Debian 9 Stretch
Sponsored Link

Docker : Use Docker-Registry
2017/08/03
 
Install Docker-Registry to build Private Registry for Docker images.
This example is based on the case to use self-signed certificates.
[1]
On The Host which Docker-Registry Container runs, Create SSL Certificates, refer to here.
This example is based on the case that SSL certificates are made under the [/etc/ssl/private] and set the [Common Name] as [dlp.srv.world].
[2] Copy to locate Certificates and pull Registry Image (v2).
Container Images are located under [/var/lib/regstry] on Registry v2 Container, so map to mount [/var/lib/docker/registry] on parent Host for Registry Container to use as Persistent Storage.
root@dlp:~#
mkdir -p /etc/docker/certs.d/dlp.srv.world:5000

root@dlp:~#
cp -p /etc/ssl/private/server.crt /etc/ssl/private/domain.crt

root@dlp:~#
cp -p /etc/ssl/private/server.key /etc/ssl/private/domain.key

root@dlp:~#
cp -p /etc/ssl/private/server.crt /etc/docker/certs.d/dlp.srv.world:5000/ca.crt
root@dlp:~#
docker pull registry:2

root@dlp:~#
mkdir /var/lib/docker/registry

root@dlp:~#
docker run -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
-v /etc/ssl/private:/certs \
-v /var/lib/docker/registry:/var/lib/registry \
registry:2
root@dlp:~#
docker ps

CONTAINER ID IMAGE      COMMAND           CREATED        STATUS        PORTS                   NAMES
4769f313b190 registry:2 "/entrypoint..."  5 seconds ago  Up 5 seconds  0.0.0.0:5000->5000/tcp  mode..
[3] For pushing local Image to Registry Container server, set like follows.
# list images on Registry container

root@dlp:~#
curl -k https://localhost:5000/v2/_catalog

{"repositories":[]}
root@dlp:~#
docker images

REPOSITORY              TAG                 IMAGE ID            CREATED             SIZE
storage                 latest              e5f465d60931        2 hours ago         1.13MB
web_server              latest              d6df7acdc0e3        2 hours ago         296MB
srv.world/deb_apache2   latest              8efc6944bf8d        2 days ago          219MB
debian                  latest              a20fd0d59cf1        10 days ago         100MB
registry                2                   751f286bc25e        2 weeks ago         33.2MB
busybox                 latest              efe10ee6727f        2 weeks ago         1.13MB

# set a tag and push

root@dlp:~#
docker tag debian dlp.srv.world:5000/debian_reg

root@dlp:~#
docker push dlp.srv.world:5000/debian_reg

The push refers to a repository [dlp.srv.world:5000/debian_reg]
cf4ecb492384: Pushed
latest: digest: sha256:40506065be119bfc51093a65bf0123147cd2af72c767168dafdcb2d131f72e4d size: 529
root@dlp:~#
docker images

REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
storage                         latest              e5f465d60931        2 hours ago         1.13MB
web_server                      latest              d6df7acdc0e3        2 hours ago         296MB
srv.world/deb_apache2           latest              8efc6944bf8d        2 days ago          219MB
dlp.srv.world:5000/debian_reg   latest              a20fd0d59cf1        10 days ago         100MB
debian                          latest              a20fd0d59cf1        10 days ago         100MB
registry                        2                   751f286bc25e        2 weeks ago         33.2MB
busybox                         latest              efe10ee6727f        2 weeks ago         1.13MB

root@dlp:~#
curl -k https://localhost:5000/v2/_catalog

{"repositories":["debian_reg"]}
[4] For getting images from Registry Container server on a Docker node, set like follows.
# get certificates from Registry Container

root@node01:~#
mkdir -p /etc/docker/certs.d/dlp.srv.world:5000

root@node01:~#
cd /etc/docker/certs.d/dlp.srv.world:5000

root@node01:/etc/docker/certs.d/dlp.srv.world:5000#
scp dlp.srv.world:"/etc/docker/certs.d/dlp.srv.world:5000/ca.crt" ./
root@node01:~#
docker pull dlp.srv.world:5000/debian_reg

Using default tag: latest
latest: Pulling from debian_reg
Digest: sha256:40506065be119bfc51093a65bf0123147cd2af72c767168dafdcb2d131f72e4d
Status: Downloaded newer image for dlp.srv.world:5000/debian_reg:latest
root@node01:~#
docker images

REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
dlp.srv.world:5000/debian_reg   latest              a20fd0d59cf1        10 days ago         100MB
debian                          latest              a20fd0d59cf1        10 days ago         100MB
 
Tweet