Install and Use Docker Registry on Fedora 35/34/33/32/31

Posted on 321 views

This guide will discuss how to install and configure a Docker Registry on Fedora 35/34/33/32/31. A Docker registry is a storage and content delivery system that holds named Docker images, available in different tagged versions.

Users using Docker interact with a registry by using docker push and docker pull commands. The most common way of storing public images is by using the Docker hub. In this guide, we will setup a local Docker registry which is only accessible within a company Local network/restricted access.

Step 1: Install Docker on Fedora

Use our guide below to install Docker on Fedora.

Don’t forget to add your user account to the docker group created during installation.

sudo usermod -aG docker $(whoami)
newgrp docker

Step 2: Install docker registry package (docker-distribution)

The docker-distribution package is available on Fedora repository. Distribution is a Docker toolset to pack, ship, store, and deliver content.

sudo dnf install docker-distribution

Step 3: Configure Docker registry on Fedora

Docker registry configuration file is found on /etc/docker-distribution/registry/config.yml. Its format in YAML.

If you need to make any modifications, do it here. Sample configuration file is shown below:

$ cat  /etc/docker-distribution/registry/config.yml
version: 0.1
    service: registry
        layerinfo: inmemory
        rootdirectory: /var/lib/registry
    addr: :5000

From the default configuration file:

  • /var/lib/registry is the directory where docker images will be stored
  • The service will bind to port 5000 on all network interfaces

If firewalld is enabled and running, allow the port on the firewall.

sudo firewall-cmd --add-port=5000/tcp --permanent
sudo firewall-cmd --reload

Step 4: Start docker registry service

You can now start the service and set it to start on boot.

sudo systemctl start  docker-distribution
sudo systemctl enable docker-distribution

Confirm service status – should indicate running.

$ systemctl status docker-distribution
● docker-distribution.service - v2 Registry server for Docker
   Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2019-05-04 02:11:27 EAT; 22s ago
 Main PID: 9310 (registry)
    Tasks: 6 (limit: 2323)
   Memory: 9.8M
   CGroup: /system.slice/docker-distribution.service
           └─9310 /usr/bin/registry serve /etc/docker-distribution/registry/config.yml

May 04 02:11:27 localhost.localdomain systemd[1]: Started v2 Registry server for Docker.
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=warning msg="No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple reg>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="redis not configured" go.version=go1.12beta2 version="v2.>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="Starting upload purge in 48m0s" go.version=go1.12beta2 ve>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="using inmemory blob descriptor cache" go.version=go1.12beta2>
May 04 02:11:27 localhost.localdomain registry[9310]: time="2019-05-04T02:11:27+03:00" level=info msg="listening on [::]:5000" go.version=go1.12beta2 version="v>

Also check the responsiveness of port 5000.

$ telnet 5000
Connected to
Escape character is '^]'.

Step 5: Add Insecure Registry to Docker Engine

By default, docker uses https to connect to the docker registry. But there can be use cases to use an insecure registry, especially if you’re on a trusted network. This eliminates the need for a CA-signed certificate for internal use or to trust self-signed certificate in all docker nodes. Here are the steps to add Insecure Registry to Docker Engine.

For CentOS / Fedora / Ubuntu

Edit the file /etc/docker/daemon.json, e.g.

cat << EOF | sudo tee /etc/docker/daemon.json 
     "insecure-registries" : [ "myregistry.local:5000" ]

For Arch Linux users, check using Insecure registries.

Then restart Docker engine.

sudo systemctl restart docker

Step 6: Pushing Docker images to the local registry

Now that the registry is ready, you can start pushing docker images to it. If you don’t have an active DNS server, use /etc/hosts file to map the hostname to IP Address.

$ sudo vim /etc/hosts myregistry.local

I’ll download alpine Linux docker image from Docker hub and push it to my local Docker registry.

$ docker pull alpine:latest
latest: Pulling from library/alpine
bdf0201b3a05: Pull complete 
Digest: sha256:28ef97b8686a0b5399129e9b763d5b7e5ff03576aa5580d6f4182a49c5fe1913
Status: Downloaded newer image for alpine:latest

Tag the image as myregistry.local:5000/alpine:latest. This creates an additional tag for the existing image. When the first part of the tag is a hostname and port, Docker interprets this as the location of a registry, when pushing.

docker tag alpine:latest myregistry.local:5000/alpine:latest

Push the image to the local registry running at myregistry.local:5000/alpine:latest

$ docker push myregistry.local:5000/alpine:latest
The push refers to repository [myregistry.local:5000/alpine]
a464c54f93a9: Pushed 
latest: digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 size: 528

If the image upload was successful, you should get sha256 hash at the end. Pushed images are stored under /var/lib/registry/docker/registry/v2/repositories directory.

$ ls /var/lib/registry/docker/registry/v2/repositories

This is the same method you’ll use to push custom docker images. To download docker images on the local registry, use the command:

$ docker pull myregistry.local:5000/alpine:latest
latest: Pulling from alpine
Digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907
Status: Downloaded newer image for myregistry.local:5000/alpine:latest



Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.