Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / operating-systems / Linux
 

Docker Private Registry on CentOS

0.00/5 (No votes)
18 Feb 2019CPOL1 min read 5.2K  
Docker Private registry on CentOS

Introduction

Most IT companies won't provide Internet facility to production systems, but Docker hub needs internet and it is less secure (available to all). In order to secure our Docker images, we have to save Images locally in a Private Docker Registry.

When we have a large number of docker hosts in our environment, creating our own Private Docker Registry within internal network helps us to manage images from a private server without the need to provide internet access to docker clients.

Required

  • Docker Registry Host: k8s-master.com
  • Client: k8s-client.com
  • Operating system: CentOS
  • Docker Version: 18.06
  • Internet: Required on Registry server to pull images from Docker hub

Note: Docker setup is mandatory on both Docker Registry and client machines For Docker Private Registry.

Private Docker Registry Setup

  1. Create a directory and place your TTL certificates in that directory if you don't have TTL Certificates, create SSL certificate to secure our Docker private registry: 
    mkdir -p /data/certs
cp domain.crt domain.key /data/certs/ 
openssl req \
  -newkey rsa:4096 -nodes -sha256 -keyout /data/certs/domain.key \
  -x509 -days 365 -out /data/certs/domain.crt (if you don't have original TTL Certificates).
  2. Create a directory to store Docker images: 
    mkdir -p /data/images
  3. Run Docker registry container in docker host machine: 
     docker run -d -p 6000:5000 \
-v /data/images:/var/lib/registry \
-v /data/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
--restart on-failure \
--name registry \
docker.io/registry
  4. Check the Docker registry container status on Host machine and the listening port in linux: 
    docker ps
netstat -tulpn | grep 6000
  5. Pull images from Docker hub and push them to private Docker hub: 
    docker pull nginx 
docker tag nginx localhost:6000/nginx
  6. Verify the Docker images pushed to private registry: 
    ll data/images/docker/registry/v2/repositories/
  7. Copy the TTL Certificates from host machine to client machines: 
    scp -r /data/certs/* <IP-Addr-Clent>:/root/

Operations Required on Client Machine

  1. Docker client to use our TTL/SSL certificate. 
    mkdir -p /etc/docker/certs.d/k8s-master.com:6000/
cp -rf /root/tcsmkrishi.crt /etc/docker/certs.d/k8s-master.com:6000/
  2. Pull the image from docker private registry and use it. 
    docker pull k8s-master.com:6000/nginx
docker push k8s-master.com:6000/nginx

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Permalink

Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Article Copyright 2019 by Member 14151270
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-10-20:1