Click here to Skip to main content
15,868,151 members
Articles / Operating Systems / Linux
Tip/Trick

Docker Private Registry on CentOS

Rate me:
Please Sign up or sign in to vote.
0.00/5 (No votes)
18 Feb 2019CPOL1 min read 5K   1   2
Docker Private registry on CentOS

Introduction

Most IT companies won't provide Internet facility to production systems, but Docker hub needs internet and it is less secure (available to all). In order to secure our Docker images, we have to save Images locally in a Private Docker Registry.

When we have a large number of docker hosts in our environment, creating our own Private Docker Registry within internal network helps us to manage images from a private server without the need to provide internet access to docker clients.

Required

  • Docker Registry Host: k8s-master.com
  • Client: k8s-client.com
  • Operating system: CentOS
  • Docker Version: 18.06
  • Internet: Required on Registry server to pull images from Docker hub

Note: Docker setup is mandatory on both Docker Registry and client machines For Docker Private Registry.

Private Docker Registry Setup

  1. Create a directory and place your TTL certificates in that directory if you don't have TTL Certificates, create SSL certificate to secure our Docker private registry:
    mkdir -p /data/certs
    cp domain.crt domain.key /data/certs/ 
    openssl req \
      -newkey rsa:4096 -nodes -sha256 -keyout /data/certs/domain.key \
      -x509 -days 365 -out /data/certs/domain.crt (if you don't have original TTL Certificates).
  2. Create a directory to store Docker images:
    mkdir -p /data/images 
  3. Run Docker registry container in docker host machine:
     docker run -d -p 6000:5000 \
    -v /data/images:/var/lib/registry \
    -v /data/certs:/certs \
    -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
    -e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
    --restart on-failure \
    --name registry \
    docker.io/registry
  4. Check the Docker registry container status on Host machine and the listening port in linux:
    docker ps
    netstat -tulpn | grep 6000
  5. Pull images from Docker hub and push them to private Docker hub:
    docker pull nginx 
    docker tag nginx localhost:6000/nginx
  6. Verify the Docker images pushed to private registry:
    ll data/images/docker/registry/v2/repositories/
  7. Copy the TTL Certificates from host machine to client machines:
    scp -r /data/certs/* <IP-Addr-Clent>:/root/

Operations Required on Client Machine

  1. Docker client to use our TTL/SSL certificate.
    mkdir -p /etc/docker/certs.d/k8s-master.com:6000/
    cp -rf /root/tcsmkrishi.crt /etc/docker/certs.d/k8s-master.com:6000/
  2. Pull the image from docker private registry and use it.
    docker pull k8s-master.com:6000/nginx
    docker push k8s-master.com:6000/nginx

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
India India
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

 
PraiseDocker private registry Pin
Member 1415623819-Feb-19 19:44
Member 1415623819-Feb-19 19:44 
Answerthank you so much Pin
cosmetic-tour18-Feb-19 22:25
cosmetic-tour18-Feb-19 22:25 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.