Docker private registry with Authentication| Standalone

Dylan Hunt
Apr 20, 2019 · 4 min read
Image for post
Image for post

What?

Docker registry - It is a server that stores the Docker images for distribution. One can pull the images from registry to local or can push the locally build images to server for reuse in different servers or for different teams. We can simply compare the Docker registry with GitHub in its usage. Here we’re pushing the code along with its dependency in a Docker image format.

You should use the Registry if you want to:

  • tightly control where your images are being stored
  • fully own your images distribution pipeline
  • integrate image storage and distribution tightly into your in-house development workflow

Why ?

Security - If you’re going to build it for a public use or if it is one of your side project it is OK to use the default Docker Hub for storing your images. Which by default is visible to everyone in the internet. But what if it is one of your organizations project? or it is having a code which shouldn't be accessed by anyone other than few authorized people. Well you cannot keep more than one image in private if you’re using free Docker Hub account.

While we have 100’s of servers already running behind our applications it is wise to use one of them for our need here to store and retrieve the images instantly.

Running registries in a container mode is a de-facto instructions you’ll get if you search for it. But I often wonder why people going over that procedure while they can do a standalone one much easier and efficient than that. You need to go over lots of hustles to make a perfect registry in a container mode say for example to persist its volume to disc or to have authentication enabled or to up and running 24x7 even after a unknown server restart etc.

How?

We are going to install a package called docker-distribution in our server which acts as a private registry for us in a server. It is also one of the official method from Docker itself.

For Debian and Ubuntu distributions

For RHEL and CentOS

After the installation of package the configuration and commands are pretty much same for all the distributions

We need to create a directory where the images will be stored securely. Lets say we’ll create a directory under root (/) directory as sources and another one as registry within it.

Lets create a password file with list of users we need. We can add users in the same file in future also if needed. We need htpasswd utility to create a encrypted passwords using known hashes. If it is not preset in your server it can be downloaded by below command.

Lets create a directory to store the password file within our registry directory.

To create a encrypted password with bcrypt encryption which is highly secured and recommended one among all other hashing use the below command. We need to provide the directory location with file name where encrypted password will be stored. Here the last parameter is a username which is user defined one. Let’s call it as a admin user and enter the password when it prompts.

Once the password is generated we can view it using any text editor/viewer

Which looks something similar to the below one

Lets edit the docker-distribution configuration file to make use of our password file and custom directories for storing the Docker images

Then change the filesystem location and add the authentication configurations like below.

Once we changed the configs and saved the file execute the below command to start the docker-distribution service.

The above config file will start the service in default port which 5000 in our case. We can verify the service by browsing the below api

If everything is successfully configured you will be prompted to enter the username and password which is admin:admin in our case and able to see the list of repositories in JSON format

All our images pushing towards the registry will be stored in the /sources/registry directory which is also holds the auth file inside it. So making a periodic backup of the registry is also convenient here.

Happy sailing… adiós…

beovolytics

Beovolytics integrates software assembly lines into large…

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store