This guide will discuss how to install and configure a Docker Registry on Fedora 35/34/33/32/31. A Docker registry is a storage and content delivery system that holds named Docker images, available in different tagged versions.
Users using Docker interact with a registry by using docker push and docker pull commands. The most common way of storing public images is by using the Docker hub. In this guide, we will setup a local Docker registry which is only accessible within a company Local network/restricted access.
Step 1: Install Docker on Fedora
Use our guide below to install Docker on Fedora.
Don’t forget to add your user account to the docker group created during installation.
sudo usermod -aG docker $(whoami) newgrp docker
Step 2: Install docker registry package (docker-distribution)
The docker-distribution package is available on Fedora repository. Distribution is a Docker toolset to pack, ship, store, and deliver content.
sudo dnf install docker-distribution
Step 3: Configure Docker registry on Fedora
Docker registry configuration file is found on /etc/docker-distribution/registry/config.yml. Its format in YAML.
If you need to make any modifications, do it here. Sample configuration file is shown below:
$ cat /etc/docker-distribution/registry/config.yml version: 0.1 log: fields: service: registry storage: cache: layerinfo: inmemory filesystem: rootdirectory: /var/lib/registry http: addr: :5000
From the default configuration file:
- /var/lib/registry is the directory where docker images will be stored
- The service will bind to port 5000 on all network interfaces
If firewalld is enabled and running, allow the port on the firewall.
sudo firewall-cmd --add-port=5000/tcp --permanent sudo firewall-cmd --reload
Step 4: Start docker registry service
You can now start the service and set it to start on boot.
sudo systemctl start docker-distribution sudo systemctl enable docker-distribution
Confirm service status – should indicate running.
$ systemctl status docker-distribution ● docker-distribution.service - v2 Registry server for Docker Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; disabled; vendor preset: disabled) Active: active (running) since Sat 2019-05-04 02:11:27 EAT; 22s ago Main PID: 9310 (registry) Tasks: 6 (limit: 2323) Memory: 9.8M CGroup: /system.slice/docker-distribution.service └─9310 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml May 04 02:11:27 localhost.localdomain systemd: Started v2 Registry server for Docker. May 04 02:11:27 localhost.localdomain registry: time="2019-05-04T02:11:27+03:00" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple reg> May 04 02:11:27 localhost.localdomain registry: time="2019-05-04T02:11:27+03:00" level=info msg="redis not configured" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v2.> May 04 02:11:27 localhost.localdomain registry: time="2019-05-04T02:11:27+03:00" level=info msg="Starting upload purge in 48m0s" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 ve> May 04 02:11:27 localhost.localdomain registry: time="2019-05-04T02:11:27+03:00" level=info msg="using inmemory blob descriptor cache" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc> May 04 02:11:27 localhost.localdomain registry: time="2019-05-04T02:11:27+03:00" level=info msg="listening on [::]:5000" go.version=go1.12beta2 instance.id=eb5f7905-8ab3-4b70-9ee2-3bed7a8cc5f2 version="v>
Also check the responsiveness of port 5000.
$ telnet 127.0.0.1 5000 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'.
Step 5: Add Insecure Registry to Docker Engine
By default, docker uses https to connect to the docker registry. But there can be use cases to use an insecure registry, especially if you’re on a trusted network. This eliminates the need for a CA-signed certificate for internal use or to trust self-signed certificate in all docker nodes. Here are the steps to add Insecure Registry to Docker Engine.
For CentOS / Fedora / Ubuntu
Edit the file /etc/docker/daemon.json, e.g.
cat << EOF | sudo tee /etc/docker/daemon.json "insecure-registries" : [ "myregistry.local:5000" ] EOF
For Arch Linux users, check using Insecure registries.
Then restart Docker engine.
sudo systemctl restart docker
Step 6: Pushing Docker images to the local registry
Now that the registry is ready, you can start pushing docker images to it. If you don’t have an active DNS server, use /etc/hosts file to map the hostname to IP Address.
$ sudo vim /etc/hosts 192.168.10.20 myregistry.local
I’ll download alpine Linux docker image from Docker hub and push it to my local Docker registry.
$ docker pull alpine:latest latest: Pulling from library/alpine bdf0201b3a05: Pull complete Digest: sha256:28ef97b8686a0b5399129e9b763d5b7e5ff03576aa5580d6f4182a49c5fe1913 Status: Downloaded newer image for alpine:latest
Tag the image as myregistry.local:5000/alpine:latest. This creates an additional tag for the existing image. When the first part of the tag is a hostname and port, Docker interprets this as the location of a registry, when pushing.
docker tag alpine:latest myregistry.local:5000/alpine:latest
Push the image to the local registry running at myregistry.local:5000/alpine:latest
$ docker push myregistry.local:5000/alpine:latest The push refers to repository [myregistry.local:5000/alpine] a464c54f93a9: Pushed latest: digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 size: 528
If the image upload was successful, you should get sha256 hash at the end. Pushed images are stored under /var/lib/registry/docker/registry/v2/repositories directory.
$ ls /var/lib/registry/docker/registry/v2/repositories alpine
This is the same method you’ll use to push custom docker images. To download docker images on the local registry, use the command:
$ docker pull myregistry.local:5000/alpine:latest latest: Pulling from alpine Digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 Status: Downloaded newer image for myregistry.local:5000/alpine:latest