Docker Registry
Docker Registry
Description
Previously I had a post about using Nexus to act as a mirror for Docker Hub. This post is going to show you how to do the same thing with Docker Registry. Registry can only act as a Docker repository unlike Nexus that can do so much more. The goal of this post is to have an ssl secured repository setup. Here is the code related to that installation.
Registry Installation
Registry is really easy to use if you set it up using Docker. I will be using docker-compose. First we need to build the image used by docker-compose. Run the following to build the image.
docker-compose build
With the image built we only need to start it up.
docker-compose up -d
This image will generate new self-signed certs every time it starts. This removes the requirement of editing a daemon.json file for docker. Feel free to review the Dockerfile and the docker-compose.yml. The code is pretty straight-forward except for the auto generating self-signed certs.
Pulling An Image
A login is not required because there is no auth section in the config I have supplied. I like this more for this use case because it’s just a mirror and not a full repository. On a private repository I would add auth, but in this case we are good to leave it. I have noticed that if there is not a user in the image name from docker hub you will need to prepend library/ to the image name to pull it. Here is an example running on the same host that has registry running.
docker pull localhost:5000/library/postgres:latest
Again, like last time, we can time this process over multiple pulls to check the timings.
dan@ubuntu:~/git/danstechjourney$ time docker pull localhost:5000/library/postgres:latest
latest: Pulling from library/postgres
c229119241af: Already exists
3ff4ca332580: Already exists
5037f3c12de6: Already exists
0444ef779945: Already exists
47098a4166e7: Already exists
203cca980fab: Already exists
a479b6c0e001: Already exists
1eaa9abe8ca4: Already exists
cad613328fe3: Pull complete
1ce5087aacfa: Pull complete
b133d2355caa: Pull complete
b2694eb85faf: Pull complete
503b75e1e236: Pull complete
Digest: sha256:e3d8179786b8f16d066b313f381484a92efb175d1ce8355dc180fee1d5fa70ec
Status: Downloaded newer image for localhost:5000/library/postgres:latest
localhost:5000/library/postgres:latest
real 1m7.313s
user 0m0.028s
sys 0m0.035s
dan@ubuntu:~/git/danstechjourney$ docker rmi localhost:5000/library/postgres:latest
Untagged: localhost:5000/library/postgres:latest
Untagged: localhost:5000/library/postgres@sha256:e3d8179786b8f16d066b313f381484a92efb175d1ce8355dc180fee1d5fa70ec
Deleted: sha256:1ee973e26c6564a04b427993f47091cd3ae4d5156fbd46d331b17a8e7ab45d39
Deleted: sha256:866bef4726ecf3cd0b2abd000e1b022772414813065443c074659ad46b67aa03
Deleted: sha256:3cebb1476dfe502b329db37a56c18f4a480f0e1c57264c6f152ecddd6b7ca680
Deleted: sha256:ce747a7950f2069863d5381c804fc70fd13e10a6d7e43b5b942c3ee8dc8aa935
Deleted: sha256:f5226c8a9394d1411d45665bfb457c5cd8210be8483aeba5e05c401706761799
Deleted: sha256:30b8de76ee27e1f9c5d230a400dbb11485638f2bb1cc388db58471c5fb23c958
dan@ubuntu:~/git/danstechjourney$ time docker pull localhost:5000/library/postgres:latest
latest: Pulling from library/postgres
c229119241af: Already exists
3ff4ca332580: Already exists
5037f3c12de6: Already exists
0444ef779945: Already exists
47098a4166e7: Already exists
203cca980fab: Already exists
a479b6c0e001: Already exists
1eaa9abe8ca4: Already exists
cad613328fe3: Pull complete
1ce5087aacfa: Pull complete
b133d2355caa: Pull complete
b2694eb85faf: Pull complete
503b75e1e236: Pull complete
Digest: sha256:e3d8179786b8f16d066b313f381484a92efb175d1ce8355dc180fee1d5fa70ec
Status: Downloaded newer image for localhost:5000/library/postgres:latest
localhost:5000/library/postgres:latest
real 0m2.707s
user 0m0.026s
sys 0m0.012s
That is a huge improvement! No login required for the mirror so this is much more seamless.
Final Thoughts
Docker Registry allows you to quickly setup a docker mirror or private registry. In this post I went over how to create a mirror fast with docker-compose. The timings are great on the mirror too which makes something like this incredibly useful whether at work or at home. Ensure to lock down the repo if needed where you use it through firewall rules.