yum install -y docker-distribution
In this exercise, you will learn container registry basics, what the registry offers and how to use it.
What is container registry?
A basic container registry is a stateless, highly scalable server side application that stores and distributes container images. The docker registry is an open-source project offered under the permissive Apache license.
Why use container registries?
You should use a private container registry if you want to:
tightly control where your images are being stored
fully own your image’s distribution pipeline
integrate image storage and distribution tightly into your in-house development workflow
First, lets install the docker-distribution
package, to provide the registry software:
yum install -y docker-distribution
Next, lets set the service to auto-start at system boot:
systemctl enable docker-distribution
A) The container registry configuration file will need to be modified to allow the use of https (secure) communications. First, we will generate a certificate.
mkdir /etc/docker-distribution/certs
cd /etc/docker-distribution/certs
openssl req -newkey rsa:4096 -nodes -sha256 -keyout domain.key -x509 -days 365 -out domain.crt
B) Answer the questions that OpenSSL asks, in any way that you see fit, but make sure that you specify a Common Name
of localhost
. Here is an example:
Generating a 4096 bit RSA private key ............................................................++ ...............................................................++ writing new private key to 'domain.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:US State or Province Name (full name) []:Ohio Locality Name (eg, city) [Default City]:Dublin Organization Name (eg, company) [Default Company Ltd]:workshop Organizational Unit Name (eg, section) []:workshop Common Name (eg, your name or your server's hostname) []:localhost Email Address []:student@lab.local
cp domain.crt /etc/pki/tls/certs
update-ca-trust extract
Edit the file '/etc/docker-distribution/registry/config.yml' to match the example below. Pay close attention to the last five lines, starting with tls, as these are required for configuration file.
vi /etc/docker-distribution/registry/config.yml
version: 0.1
log:
fields:
service: registry
storage:
cache:
layerinfo: inmemory
filesystem:
rootdirectory: /var/lib/registry
delete:
enabled: true
http:
addr: :5000
tls:
certificate: /etc/docker-distribution/certs/domain.crt
key: /etc/docker-distribution/certs/domain.key
host: https://localhost:5000
relativeurls: false
systemctl start docker-distribution
Before we upload anything, let’s take a look to see what images we have in the local image database:
podman images
REPOSITORY TAG IMAGE ID CREATED SIZE registry.access.redhat.com/rhel7 latest 7a840db7f020 2 days ago 211MB docker.io/library/fedora latest cc510acfcd70 2 weeks ago 263MB docker.io/library/fedora_postgresql latest b105a704d05d 10 minutes ago 495MB
To push the container, either of these two commands will work.
Choose only one of the following two commands (buildah push or skopeo copy ). Both accomplish the same purpose.
|
buildah push fedora_postgresql:latest localhost:5000/fedora_postgresql:latest
With Skopeo, we need to be a bit more specific, and specify the image ID that we saw, above, from podman images
.
This image ID will vary, and you should use the value from the output produced on your workshop instance: |
skopeo copy containers-storage:7a840db7f020 docker://localhost:5000/fedora_postgresql:latest
Next, let’s search the registry to make sure that our image made it, and is available:
podman search localhost:5000/postgresql
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED localhost:5000 localhost:5000/fedora_postgresql 0
Domain |
![]() |
|
Workshop | ||
Student ID |