Setting up a private Docker registry

1st October 2017 (3 years ago)

It is pretty easy to run your own private Docker registry - of course there's a Docker image for it!

In the following steps I'm assuming the volume you'll be mounting to your registry is located at /volumes/registry.

Firstly create a username/password combination that you'll use when you push and pull images.

htpasswd -c -B /volumes/registry/htpasswd YOUR_USERNAME

You then want to create the file /volumes/registry/config.yml as below. Enter your own email address to use with Let's Encrypt.

version: 0.1
log:
  fields:
    service: registry
storage:
  cache:
    blobdescriptor: inmemory
  filesystem:
    rootdirectory: /var/lib/registry
http:
  addr: :443
  headers:
    X-Content-Type-Options: [nosniff]
  tls:
    letsencrypt:
      cachefile: /etc/docker/letsencrypt-cache-file
      email: you@example.com
auth:
  htpasswd:
    realm: basic-realm
    path: /etc/docker/registry/htpasswd
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3

You're now ready to run the image, mounting the files we created above and listening on the required ports.

docker run -d -p 5000:5000 -p 443:443 --restart always --name registry -v /volumes/registry/config.yml:/etc/docker/registry/config.yml -v /volumes/registry/htpasswd:/etc/docker/registry/htpasswd registry:2

Configure any DNS records you need to point to this machine. The examples below use example.com for our domain.

Using the registry from your local machine

Login (only needs to be run once):

docker login example.com

Build and tag the Docker image:

docker build -t example.com/YOUR_REPO_NAME .

Push:

docker push example.com/YOUR_REPO_NAME