This guide will discuss how to install and configure a Docker Registry on Fedora 38/37/36/35/34/33. A Docker registry is a storage and content delivery system that holds named Docker images, available in different tagged versions.
Users using Docker interact with a registry by using docker push and docker pull commands. The most common way of storing public images is by using the Docker hub. In this guide, we will setup a local Docker registry which is only accessible within a company Local network/restricted access.
Step 1: Install Docker on Fedora
Use our guide below to install Docker on Fedora.
Don’t forget to add your user account to the docker group created during installation.
sudo usermod -aG docker $(whoami)
newgrp dockerStep 2: Install docker registry package
The docker-distribution package is available on Fedora repository. Distribution is a Docker toolset to pack, ship, store, and deliver content.
sudo dnf install docker-distribution
Step 3: Configure Docker registry on Fedora
Docker registry configuration file is found on /etc/docker-distribution/registry/config.yml. Its format in YAML.
If you need to make any modifications, do it here. Sample configuration file is shown below:
$ cat /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
http:
addr: :5000
From the default configuration file:
- /var/lib/registry is the directory where docker images will be stored
- The service will bind to port 5000 on all network interfaces
If firewalld is enabled and running, allow the port on the firewall.
sudo firewall-cmd --add-port=5000/tcp --permanent
sudo firewall-cmd --reloadStep 4: Start docker registry service
You can now start the service and set it to start on boot.
sudo systemctl start docker-distribution
sudo systemctl enable docker-distributionConfirm service status – should indicate running.
$ systemctl status docker-distribution
● docker-distribution.service - v2 Registry server for Docker
Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2019-05-04 02:11:27 EAT; 22s ago
Main PID: 9310 (registry)
Tasks: 6 (limit: 2323)
Memory: 9.8M
CGroup: /system.slice/docker-distribution.service
└─9310 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml
May 04 02:11:27 localhost.localdomain systemd[1]: Started v2 Registry server for Docker.
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple reg>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="redis not configured" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v2.>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="Starting upload purge in 48m0s" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 ve>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="using inmemory blob descriptor cache" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="listening on [::]:5000" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v>
Also check the responsiveness of port 5000.
$ telnet 127.0.0.1 5000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.Step 5: Adding Insecure Registry
By default, docker uses https to connect to the docker registry. But there can be use cases to use an insecure registry, especially if you’re on a trusted network. This eliminates the need for a CA-signed certificate for internal use or to trust self-signed certificate in all docker nodes. Here are the steps to add Insecure Registry to Docker Engine.
For CentOS / Fedora / Ubuntu
Edit the file /etc/docker/daemon.json, e.g.
$ sudo vim sudo tee /etc/docker/daemon.json
{
"insecure-registries" : [ "myregistry.local:5000" ]
}
For Arch Linux users, check using Insecure registries.
Then restart Docker engine.
sudo systemctl restart dockerStep 6: Pushing Docker images to local registry
Now that the registry is ready, you can start pushing docker images to it. If you don’t have an active DNS server, use /etc/hosts file to map the hostname to IP Address.
$ sudo vim /etc/hosts
192.168.10.20 myregistry.localI’ll download alpine Linux docker image from Docker hub and push it to my local Docker registry.
$ docker pull alpine:latest
latest: Pulling from library/alpine
bdf0201b3a05: Pull complete
Digest: sha256:28ef97b8686a0b5399129e9b763d5b7e5ff03576aa5580d6f4182a49c5fe1913
Status: Downloaded newer image for alpine:latestTag the image as myregistry.local:5000/alpine:latest. This creates an additional tag for the existing image. When the first part of the tag is a hostname and port, Docker interprets this as the location of a registry, when pushing.
docker tag alpine:latest myregistry.local:5000/alpine:latest
Push the image to the local registry running at myregistry.local:5000/alpine:latest
$ docker push myregistry.local:5000/alpine:latest
The push refers to repository [myregistry.local:5000/alpine]
a464c54f93a9: Pushed
latest: digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 size: 528If the image upload was successful, you should get sha256 hash at the end. Pushed images are stored under /var/lib/registry/docker/registry/v2/repositories directory.
$ ls /var/lib/registry/docker/registry/v2/repositories
alpineThis is the same method you’ll use to push custom docker images. To download docker images on the local registry, use the command:
$ docker pull myregistry.local:5000/alpine:latest
latest: Pulling from alpine
Digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907
Status: Downloaded newer image for myregistry.local:5000/alpine:latestOther interesting Articles
