Deploying a Private Docker Registry

Private Docker Registry with SSL and basic auth, includes a docker-compose.yml file Posted by Joost Faassen on 2016-04-11

This is a short summary of Deploying a registry server from the official Docker documentation

Observations:

Example docker-compose.yml

registry:
  container_name: registry
  restart: always
  image: registry:2
  ports:
    - 5000:5000
  volumes:
    - "/storage/registry/data:/var/lib/registry"
    - "/storage/registry/certs:/certs"
    - "/storage/registry/auth:/auth"
  environment:
    - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/example.com.crt
    - REGISTRY_HTTP_TLS_KEY=/certs/example.com.key
    - REGISTRY_AUTH=htpasswd
    - REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm
    - REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd

This requires a /storage/registry directory on the Docker host, with the following sub-directories

Creating the htpasswd file

Initialy, I tried using apache's htpasswd -c tool to create the htpasswd file. For some reason the created file didn't work (auth failed) with the docker registry.

So instead, follow the guide, and use the included htpasswd entrypoint:

docker run --entrypoint htpasswd registry:2 -Bbn myusername mypasswd > htpasswd

This will create a valid htpasswd file that you can copy to the docker host, in the auth/ directory.

Running the server

Simply run:

docker-compose up

Loging in

Before you can push images to a private registry, you need to login from your client machine.

Use the following command:

docker login registry.example.com:5000

Pushing images

After loging in, you can push images to the private registry like this:

docker pull ubuntu
docker tag ubuntu registry.example.com:5000/myfirstimage
docker push registry.example.com:5000/myfirstimagestorage

Using alternative backend storage drivers

The earlier docker-compose.yml uses standard host-based storage. This works as long as the storage volume is limited, but you may have good reasons to an alternative storage backend such as Amazon S3, Azure, Swift, Google Cloud Storage, etc.

For more information, click here

Further reading