Docker Private Registry setup with http and https

DockerToolbox 19.03.1

lets start the dockertoolbox

$ docker-machine ip
192.168.99.108

lets build the docker image from dockerfile or pull it from dockerhub

$ docker pull nginx

lets check the InsecureRegistries in the config.json file

$ vim /c/Users/USERNAME/.docker/machine/machines/default/config.json

add the following if the insecure-registries is empty

add your docker ip CIDR

now start the registry container listening at 5001 port

$ docker run -d \
  --restart=always \
  -e REGISTRY_HTTP_ADDR=0.0.0.0:5001 \
  -p 5001:5001 \
  --name registry-test \
   registry:2

to check if this is working fine

$ curl -k http://192.168.99.108:5001/v2/_catalog
{"repositories":[]}

now tag the image and push to the private strategy

$ docker tag nginx 192.168.99.108:5001/nginx
$ docker push 192.168.99.108:5001/nginx

when succeeded

$ curl -k http://192.168.99.108:5001/v2/_catalog
{"repositories":["nginx"]}

browser API’s

using HTTPS

lets create a rsa key and certificate

$ openssl rew -newkey rsa:2048 -nodes -keyout domain.key -x509 -days 365 -out domain.crt

this creates domain.key and domain.crt files

now create the username and password for the https://192.168.99.108:443 registry

$ docker run --entrypoint htpasswd registry:2 -Bbn myusername mypassword > htpasswd

we need to mount the below local filesystem to the docker container,
created three folders in C drive.

$ mkdir /c/Users/USERNAME/Desktop/regdemo/certs
$ mkdir /c/Users/USERNAME/Desktop/regdemo/auth
$ mkdir /c/Users/USERNAME/Desktop/regdemo/data

copy the domain.crt and domain.key to the above certs folder.
copy the htpasswd to auth folder.
lets mount /data to /var/lib/registry in container ( in next command ).

now lets run the registry container

$ docker run -d 
-p 443:443 \
--restart=always \
--name registry_with_https \
-v /c/Users/karigar/Desktop/regdemo/auth:/auth \
-v /c/Users/karigar/Desktop/regdemo/data:/var/lib/registry \
-v /c/Users/karigar/Desktop/regdemo/certs:/certs \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
-e REGISTRY_HTTP_ADDR=0.0.0.0:443 \
registry:2

now lets tag and push it to this new registry

$ docker tag nginx 192.168.99.108/nginx
$ docker push 192.168.99.108/nginx
  no basic auth credentials

error detected :)

$ docker login https://192.168.99.100
Username: myusername
Password: my*******d
Login Succeeded

now lets try to push again

$ docker push 192.168.99.108/nginx

example

this can be verified in browser as well

https://192.168.99.108:443/v2/_catalog

for more details https://docs.docker.com/registry/deploying/

that’s all folks , take it easy!