CentOS 8
Sponsored Link

Podman : Use Registry2019/10/11

 
Install Registry to build Private Registry for Podman images.
Pull the Registry image and run it. Container images are located under [/var/lib/regstry] on Registry v2 Container,
so map to mount [/var/lib/containers/registry] on parent Host for Registry Container to use as Persistent Storage.
[1] Configure Registry.
This is for the case to use HTTP and no authentication.
[root@dlp ~]#
podman pull registry:2

[root@dlp ~]#
mkdir /var/lib/containers/registry

# if SELinux is [Enforcing], add [--privileged] option

[root@dlp ~]#
podman run --privileged -d -p 5000:5000 \
-v /var/lib/containers/registry:/var/lib/registry \
registry:2
[root@dlp ~]#
podman ps

CONTAINER ID  IMAGE                         COMMAND               CREATED             STATUS                 PORTS                   NAMES
8d7425252c9c  docker.io/library/registry:2  /etc/docker/regis...  About a minute ago  Up About a minute ago  0.0.0.0:5000->5000/tcp  trusting_mahavira

# if Firewalld is running, allow ports

[root@dlp ~]#
firewall-cmd --add-port=5000/tcp --permanent

[root@dlp ~]#
firewall-cmd --reload
# verify to push to Registry from localhost

# for HTTP connection, add [--tls-verify=false] option

[root@dlp ~]#
podman tag centos dlp.srv.world:5000/centos:latest

[root@dlp ~]#
podman push dlp.srv.world:5000/centos:latest --tls-verify=false

Getting image source signatures
.....
.....
Writing manifest to image destination
Storing signatures

[root@dlp ~]#
podman images

REPOSITORY                  TAG     IMAGE ID      CREATED       SIZE
docker.io/library/registry  2       5c4008a25e05  3 weeks ago   26.8 MB
registry.centos.org/centos  latest  2f3766df23b6  3 months ago  217 MB
dlp.srv.world:5000/centos   latest  2f3766df23b6  3 months ago  217 MB
[2] To enable Basic authentication, Configure like follows.
[root@dlp ~]#
dnf -y install httpd-tools
# add users for Registry authentication

[root@dlp ~]#
htpasswd -Bc /etc/containers/.htpasswd cent

New password:
Re-type new password:
Adding password for user cent

[root@dlp ~]#
podman run --privileged -d -p 5000:5000 \
-v /var/lib/containers/registry:/var/lib/registry \
-v /etc/containers:/auth \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/.htpasswd \
-e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
registry:2
# login as a user you added above

[root@dlp ~]#
podman login dlp.srv.world:5000 --tls-verify=false

Username: cent
Password:
Login Succeeded!

[root@dlp ~]#
podman tag centos dlp.srv.world:5000/centos2:latest

[root@dlp ~]#
podman push dlp.srv.world:5000/centos2:latest --tls-verify=false

[root@dlp ~]#
podman images

REPOSITORY                  TAG     IMAGE ID      CREATED       SIZE
docker.io/library/registry  2       5c4008a25e05  3 weeks ago   26.8 MB
registry.centos.org/centos  latest  2f3766df23b6  3 months ago  217 MB
dlp.srv.world:5000/centos   latest  2f3766df23b6  3 months ago  217 MB
dlp.srv.world:5000/centos2  latest  2f3766df23b6  3 months ago  217 MB
[3] This is for the case you set valid certificate like Let's Encrypt and enable HTTPS connection.
This example is based on that certificate were created under the [/etc/letsencrypt] directory.
[root@dlp ~]#
podman run --privileged -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem \
-e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem \
-v /etc/letsencrypt/live/dlp.srv.world:/certs \
-v /var/lib/containers/registry:/var/lib/registry \
registry:2
# verify to push to Registry

[root@node01 ~]#
podman tag centos dlp.srv.world:5000/centos3:latest

[root@node01 ~]#
podman push dlp.srv.world:5000/centos3:latest

[root@node01 ~]#
podman images

REPOSITORY                  TAG     IMAGE ID      CREATED       SIZE
docker.io/library/registry  2       5c4008a25e05  3 weeks ago   26.8 MB
registry.centos.org/centos  latest  2f3766df23b6  3 months ago  217 MB
dlp.srv.world:5000/centos   latest  2f3766df23b6  3 months ago  217 MB
dlp.srv.world:5000/centos2  latest  2f3766df23b6  3 months ago  217 MB
Matched Content