SLES 15
Sponsored Link

Docker : Use Docker-Registry
2019/01/22
 
Install Docker-Registry to build Private Registry for Docker images.
[1]
On The Host which Docker-Registry Container runs, Get SSL Certificates, refer to here.
This example is based on the case that SSL certificates are gotten under the [/etc/letsencrypt/live/dlp.srv.world] and set the [Common Name] as [dlp.srv.world].
[2] Copy to locate Certificates and pull Registry Image (v2). Container Images are located under [/var/lib/regstry] on Registry v2 Container, so map to mount [/var/lib/docker/registry] on parent Host for Registry Container to use as Persistent Storage.
dlp:~ #
mkdir -p /etc/docker/certs.d/dlp.srv.world:5000

dlp:~ #
cp -p /etc/letsencrypt/live/dlp.srv.world/cert.pem /etc/docker/certs.d/dlp.srv.world:5000/ca.crt
dlp:~ #
docker pull registry:2

dlp:~ #
mkdir /var/lib/docker/registry

dlp:~ #
docker run -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem \
-e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem \
-v /etc/letsencrypt/live/dlp.srv.world:/certs \
-v /var/lib/docker/registry:/var/lib/registry \
registry:2
961dc43953d657c6063b5ad2018d631f1957e2164fb39eec7fe59390e8ee5f35

dlp:~ #
docker ps

CONTAINER ID    IMAGE         COMMAND                  CREATED             STATUS           PORTS                    NAMES
961dc43953d6    registry:2    "/entrypoint.sh /etc…"   33 seconds ago      Up 32 seconds    0.0.0.0:5000->5000/tcp   naughty_babbage
[3] If Firewalld is running, allow mapped port.
dlp:~ #
firewall-cmd --add-port=5000/tcp --permanent

success
dlp:~ #
firewall-cmd --reload

success
[4] For pushing local Image to Registry Container server, set like follows.
# list images on Registry container

dlp:~ #
curl https://dlp.srv.world:5000/v2/_catalog

{"repositories":[]}
dlp:~ #
docker images

dlp:~ # docker images
REPOSITORY               TAG                 IMAGE ID            CREATED             SIZE
registry                 2                   116995fd6624        3 days ago          25.8MB
fedora                   latest              26ffec5b4a8a        5 days ago          274MB
busybox                  latest              3a093384ac30        3 weeks ago         1.2MB

# set a tag and push

dlp:~ #
docker tag fedora dlp.srv.world:5000/fedora_reg

dlp:~ #
docker push dlp.srv.world:5000/fedora_reg

The push refers to repository [dlp.srv.world:5000/fedora_reg]
6034e8155f9c: Pushed
latest: digest: sha256:352f9dc4edf5ef4c56fcc334fa68d225f617cfc994a4fa7ae9f03366aa6d1a99 size: 529
dlp:~ #
docker images

dlp:~ # docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
registry                        2                   116995fd6624        3 days ago          25.8MB
dlp.srv.world:5000/fedora_reg   latest              26ffec5b4a8a        5 days ago          274MB
fedora                          latest              26ffec5b4a8a        5 days ago          274MB
busybox                         latest              3a093384ac30        3 weeks ago         1.2MB

dlp:~ #
curl https://dlp.srv.world:5000/v2/_catalog

{"repositories":["fedora_reg"]}
[5] For getting images from Registry Container server on a Docker node, set like follows.
# get certificates from Registry Container

node01:~ #
mkdir /etc/docker/certs.d/dlp.srv.world:5000

node01:~ #
cd /etc/docker/certs.d/dlp.srv.world:5000

node01:/etc/docker/certs.d/dlp.srv.world:5000 #
scp dlp.srv.world:"/etc/docker/certs.d/dlp.srv.world:5000/ca.crt" ./
node01:~ #
docker pull dlp.srv.world:5000/fedora_reg

Using default tag: latest
Trying to pull repository dlp.srv.world:5000/fedora_reg ...
sha256:6fb84ba634fe68572a2ac99741062695db24b921d0aa72e61ee669902f88c187: Pulling from dlp.srv.world:5000/fedora_reg
565884f490d9: Pull complete
Digest: sha256:6fb84ba634fe68572a2ac99741062695db24b921d0aa72e61ee669902f88c187
Status: Downloaded newer image for dlp.srv.world:5000/fedora_reg:latest
node01:~ #
docker images

REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
dlp.srv.world:5000/fedora_reg   latest              c582c1438f27        8 weeks ago         254 MB
Matched Content
 
Tweet