This article covers the Docker Registry, including running containers, using Docker Hub, managing private registries, and setting up a custom on-premises registry.
In this article, we explore the Docker Registry—a central repository where Docker images are stored and managed. Think of Docker images as the foundations for containers; without a registry, there would be no source to pull these essential images. Let’s start by running a simple Nginx container.
To run the Nginx image, execute the following command:
Copy
Ask AI
docker run nginx
Here, the image name “nginx” represents the repository name. In Docker’s terminology, when using default settings, “nginx” is shorthand for “library/nginx.” The “library” prefix indicates that this is an official image available on Docker Hub.For example, the fully qualified image reference is:
Copy
Ask AI
image: docker.io/library/nginx
When no username or organization is specified, Docker assumes the image is stored in Docker Hub. If you create your own images on Docker Hub or within an organization, your username or organization name will be prefixed to the image name.
By default, Docker uses Docker Hub (docker.io) for pulling images. Anytime an image is pushed or updated, it is stored in the registry and later pulled for deployments.Beyond Docker Hub, several other registries are popular. For instance, Google manages a registry at GCR.io, which hosts many Kubernetes-related images, particularly for cluster end-to-end tests. These registries offer publicly accessible images that anyone can download.For in-house applications that need restricted access, hosting a private Docker registry is ideal. Cloud providers such as AWS, Azure, and GCP often offer private registry services with your account, allowing you to keep a repository private—a setting that requires valid credentials.
To run a container using an image from a private registry, you must first log in using the Docker login command. For example:
Copy
Ask AI
docker login private-registry.ioUsername: registry-userPassword:WARNING! Your password will be stored unencrypted in /home/vagrant/.docker/config.json.Login Succeeded
After logging in, run the container by specifying the private registry in the image name:
Copy
Ask AI
docker run private-registry.io/a
Ensure you log in before pulling or pushing images from a private registry. Failing to do so may result in errors indicating that the image cannot be found.
For instance, a cloud provider might require a login as follows:
Copy
Ask AI
docker login private-registry.ioLogin with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, visit https://hub.docker.com to create one.Username: registry-userPassword:WARNING! Your password will be stored unencrypted in /home/vagrant/.docker/config.json.Login Succeeded
Then, run an internal application from your private registry using:
If you’re running your applications on-premises and lack a pre-configured private registry, you can deploy your own Docker registry. The Docker registry itself is distributed as a Docker image named “registry” which exposes its API on port 5000.To start your custom registry, run:
Copy
Ask AI
docker run -d -p 5000:5000 --name registry registry:2
Once your registry is running, tag your image to include the registry URL. For instance, if your image is named “my-image” and your registry is hosting on the same machine, execute:
Copy
Ask AI
docker image tag my-image localhost:5000/my-image
Push the tagged image to your local private registry:
Copy
Ask AI
docker push localhost:5000/my-image
This image can then be pulled from any host within your network using either “localhost” (if on the same machine) or the appropriate IP address or domain name:
This article covered the essential aspects of the Docker Registry—from understanding the default behavior on Docker Hub to setting up and managing a private registry, whether hosted on a cloud provider or deployed on-premises. Experiment with these examples in your environment to deepen your understanding of managing and securing Docker images.
