CentOS Stream 10
Sponsored Link

Docker : Use Registry2025/08/08
 

Install Docker-Registry to build Private Registry for Docker images.

[1] Pull the Registry image and run it.
Container Images are located under [/var/lib/regstry] on Registry v2 Container,
so map to mount [/var/lib/docker/registry] on parent Host for Registry Container to use as Persistent Storage.
[root@dlp ~]#
docker pull registry

[root@dlp ~]#
mkdir /var/lib/docker/registry

[root@dlp ~]#
docker run -d -p 5000:5000 \
-v /var/lib/docker/registry:/var/lib/registry \
registry 
1f32cbc393d726b5f9b9ccd71216a17d6e759ef8a98ebc522df7739d48833bd6
[root@dlp ~]#
docker ps 

CONTAINER ID   IMAGE      COMMAND                  CREATED          STATUS          PORTS                                         NAMES
1f32cbc393d7   registry   "/entrypoint.sh /etc..."   15 seconds ago   Up 15 seconds   0.0.0.0:5000->5000/tcp, [::]:5000->5000/tcp   serene_haslett
# if Firewalld is running, allow ports

[root@dlp ~]#
firewall-cmd --add-port=5000/tcp

[root@dlp ~]#
firewall-cmd --runtime-to-permanent
# to use the Registry from Docker Client Hosts, set like follows

[root@client ~]#
vi /etc/docker/daemon.json
# create new or add
# add Hosts you allow HTTP connection (default is HTTPS)

{
  "insecure-registries":
    [
      "docker.internal:5000",
      "dlp.srv.world:5000"
    ]
}
[root@client ~]#
systemctl restart docker
[root@client ~]#
docker images 

REPOSITORY               TAG        IMAGE ID       CREATED          SIZE
root-web                 latest     5bc6e8e3f1a9   13 minutes ago   345MB
srv.world/centos-httpd   latest     134889cd315b   38 minutes ago   351MB
srv.world/centos-nginx   latest     b587aa926cbf   46 minutes ago   345MB
quay.io/centos/centos    stream10   02ae49ff109e   7 weeks ago      306MB
[root@client ~]#
docker tag quay.io/centos/centos:stream10 dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker push dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker images 

REPOSITORY                  TAG        IMAGE ID       CREATED          SIZE
root-web                    latest     5bc6e8e3f1a9   14 minutes ago   345MB
srv.world/centos-httpd      latest     134889cd315b   39 minutes ago   351MB
srv.world/centos-nginx      latest     b587aa926cbf   47 minutes ago   345MB
dlp.srv.world:5000/centos   stream10   02ae49ff109e   7 weeks ago      306MB
quay.io/centos/centos       stream10   02ae49ff109e   7 weeks ago      306MB
[2] To enable Basic authentication, Configure like follows.
[root@dlp ~]#
dnf -y install httpd-tools
# add users for Registry authentication

[root@dlp ~]#
htpasswd -Bc /etc/containers/.htpasswd cent 

New password:
Re-type new password:
Adding password for user cent
[root@dlp ~]#
docker run --privileged -d -p 5000:5000 \
-v /var/lib/docker/registry:/var/lib/registry \
-v /etc/containers:/auth \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/.htpasswd \
-e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
registry
# login as a user you added above on a client

[root@client ~]#
docker login dlp.srv.world:5000 

Username: cent
Password:

WARNING! Your credentials are stored unencrypted in '/root/.docker/config.json'.
Configure a credential helper to remove this warning. See
https://docs.docker.com/go/credential-store/

Login Succeeded
[root@client ~]#
docker tag quay.io/centos/centos:stream10 dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker push dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker images 

REPOSITORY                  TAG        IMAGE ID       CREATED          SIZE
root-web                    latest     5bc6e8e3f1a9   20 minutes ago   345MB
srv.world/centos-httpd      latest     134889cd315b   45 minutes ago   351MB
srv.world/centos-nginx      latest     b587aa926cbf   54 minutes ago   345MB
dlp.srv.world:5000/centos   stream10   02ae49ff109e   7 weeks ago      306MB
quay.io/centos/centos       stream10   02ae49ff109e   7 weeks ago      306MB
[3] This is for the case you set valid certificate like Let's Encrypt and enable HTTPS connection.
This example is based on that certificate were created under the [/etc/letsencrypt] directory.
[root@dlp ~]#
docker run --privileged -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem \
-e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem \
-v /etc/letsencrypt/live/dlp.srv.world:/certs \
-v /var/lib/docker/registry:/var/lib/registry \
registry
# verify to push to Registry

[root@client ~]#
docker tag quay.io/centos/centos:stream10 dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker push dlp.srv.world:5000/centos:stream10

[root@client ~]#
docker images 

REPOSITORY                  TAG        IMAGE ID       CREATED          SIZE
root-web                    latest     5bc6e8e3f1a9   23 minutes ago   345MB
srv.world/centos-httpd      latest     134889cd315b   48 minutes ago   351MB
srv.world/centos-nginx      latest     b587aa926cbf   56 minutes ago   345MB
dlp.srv.world:5000/centos   stream10   02ae49ff109e   7 weeks ago      306MB
quay.io/centos/centos       stream10   02ae49ff109e   7 weeks ago      306MB
Matched Content