• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • Docker Registry is a software application that allows you to create and store your images within your organization.

    You can also create and upload your images on the Docker Hub public registry. But, these images become public, and anyone can access and use your images. So, it is recommended to use Docker private registry that allows you to control and protect your images.

    In this tutorial, I am going to explain how to set up a Docker private registry on Ubuntu 18.04.

    Requirements

    • Two Ubuntu servers with the root credentials
    • A static IP address on both servers

    Getting Started

    Before starting, you will need to configure hostname resolution on both systems. So, both system can communicate with each other by hostname.

    To do so, run the following command on both systems:

    echo "192.168.0.100 server" >> /etc/hosts
    echo "192.168.0.102 client" >> /etc/hosts

    Once you have finished, you can proceed to the next step.

    Install Docker

    Next, you will need to install Docker package on both systems. By default, Docker is not available in the Ubuntu 18.04 default repository. So, you will need to add them.

    First, install the required packages with the following command:

    apt-get install apt-transport-https software-properties-common ca-certificates curl -y

    Next, add the Docker repository with the following command:

    wget https://download.docker.com/linux/ubuntu/gpg 
    apt-key add gpg
    echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable" | tee /etc/apt/sources.list.d/docker.list

    Next, update the repository and install Docker with the following command:

    apt-get update -y
    apt-get install docker-ce -y

    Once the installation has been completed, check the status of docker with the following command:

    systemctl status docker

    You should see the following output:

    docker.service - Docker Application Container Engine
    Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
    Active: active (running) since Wed 2019-05-01 15:08:45 UTC; 7min ago
    Docs: https://docs.docker.com
    Main PID: 2658 (dockerd)
    Tasks: 8
    CGroup: /system.slice/docker.service
    └─2658 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

    Install Docker Registry Container

    First, you will need to install Registry container on your server system. You can do it by running the following command:

    docker pull registry

    Once the registry image has been downloaded, you should see the following output:

    Using default tag: latest
    latest: Pulling from library/registryc
    87736221ed0: Pull complete 
    1cc8e0bb44df: Pull complete 
    54d33bcb37f5: Pull complete 
    e8afc091c171: Pull complete 
    b4541f6d3db6: Pull complete 
    Digest: sha256:3b00e5438ebd8835bcfa7bf5246445a6b57b9a50473e89c02ecc8e575be3ebb5
    Status: Downloaded newer image for registry:latest

    Next, start the registry container with the following command:

    docker run -d -p 5000:5000 --restart=always --name registry registry

    You can see the running registry container with the following command:

    docker ps

    You should see the following output:

    CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
    4912e461745f registry "/entrypoint.sh /etc…" About a minute ago Up About a minute 0.0.0.0:5000->5000/tcp registry

    Create a Docker Container Image on the Client System

    Your registry server is now ready to use. It’s time to create a Docker container image on the client system.

    First, log in to the Client system and create a dockerfile to build Nginx web server image:

    mkdir Image
    cd Image
    nano dockerfile

    Add the following lines:

    FROM ubuntu:18.04
    LABEL project="Nginx Web Server Image"
    LABEL maintainer "[email protected]"
    RUN \a
    pt-get update && \
    apt-get install -y nginx && \
    rm -rf /var/lib/apt/lists/* && \
    echo "\ndaemon off;" >> /etc/nginx/nginx.conf && \
    chown -R www-data:www-data /var/lib/nginx
    # Define mountable directories.
    VOLUME ["/etc/nginx/sites-enabled", "/etc/nginx/certs", "/etc/nginx/conf.d", "/var/log/nginx", "/var/www/html"]
    # Define working directory.WORKDIR /etc/nginx
    # Define default command.CMD ["nginx"]
    # Expose ports.
    EXPOSE 80
    EXPOSE 443

    Save and close the file. Then, build an Nginx image by running the following command:

    docker build -t ubuntu:nginx .

    After building the Nginx image successfully, you should see the following output:

    ---> bc6e61406108
    Step 5/9 : VOLUME ["/etc/nginx/sites-enabled", "/etc/nginx/certs", "/etc/nginx/conf.d", "/var/log/nginx", "/var/www/html"]
    ---> Running in 30832b7ff816
    Removing intermediate container 30832b7ff816
    ---> 1940ec1c2225Step 6/9 : WORKDIR /etc/nginx
    ---> Running in 88755ef2d7c8
    Removing intermediate container 88755ef2d7c8
    ---> 4fe930c96a73Step 7/9 : CMD ["nginx"]
    ---> Running in c8d492317d88
    Removing intermediate container c8d492317d88
    ---> 3218acfd15f8Step 8/9 : EXPOSE 80
    ---> Running in 35921ef45db9Removing intermediate container 35921ef45db9
    ---> a6a299b86a6dStep 9/9 : EXPOSE 443
    ---> Running in 755441cefe2f
    Removing intermediate container 755441cefe2f
    ---> 9be7dc6b0825
    Successfully built 9be7dc6b0825
    Successfully tagged ubuntu:nginx

    Next, you can check the generated image with the following command:

    docker images

    You should see your nginx image in the following output:

    REPOSITORY TAG IMAGE ID CREATED SIZE
    ubuntu nginx 9be7dc6b0825 About a minute ago 161MB
    ubuntu 18.04 d131e0fa2585 4 days ago 102MB
    registry latest f32a97de94e1 7 weeks ago 25.8MB

    Next, you will need to rename your nginx image in “registryserver:portnumber/image name:tag” format.

    You can do it with the following command:

    docker tag ubuntu:nginx server:5000/ubuntu:nginx

    Upload Nginx Image on Private Registry Server

    You can now upload your generated Nginx image on Private Registry Server using the push command:

    docker push server:5000/ubuntu:nginx

    Once the image uploaded successfully, you should see the following output:

    The push refers to repository [server:5000/ubuntu]
    2e5us8en4s9d: Pushed 
    l1is9e9d8j7e: Pushed 
    nginx: digest: sha256:aa0d8fi49dir0d7rn33nee122b size: 1862

    You can also download the uploaded image from the registry server with the following command:

    docker pull server:5000/ubuntu:nginx

    I hope you have now enough knowledge to set up your own private docker registry server on a production server. If you are looking to get more Docker hands-on, then check out this online course.