DEV Community

Cover image for Docker Registry Management

Posted on

7 1 1 1 1

Docker Registry Management


A Docker registry is a place to store Docker images. There are two types of Docker registries

  • Private registry
  • Public registry

Docker Hub is a popular public registry, but organizations often prefer to use their own private registry to store and manage their images as it provides more control over image access and security.

Docker registry management involves pushing and pulling images from a registry, as well as managing access control, security, and versioning. To facilitate these tasks, various Docker registry management tools are available, such as Docker Trusted Registry, Harbor, and JFrog Artifactory

πŸ‘‰ In this post, I will be testing Docker-Hub repository, Nexus Repository and then apply GitHub actions to build an image automatically (CI)

Hands on Docker-Hub

πŸ’‘ If you don't have a dockerhub ID, you can refer to the steps mentioned over here

After logging in to our account in Docker hub, we need to head to 'repositories' and select 'create repository'


Creating a private repository


Once the repository is created, we can confirm the repository name


Now back to our Linux terminal. I will be working on a new directory

mkdir /DockerFile_Root
cd /DockerFile_Root

Enter fullscreen mode Exit fullscreen mode

Creating a simple test index.html file

cat "Test" > index.html

Enter fullscreen mode Exit fullscreen mode

Creating a Dockerfile

vi Dockerfile

FROM nginx:latest
LABEL maintainer "Author <>"
ADD index.html /usr/share/nginx/html

Enter fullscreen mode Exit fullscreen mode

Building this dockerfile

docker build -t mynginx:v1 ./

Successfully built a367f58de111
Successfully tagged mynginx:v1

Enter fullscreen mode Exit fullscreen mode

Logging in to my docker hub

docker login
Login Succeeded

Enter fullscreen mode Exit fullscreen mode

Pushing the image to our docker hub repository

docker tag mynginx:v1 waji97/myrepo:v1
docker push waji97/myrepo:v1

Enter fullscreen mode Exit fullscreen mode

Deleting the local images and tags

docker rmi mynginx:v1
docker rmi waji97/myrepo:v1

Enter fullscreen mode Exit fullscreen mode

Checking the repository from dockerhub


Now we can start a docker container on our local machine using this image from our dockerhub

docker run -d --name Mynginx_1 -p 80:80 waji97/myrepo:v1
Unable to find image 'waji97/myrepo:v1' locally
v1: Pulling from waji97/myrepo
Status: Downloaded newer image for waji97/myrepo:v1

Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ We can see that it pulled from my repository

Checking the docker process and images

docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED              STATUS              PORTS                NAMES
c3eeab8e250c        waji97/myrepo:v1    "/docker-entrypoint.…"   About a minute ago   Up About a minute>80/tcp   Mynginx_1

docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
waji97/myrepo       v1                  a367f58de111        10 minutes ago      142MB

Enter fullscreen mode Exit fullscreen mode

We can also visit our nginx server


Hands on Nexus Repository

Nexus repository is a popular open-source repository manager developed by Sonatype. Nexus provides storing & managing software components, access control and integration with tools like Jenkins and Docker.

It was mainly used with Java projects and the repositories were accessible by an WEB UI. We will be using Nexus repository to build a private image repository using docker format.

There are three types of nexus repository:

  • Hosted: a private repository within a company (uploads are only possible locally)
  • Proxy: mirrors remote repositories (cache)
  • Group: groups various types of repositories together


πŸ‘‰ Before starting the hands on, I recommend turning off swap memory using swapoff -a

We will start by creating a volume

docker volume create nexus_volume

Enter fullscreen mode Exit fullscreen mode

Next we will change the ownership for the data directory for this volume

chown 200:200 /var/lib/docker/volumes/nexus_volume/_data/

Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ We need to change this as not changing this could possibly incur push/pull errors later

Pulling the nexus image

docker pull sonatype/nexus3:latest

Enter fullscreen mode Exit fullscreen mode

Now, we will create a new container for our nexus repo

docker run -d --name Nexus -p 8081:8081 -p 5000-5001:5000-5001 -v nexus_volume:/nexus-data sonatype/nexus3

Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ I would recommend to have atleast 3GBs of RAM in your host system for the above to actually run

docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                                      NAMES
9c68a0f95437        sonatype/nexus3     "/opt/sonatype/nexus…"   3 seconds ago       Up 1 second>5000-5001/tcp,>8081/tcp   Nexus

Enter fullscreen mode Exit fullscreen mode

Now we need to copy the password from

cat /var/lib/docker/volumes/nexus_volume/_data/admin.password 

Enter fullscreen mode Exit fullscreen mode

πŸ‘‰ Copy the password that is displayed

Navigating to the Nexus Repo Manager via our browser and logging in as 'admin' user


This will trigger a new 'change password' wizard. We can change our admin account password using this wizard

From settings, we will navigate to 'Blob Stores'


Creating a new blob to use as docker-registry


Now heading to "Repositories" and clicking on "Create repository"


We need to select 'docker(hosted)' from here and set up as following


After creating the above repository, we need to create another one named 'docker(proxy)'



Finally we will create our 'docker(group)' repository as well


Adding all the members to our group


Now from the "Security" section, we will navigate to Realms


Adding the "Docker Bearer Token Realm"


πŸ‘‰ Going back to our Linux terminal

We will add the following to our daemon JSON file

vi /etc/docker/daemon.json

"insecure-registries" : ["", ""]

Enter fullscreen mode Exit fullscreen mode

πŸ’‘ We had to add this as Nexus supports HTTPS but we are using HTTP

Reloading the daemon and restarting docker

systemctl daemon-reload
systemctl restart docker

docker start Nexus

Enter fullscreen mode Exit fullscreen mode

Now we can pull a test image for our nexus repository

docker pull
Using default tag: latest
latest: Pulling from hello-world
Status: Downloaded newer image for

Enter fullscreen mode Exit fullscreen mode

To confirm if this image was downloaded,


We will perform another test by tagging our existing 'alpine' image to our nexus repository

docker tag alpine

Enter fullscreen mode Exit fullscreen mode

Logging in to our repository

docker login
Login Succeeded

Enter fullscreen mode Exit fullscreen mode

Pushing the tagged image to our repository

docker push
The push refers to repository []
7cd52847ad77: Pushed 

# Logging out
docker logout

Enter fullscreen mode Exit fullscreen mode

Confirming this push from the WEB UI


Hands on GitHub actions (CI)

GitHub Actions is a powerful CI/CD tool for automating software development workflows. It allows developers to automate tasks, build, test, and deploy code directly from GitHub.

  • Workflows are defined in YAML format and consist of Events and Jobs.
  • Events are triggers that execute a workflow.
  • Events can be configured to trigger on actions such as a push to a repository.
  • Workflows can contain multiple Jobs.
  • When multiple Jobs are present, parallel execution is the default behavior.
  • A Runner is required to execute Jobs and is typically a container.

✨ WorkFlow:-

  • Workflow: The entire workspace for building, deploying, and testing.
  • Event: The trigger for a Workflow to run (when it executes).
  • Job: The unit of work in a Workflow.
  • Step: Defines the sequence of tasks that a Job should perform.
  • Action: A pre-defined function (library) that performs a specific task. Runner: A containerized instance used to execute a Workflow.

Github Actions

πŸ‘‰ I will be doing a short hands on in which we will use Github actions to automatically create a docker image and push it to the dockerhub repository

From GitHub, we need to create a new repository for testing Github actions


Now from DockerHub


Now we will navigate to "My profile" => "Edit Profile" => "Security"


From this section, we will create a new access token with Read, Write and Delete permissions


πŸ‘‰ Going back to Github

From our repository, we will head to settings and select


We will make 2 new secrets, one contains your DockerHub username and the other should contain the Access Token that we created from Dockerhub


Now from our Github repository, we will create a new Dockerfile and also add a test html file


We will head to "Actions" and setup our custom workflow


My workflow YAML file looks like this


πŸ‘‰ This file will build an image and push it automatically to Dockerhub using Dockerfile present in the Github repository's main branch

Upon committing this file, we will have a new workflows folder in our repository


We can also check our actions section


To test if this actually worked, we will go to our Dockerhub repository

πŸ‘‰ Dockerhub test repository


We will test this image from our Linux Terminal now

Creating a container using our image from Dockerhub

docker login

docker run -d --name Mynginx_1 -p 80:80 waji97/testrepo:latest
latest: Pulling from waji97/testrepo
Status: Downloaded newer image for waji97/testrepo:latest

Enter fullscreen mode Exit fullscreen mode

Testing from the browser


πŸ‘‰ We will now try changing our index.html file from Github and commit so that Github actions can actually integrate this automatically

Upon committing the changes, we will be able to see a new workflow


Now from the Linux System, we will delete the container and the image.

After deleting the current image, we will pull the latest image from our Dockerhub repository and create a new container using the image to check our results


✨ This is Continuous Integration


In conclusion, managing a Docker registry is an essential aspect of containerization. Dockerhub, Nexus Repository, and Github Actions CI are three popular options for Docker registry management, each with their own advantages and limitations βœ”


Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More