Docker Registry is a centralized application that can be used to store your images and share them with other users. The private registry gives you full control to protect your images. You can also use Docker Hub to store your images, but these images will be public and anyone can access them.
In this tutorial, we will show you how to set up your own private Docker registry on Ubuntu 20.04.
Step 1 – Setup Hostname Resolution
First, you will need to set up the hostname resolution on both the registry server and the client machine so that they can communicate with each other using the hostname.
You set up it by editing /etc/hosts file on both server and client machine:
nano /etc/hosts
Add the following lines:
your-server-ip registry-server your-client-ip registry-client
Save and close the file when you are finished.
Step 2 – Install Docker
Next, you will need to install Docker on both the server and client machines. By default, the latest version of Docker is not available in the Ubuntu 20.04 default repository, so you will need to add the Docker repository in your system.
First, install the required dependencies with the following command:
apt-get install apt-transport-https ca-certificates curl software-properties-common curl -y
After installing all dependencies, import the Docker GPG key using the following command:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
Next, add the Docker CE official repository to the APT source file with the following command:
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release - cs) stable"
Once the repository has been added, you will need to update the repository cache. You can update it with the following command:
apt-get update -y
Once your repository is up-to-date, run the following command to install the latest version of Docker CE to your system.
apt-get install docker-ce -y
Once the installation is completed, you can verify the installed version of Docker CE by running the following command:
docker --version
You should get the following output:
Docker version 19.03.13, build 4484c46d9d
At this point, Docker CE is installed on both the registry server and the client machine.
Step 3 – Install and Configure Registry Server
Next, you will need to install and configure the registry server on the server machine.
First, download the registry image from the Docker hub with the following command:
docker pull registry
You should get the following output:
Using default tag: latest
latest: Pulling from library/registry cbdbe7a5bc2a: Pull complete 47112e65547d: Pull complete 46bcb632e506: Pull complete c1cc712bcecd: Pull complete 3db6272dcbfa: Pull complete Digest: sha256:8be26f81ffea54106bae012c6f349df70f4d5e7e2ec01b143c46e2c03b9e551d Status: Downloaded newer image for registry:latest docker.io/library/registry:latest
By default, Docker uses a secure connection over TLS to upload and download the images, so you will need to create a self-signed certificate for the registry server.
First, create a directory to store the certificates:
mkdir /etc/certs
Next, change the directory to the /etc/certs and generate a self-signed certificate with the following command:
cd /etc/certs openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt
Provide all details as shown below to generate the certificate:
Generating a RSA private key ....................................++++ ......++++ writing new private key to 'ca.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields, there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:IN State or Province Name (full name) [Some-State]:GUJ Locality Name (eg, city) []:JUNAGADH Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT Organizational Unit Name (eg, section) []:IT Common Name (e.g. server FQDN or YOUR name) []:registry-server Email Address []:[email protected]
Once the certificate is generated, start the registry container from the downloaded image using the self-signed certificate with the following command:
docker run -d -p 5000:5000 --restart=always --name registry -v /etc/certs:/etc/certs -e REGISTRY_HTTP_TLS_CERTIFICATE=/etc/certs/ca.crt -e REGISTRY_HTTP_TLS_KEY=/etc/certs/ca.key registry
Next, verify the running container by running the following command:
docker ps
You should get the following output:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 90f4155f3926 registry "/entrypoint.sh /etc…" 4 seconds ago Up 2 seconds 0.0.0.0:5000->5000/tcp registry
At this point, your registry server is installed and running.
Step 4 – Create a Custom Image on Registry Client
For this tutorial, we will download Ubuntu 20.04 server image on the client machine, create a new container, install the Apache server inside the container, build the new image and upload this image to the registry server.
First, download the Ubuntu 20.04 server image and create a container with the following command:
docker container run -it ubuntu:20.04 /bin/bash
This will download the Ubuntu 20.04 image from the Docker hub, create a new container, and attach it to the bash shell:
Unable to find image 'ubuntu:20.04' locally 20.04: Pulling from library/ubuntu 6a5697faee43: Already exists ba13d3bc422b: Already exists a254829d9e55: Already exists Digest: sha256:fff16eea1a8ae92867721d90c59a75652ea66d29c05294e6e2f898704bdb8cf1 Status: Downloaded newer image for ubuntu:20.04 root@ee2cc97397fb:/#
Next, run the following command to update the system and install the apache webserver:
root@ee2cc97397fb:/#apt-get update -y root@ee2cc97397fb:/#apt-get install apache2 -y
Next, exit from the running container with the following command:
root@ee2cc97397fb:/#exit
Next, you will need to rename or tag the Ubuntu 20.04 image in “registryserver:portnumber/image name:tag” format.
You can tag it with the following command:
docker tag ubuntu:20.04 registry-server:5000/ubuntu:apachev1.0
Next, verify your new image with the following command:
docker images
You should get the following output:
REPOSITORY TAG IMAGE ID CREATED SIZE ubuntu 20.04 d70eaf7277ea 13 days ago 72.9MB registry-server:5000/ubuntu apachev1.0 d70eaf7277ea 13 days ago 72.9MB
Step 5 – Upload New Image to Registry Server
First, you will need to create a new certificate directory on the client machine and copy the ca.crt file from the registry server:
First, create a cert directory with the following command:
mkdir -p /etc/docker/certs.d/registry-server:5000
Next, copy the ca.crt file from the registry server to the client machine:
scp root@registry-server:/etc/certs/ca.crt /etc/docker/certs.d/registry-server:5000/
Next, restart the Docker service to use this certificate:
systemctl restart docker
Next, upload your newly created image to the registry server with the following command:
docker push registry-server:5000/ubuntu:apachev1.0
You should get the following output:
The push refers to repository [registry-server:5000/ubuntu]
cc9d18e90faa: Pushed 0c2689e3f920: Pushed 47dde53750b4: Pushed apachev1.0: digest: sha256:1d7b639619bdca2d008eca2d5293e3c43ff84cbee597ff76de3b7a7de3e84956 size: 943
Conclusion
Congratulations! You have successfully set up the Docker registry server and client on Ubuntu 20.04. You can now download and upload your own customized images to and from the registry server. Give it a shot on dedicated server hosting from Atlantic.Net!