How to Setup Docker Private Registry on CentOS 7.x / RHEL 7.x
Abstract: [[email protected] ~]# Now download the Container image using beneath command [[email protected] ~]# docker pull docker-repo.example.com[[email protec
Whenever we install Docker on CentOS or RHEL Servers Docker public Registry is enabled so when we run ‘docker pull‘ or ‘docker search‘ command it will go to Docker public registry (Docker Hub) and will fetch the required container images. But it is not idea to fetch the Docker container images from public registry when you are using Docker in an organization, for the best practice we should have our own private Docker registry or repository. Docker Registry or repository is a place where Docker container images are stored.
In this article I will demonstrate how to setup our own Docker private registry on CentOS 7.x / RHEL 7.x. I will be using three CentOS 7.x Servers and assuming docker is already installed and its service is up and running on all three servers. Below are the details of my three servers:
- docker-repo.example.com { 192.168.0.60} -> It will act as my Docker private Registry Server
- dkengine1.example.com { 192.168.0.70} -> On this Server Docker admins and developers will create their own container images either with dockerfile or with compose and then they will upload these images to their own docker private registry server (docker-repo.example.com) with docker push command
- dkengine2.example.com { 192.168.0.80} -> On this Server we will download docker container images from our own private registry server with ‘docker pull‘ command
Note : Update the /etc/hosts file in case DNS server is not configured so that servers can be reachable with their respective hostname or dns name.
192.168.0.60 docker-repo.example.com docker-repo 192.168.0.70 dkengine1.example.com dkengine1 192.168.0.80 dkengine2.example.com dkengine2
Perform the following steps to setup our own Docker Private Registry as per above discussed scenario
Step:1 Download and start registry Container on your private registry serverLogin to the server which you want to configure as Docker Private Registry Server, in my case it is 「docker-repo.example.com」 . I am assuming Docker package is already installed on it and its service is up and running. In case Docker is not installed please refer the below
- How to install Docker on CentOS 7.x
Next task is to start the program or script which will configure and make your server as Registry Server. That Program or script is started by running a docker registry container. Let’s first download the registry container using beneath command
[[email protected] ~]# docker pull registry
Once the image is downloaded verify which commands will be executed when we start registry container image.
[[email protected] ~]# docker history registry
Now start the registry container using below command
[[email protected] ~]# docker run -dit -p 5000:5000 --name registry registry bf8e703b0149211bb923beeb042f8e656bf407b21646f101eb58e0acd4409c24 [[email protected] ~]#
Above Command will start the registry container with name registry and also we set the patting rule so that if any request comes to ‘docker-repo.example.com‘ on 5000 port then request will be redirected to registry container on 5000 port.
[[email protected] ~]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES bf8e703b0149 registry "/entrypoint.sh /e..." 5 minutes ago Up 5 minutes 0.0.0.0:5000->5000/tcp registry [[email protected] ~]#
Note: In case firewall is enabled on your private registry server then open 80 port using the following command
[[email protected] ~]# firewall-cmd --permanent --add-port=80/tcp success [[email protected] ~]# firewall-cmd --reload success [[email protected] ~]#Step:2 Create Docker Container Image and upload it to Private Registry Server
Let’s assume I have build Ubuntu 16.04 docker container image with Dockerfile on ‘dkengine1.example.com‘. In Case you are not familiar with dockerfile then refer the below :
- How to build Docker Container Images with Dockerfile
We can upload a container image to the registry server with 「docker push」 command but before start uploading it we have make two changes
1 Make sure the image name is created with format 「servername:portnumber/imagename:tags「. By default docker pull command will try to upload the image in public registry and if we create image name with format mentioned above then docker pull command will upload it to the server mentioned in the image name. so in my case server name would be 「docker-repo.example.com」
To change the name of docker image use docker tag command, example is shown below
[[email protected] ~]# docker tag ubuntu:16.04 docker-repo.example.com:5000/ubuntu:16.04 [[email protected] ~]#
2 Change the docker push https connection to http. Whenever we use ‘docker push’ command it will try to make https connection to the registry server but in case of private registry server setup, it accepts only http connection from the client(dkengine1.example.com)
Edit the file 「/usr/lib/systemd/system/docker.service」 and change the parameter
ExecStart=/usr/bin/dockerd
to
ExecStart=/usr/bin/dockerd –insecure-registry docker-repo.example.com:5000
Reload daemon service and restart Docker service
[[email protected] ~]# systemctl daemon-reload [[email protected] ~]# systemctl restart docker [[email protected] ~]#
Now upload the image to private registry server using beneath command
[[email protected] ~]# docker push docker-repo.example.com:5000/ubuntu:16.04 The push refers to a repository [docker-repo.example.com:5000/ubuntu] 56827159aa8b: Pushed 440e02c3dcde: Pushed 29660d0e5bb2: Pushed 85782553e37a: Pushed 745f5be9952c: Pushed 16.04: digest: sha256:6b079ae764a6affcb632231349d4a5e1b084bece8c46883c099863ee2aeb5cf8 size: 1357 [[email protected] ~]#Step:3 Download Docker Container image from Private Registry Server
Login to ‘dkengine2.example.com’ server and use ‘docker pull’ command to download container image from your private registry server. By default docker pull command also makes https connection with registry server but our private registry accepts only http connection.
Edit the file 「/usr/lib/systemd/system/docker.service」 and change the parameter
ExecStart=/usr/bin/dockerd
to
ExecStart=/usr/bin/dockerd –insecure-registry docker-repo.example.com:5000
Reload daemon service and restart docker service
[[email protected] ~]# systemctl daemon-reload ; systemctl restart docker [[email protected] ~]#
Now download the Container image using beneath command
[[email protected] ~]# docker pull docker-repo.example.com:5000/ubuntu:16.04 16.04: Pulling from ubuntu fec6b243e075: Pull complete 190e0e9a3e79: Pull complete 0d79cf192e4c: Pull complete 38398c307b51: Pull complete 356665655a72: Pull complete Digest: sha256:6b079ae764a6affcb632231349d4a5e1b084bece8c46883c099863ee2aeb5cf8 Status: Downloaded newer image for docker-repo.example.com:5000/ubuntu:16.04 [[email protected] ~]#
Now verify the image with ‘docker images‘ command
[[email protected] ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE docker-repo.example.com:5000/ubuntu 16.04 0ef2e08ed3fa 3 weeks ago 130 MB [[email protected] ~]#
That’s all from this article. I hope you guys got an idea how to setup own Docker Private Registry Server. If you like this article please don’t hesitate to share ?