Control: The registry maintains different versions of images, allowing teams to track changes and roll back to previous versions if necessary.
  4. Namespace and Tagging: Images in a registry are organized by namespaces (usually the username or organization name) and tags (specific versions or variants of an image), making it easy to manage and identify them.
  5. Access Control and Security: A registry can be configured with access controls to ensure that only authorized users can push or pull images. It can also be secured with TLS/SSL to encrypt communications.
  6. Automation and CI/CD Integration: Registries integrate with Continuous Integration and Continuous Deployment (CI/CD) pipelines, facilitating automated testing and deployment of Docker images.

The most commonly used public Docker registry is Docker Hub, which provides a large collection of publicly available images. However, organizations often set up private Docker registries to have more control over their images, improve security, and reduce dependency on external services.

What is Private Docker Registry?

Docker creates containers from Docker images. These images are provided by Docker Hub, a centralized public registry that contains various official and unofficial images of almost every software in the world. However, there are situations, when you require an on-premises Docker Private Registry to create and share custom docker images amongst your organizational units.

Docker Private Registry has a few advantages over Docker Hub, some of them are:

  • Since, the Docker Registry is located on premises, therefore it increases availability and speed.
  • Organization’s private images are kept within the Organization.
  • Provides user authentication to restrict unauthorized access.
  • Provides SSL based encryption for better security.

Here, we are using the Docker Engine CE to configure a Private Docker Registry. Therefore, it is advised that you should read Docker Deep Dive (PAID LINK) for some basic level understanding of Docker technology.

Recommended Online Training: Docker & Kubernetes: The Practical Guide [AWS Platform]

5242980 5479 3show?id=oLRJ54lcVEg&offerid=1486687.391975262644213658097558&bids=1486687

Environment Specification

We are using a minimal Rocky Linux 8 virtual machine with following specifications.

  • CPU – 3.4 Ghz (2 cores)
  • Memory – 2 GB
  • Storage – 20 GB
  • Operating System – Rocky Linux 8.6 (Green Obsidian)
  • Hostname – docker-01.centlinux.com
  • IP Address – 192.168.116.128 /24

Updating Linux Software Packages

We are using the same Linux based Docker Server that we have configured in our previous installation guide.

By using a ssh client, connect with docker-01.centlinux.com as root user.

Refresh yum cache of your Linux server.

# dnf makecache
Rocky Linux 8 - AppStream                       1.9 kB/s | 4.8 kB     00:02
Rocky Linux 8 - BaseOS                          1.0 kB/s | 4.3 kB     00:04
Rocky Linux 8 - Extras                          974  B/s | 3.5 kB     00:03
Rocky Linux 8 - Extras                          2.7 kB/s |  11 kB     00:03
Docker CE Stable - x86_64                       5.0 kB/s | 3.5 kB     00:00
Metadata cache created.

Execute following command to update Linux software packages.

# dnf update -y

Check the Linux Kernel and Operating System versions.

# uname -r
4.18.0-372.13.1.el8_6.x86_64

# cat /etc/system-release
Rocky Linux release 8.6 (Green Obsidian)

Check the version of Docker that is being used in this article.

# docker version
Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:03:11 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:01:29 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 runc:
  Version:          1.1.2
  GitCommit:        v1.1.2-0-ga916309
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Setup Private Docker Registry on Rocky Linux 8

List the locally available Docker images in your server.

# docker images
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE

Docker Hub provides an image for Docker Registry.

You can download it and use to create your self hosted docker registry.

Pull the registry image from Docker Hub.

# docker pull registry
Using default tag: latest
latest: Pulling from library/registry
2408cc74d12b: Pull complete
ea60b727a1ce: Pull complete
c87369050336: Pull complete
e69d20d3dd20: Pull complete
fc30d7061437: Pull complete
Digest: sha256:bedef0f1d248508fe0a16d2cacea1d2e68e899b2220e2258f1b604e1f327d475
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest

Create a directory to use as a consistent storage for Docker Containers.

# mkdir -p /opt/docker/containers/docker-registry/registry

Start the Docker Container with following command.

# docker run -d 
> --name docker-registry 
> --restart=always 
> -p 5000:5000 
> -v /opt/docker/containers/docker-registry/registry:/var/lib/registry 
> registry
826777fa276a49f117e0b6300b036bc3f84ae5aa0a27e124a5a4a20c0c13b3e0

The service port 5000/tcp of Registry container is mapped with 5000/tcp of Docker host.

Therefore, you have to allow this service port in Linux firewall, so the network machines can access it.

# firewall-cmd --permanent --add-port=5000/tcp
success
# firewall-cmd --reload
success

Now, pull an image from Docker Hub. 

We prefer to pull Alpine Linux image, because it is smaller in size.

# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
2408cc74d12b: Already exists
Digest: sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest

Now, tag the alpine image as follows, and make it ready to add into your Docker Private Registry.

# docker tag alpine:latest localhost:5000/alpine

Push the Alpine Linux image into Docker Local Registry.

# docker push localhost:5000/alpine
The push refers to repository [localhost:5000/alpine]
2408cc74d12b: Pushed
latest: digest: sha256:686d8c9dfa6f3ccfc8230bc3178d23f84eeaf7e457f36f271ab1acc53015037c size: 527

Get the list the locally available images of Alpine Linux.

# docker images | grep alpine
alpine                  latest    e66264b98777   5 weeks ago   5.53MB
localhost:5000/alpine   latest    e66264b98777   5 weeks ago   5.53MB

You can see that, one image is available from Docker Hub while the other is available via your Docker Private Registry.

Read Also: How to run Docker in Docker (DinD) Container

Final Thoughts

Setting up a private Docker registry on Rocky Linux 8 ensures that you have complete control over your Docker images, enhancing security and efficiency in your development workflow. If you need expert assistance or want a customized solution, feel free to check out my services on Fiverr.

Leave a Comment