Friday, December 27, 2024
Google search engine
HomeGuest BlogsInstall and Use Docker Registry on Fedora 38/37/36/35/34

Install and Use Docker Registry on Fedora 38/37/36/35/34

This guide will discuss how to install and configure a Docker Registry on Fedora 38/37/36/35/34/33. A Docker registry is a storage and content delivery system that holds named Docker images, available in different tagged versions.

Users using Docker interact with a registry by using docker push and docker pull commands. The most common way of storing public images is by using the Docker hub. In this guide, we will setup a local Docker registry which is only accessible within a company Local network/restricted access.

Step 1: Install Docker on Fedora

Use our guide below to install Docker on Fedora.

Don’t forget to add your user account to the docker group created during installation.

sudo usermod -aG docker $(whoami)
newgrp docker

Step 2: Install docker registry package

The docker-distribution package is available on Fedora repository. Distribution is a Docker toolset to pack, ship, store, and deliver content.

sudo dnf install docker-distribution

Step 3: Configure Docker registry on Fedora

Docker registry configuration file is found on /etc/docker-distribution/registry/config.yml. Its format in YAML.

If you need to make any modifications, do it here. Sample configuration file is shown below:

$ cat  /etc/docker-distribution/registry/config.yml
version: 0.1
log:
  fields:
    service: registry
storage:
    cache:
        layerinfo: inmemory
    filesystem:
        rootdirectory: /var/lib/registry
http:
    addr: :5000

From the default configuration file:

  • /var/lib/registry is the directory where docker images will be stored
  • The service will bind to port 5000 on all network interfaces

If firewalld is enabled and running, allow the port on the firewall.

sudo firewall-cmd --add-port=5000/tcp --permanent
sudo firewall-cmd --reload

Step 4: Start docker registry service

You can now start the service and set it to start on boot.

sudo systemctl start  docker-distribution
sudo systemctl enable docker-distribution

Confirm service status – should indicate running.

$ systemctl status docker-distribution
● docker-distribution.service - v2 Registry server for Docker
   Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2019-05-04 02:11:27 EAT; 22s ago
 Main PID: 9310 (registry)
    Tasks: 6 (limit: 2323)
   Memory: 9.8M
   CGroup: /system.slice/docker-distribution.service
           └─9310 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml

May 04 02:11:27 localhost.localdomain systemd[1]: Started v2 Registry server for Docker.
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple reg>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="redis not configured" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v2.>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="Starting upload purge in 48m0s" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 ve>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="using inmemory blob descriptor cache" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="listening on [::]:5000" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v>

Also check the responsiveness of port 5000.

$ telnet 127.0.0.1 5000
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.

Step 5: Adding Insecure Registry

By default, docker uses https to connect to the docker registry. But there can be use cases to use an insecure registry, especially if you’re on a trusted network. This eliminates the need for a CA-signed certificate for internal use or to trust self-signed certificate in all docker nodes. Here are the steps to add Insecure Registry to Docker Engine.

For CentOS / Fedora / Ubuntu

Edit the file /etc/docker/daemon.json, e.g.

$ sudo vim sudo tee /etc/docker/daemon.json 
 {
     "insecure-registries" : [ "myregistry.local:5000" ]
 }

For Arch Linux users, check using Insecure registries.

Then restart Docker engine.

sudo systemctl restart docker

Step 6: Pushing Docker images to local registry

Now that the registry is ready, you can start pushing docker images to it. If you don’t have an active DNS server, use /etc/hosts file to map the hostname to IP Address.

$ sudo vim /etc/hosts
192.168.10.20 myregistry.local

I’ll download alpine Linux docker image from Docker hub and push it to my local Docker registry.

$ docker pull alpine:latest
latest: Pulling from library/alpine
bdf0201b3a05: Pull complete 
Digest: sha256:28ef97b8686a0b5399129e9b763d5b7e5ff03576aa5580d6f4182a49c5fe1913
Status: Downloaded newer image for alpine:latest

Tag the image as myregistry.local:5000/alpine:latest. This creates an additional tag for the existing image. When the first part of the tag is a hostname and port, Docker interprets this as the location of a registry, when pushing.

docker tag alpine:latest myregistry.local:5000/alpine:latest

Push the image to the local registry running at myregistry.local:5000/alpine:latest

$ docker push myregistry.local:5000/alpine:latest
The push refers to repository [myregistry.local:5000/alpine]
a464c54f93a9: Pushed 
latest: digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 size: 528

If the image upload was successful, you should get sha256 hash at the end. Pushed images are stored under /var/lib/registry/docker/registry/v2/repositories directory.

$ ls /var/lib/registry/docker/registry/v2/repositories
alpine

This is the same method you’ll use to push custom docker images. To download docker images on the local registry, use the command:

$ docker pull myregistry.local:5000/alpine:latest
latest: Pulling from alpine
Digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907
Status: Downloaded newer image for myregistry.local:5000/alpine:latest

Other interesting Articles

Dominic Rubhabha-Wardslaus
Dominic Rubhabha-Wardslaushttp://wardslaus.com
infosec,malicious & dos attacks generator, boot rom exploit philanthropist , wild hacker , game developer,
RELATED ARTICLES

Most Popular

Recent Comments