DEV Community

Kader Khan
Kader Khan

Posted on

2

Local Docker Registry Setup Guide

Prerequisites

  • Make sure your machine has public IP associate with itself
  • Ensure you have sudo privileges on your system.
  • Update your system's package list and upgrade existing packages.

Step 1: Install Docker and Docker Compose

  1. Update Your System:
   sudo apt update && sudo apt upgrade -y
Enter fullscreen mode Exit fullscreen mode
  1. Install Docker:
   sudo apt install -y docker.io
   sudo systemctl enable --now docker
Enter fullscreen mode Exit fullscreen mode
  1. Add User to Docker Group:
   sudo usermod -aG docker $USER
   newgrp docker
Enter fullscreen mode Exit fullscreen mode
  1. Verify Docker Installation:
   docker --version
Enter fullscreen mode Exit fullscreen mode

Step 2: Run a Local Docker Registry

  1. Run the Registry:
   docker run -d -p 5000:5000 --name registry --restart always registry:2
Enter fullscreen mode Exit fullscreen mode
  1. Verify the Registry is Running:
   curl http://localhost:5000/v2/
Enter fullscreen mode Exit fullscreen mode
  1. Check Available Registry Images:
   curl http://localhost:5000/v2/_catalog
Enter fullscreen mode Exit fullscreen mode

Step 3: Secure the Registry with Authentication

  1. Create Authentication Credentials:
   sudo mkdir -p /etc/docker/registry
   sudo chmod 777 /etc/docker/registry
Enter fullscreen mode Exit fullscreen mode
  1. Install Apache Utilities (htpasswd):
   sudo apt update
   sudo apt install -y apache2-utils
Enter fullscreen mode Exit fullscreen mode
  1. Generate Credentials:
   htpasswd -Bbn <username> <password> > /etc/docker/registry/htpasswd
Enter fullscreen mode Exit fullscreen mode
  1. Login to the Private Registry:
   docker login localhost:5000
Enter fullscreen mode Exit fullscreen mode

Step 4: Secure the Registry with SSL/TLS

  1. Install Certbot for SSL Certificates:
   sudo apt install -y certbot
Enter fullscreen mode Exit fullscreen mode
  1. Generate an SSL Certificate:
   sudo certbot certonly --standalone -d-<your_domain_name>
Enter fullscreen mode Exit fullscreen mode
  1. Run the Registry with SSL & Authentication:

At First Stop the running registry

   docker stop registry && docker rm registry
Enter fullscreen mode Exit fullscreen mode

Then run the registry again with

   docker run -d -p 5000:5000 --name registry --restart always \
   -v /etc/docker/registry:/auth \
   -v /etc/letsencrypt:/certs \
   -e "REGISTRY_AUTH=htpasswd" \
   -e "REGISTRY_AUTH_HTPASSWD_REALM=<your_realm>" \
   -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
   -e "REGISTRY_HTTP_TLS_CERTIFICATE=/certs/live/<domain>/fullchain.pem" \
   -e "REGISTRY_HTTP_TLS_KEY=/certs/live/<domain>/privkey.pem" \
   registry:2
Enter fullscreen mode Exit fullscreen mode
  1. Test Secure Connection:
   curl -k -u <user>:'<password>' https://<domain>:5000/v2/
Enter fullscreen mode Exit fullscreen mode

Troubleshooting

If you encounter any issues, run the following commands to adjust permissions:

sudo chmod -R 755 /etc/letsencrypt/
sudo chmod -R 755 /etc/letsencrypt/live/
sudo chmod -R 644 /etc/letsencrypt/live/<domain>/*
sudo chmod -R 644 /etc/letsencrypt/archive/<domain>/*
sudo chmod 640 /etc/docker/registry/htpasswd
sudo chown root:docker /etc/docker/registry/htpasswd
Enter fullscreen mode Exit fullscreen mode

AWS Q Developer image

Your AI Code Assistant

Automate your code reviews. Catch bugs before your coworkers. Fix security issues in your code. Built to handle large projects, Amazon Q Developer works alongside you from idea to production code.

Get started free in your IDE

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay