How to Setup Private Docker Registry on Ubuntu 20.04

Docker Registry is a centralized application that can be used to store your images and share them with other users. The private registry gives you full control to protect your images. You can also use Docker Hub to store your images, but these images will be public and anyone can access them.

In this tutorial, we will show you how to set up your own private Docker registry on Ubuntu 20.04.

Step 1 – Setup Hostname Resolution

First, you will need to set up the hostname resolution on both the registry server and the client machine so that they can communicate with each other using the hostname.

You set up it by editing /etc/hosts file on both server and client machine:

nano /etc/hosts

Add the following lines:

your-server-ip registry-server
your-client-ip registry-client

Save and close the file when you are finished.

Step 2 – Install Docker

Next, you will need to install Docker on both the server and client machines. By default, the latest version of Docker is not available in the Ubuntu 20.04 default repository, so you will need to add the Docker repository in your system.

First, install the required dependencies with the following command:

apt-get install apt-transport-https ca-certificates curl software-properties-common curl -y

After installing all dependencies, import the Docker GPG key using the following command:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -

Next, add the Docker CE official repository to the APT source file with the following command:

add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -
cs) stable"

Once the repository has been added, you will need to update the repository cache. You can update it with the following command:

apt-get update -y

Once your repository is up-to-date, run the following command to install the latest version of Docker CE to your system.

apt-get install docker-ce -y

Once the installation is completed, you can verify the installed version of Docker CE by running the following command:

docker --version

You should get the following output:

Docker version 19.03.13, build 4484c46d9d

At this point, Docker CE is installed on both the registry server and the client machine.

Step 3 – Install and Configure Registry Server

Next, you will need to install and configure the registry server on the server machine.

First, download the registry image from the Docker hub with the following command:

docker pull registry

You should get the following output:

Using default tag: latest

latest: Pulling from library/registry
cbdbe7a5bc2a: Pull complete
47112e65547d: Pull complete
46bcb632e506: Pull complete
c1cc712bcecd: Pull complete
3db6272dcbfa: Pull complete
Digest: sha256:8be26f81ffea54106bae012c6f349df70f4d5e7e2ec01b143c46e2c03b9e551d
Status: Downloaded newer image for registry:latest
docker.io/library/registry:latest

By default, Docker uses a secure connection over TLS to upload and download the images, so you will need to create a self-signed certificate for the registry server.

First, create a directory to store the certificates:

mkdir /etc/certs

Next, change the directory to the /etc/certs and generate a self-signed certificate with the following command:

cd /etc/certs
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt

Provide all details as shown below to generate the certificate:

Generating a RSA private key
....................................++++
......++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields, there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:GUJ
Locality Name (eg, city) []:JUNAGADH
Organization Name (eg, company) [Internet Widgits Pty Ltd]:IT
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:registry-server 
Email Address []:[email protected]

Once the certificate is generated, start the registry container from the downloaded image using the self-signed certificate with the following command:

docker run -d -p 5000:5000 --restart=always --name registry -v /etc/certs:/etc/certs -e 
REGISTRY_HTTP_TLS_CERTIFICATE=/etc/certs/ca.crt -e 
REGISTRY_HTTP_TLS_KEY=/etc/certs/ca.key registry

Next, verify the running container by running the following command:

docker ps

You should get the following output:

CONTAINER ID IMAGE COMMAND CREATED STATUS 
PORTS NAMES
90f4155f3926 registry "/entrypoint.sh /etc…" 4 seconds ago Up 2 seconds 
0.0.0.0:5000->5000/tcp registry

At this point, your registry server is installed and running.

Step 4 – Create a Custom Image on Registry Client

For this tutorial, we will download Ubuntu 20.04 server image on the client machine, create a new container, install the Apache server inside the container, build the new image and upload this image to the registry server.

First, download the Ubuntu 20.04 server image and create a container with the following command:

docker container run -it ubuntu:20.04 /bin/bash

This will download the Ubuntu 20.04 image from the Docker hub, create a new container, and attach it to the bash shell:

Unable to find image 'ubuntu:20.04' locally
20.04: Pulling from library/ubuntu
6a5697faee43: Already exists
ba13d3bc422b: Already exists
a254829d9e55: Already exists
Digest: sha256:fff16eea1a8ae92867721d90c59a75652ea66d29c05294e6e2f898704bdb8cf1
Status: Downloaded newer image for ubuntu:20.04
root@ee2cc97397fb:/#

Next, run the following command to update the system and install the apache webserver:

root@ee2cc97397fb:/#apt-get update -y
root@ee2cc97397fb:/#apt-get install apache2 -y

Next, exit from the running container with the following command:

root@ee2cc97397fb:/#exit

Next, you will need to rename or tag the Ubuntu 20.04 image in “registryserver:portnumber/image name:tag” format.

You can tag it with the following command:

docker tag ubuntu:20.04 registry-server:5000/ubuntu:apachev1.0

Next, verify your new image with the following command:

docker images

You should get the following output:

REPOSITORY TAG IMAGE ID CREATED SIZE
ubuntu 20.04 d70eaf7277ea 13 days ago 72.9MB
registry-server:5000/ubuntu apachev1.0 d70eaf7277ea 13 days ago 72.9MB

Step 5 – Upload New Image to Registry Server

First, you will need to create a new certificate directory on the client machine and copy the ca.crt file from the registry server:

First, create a cert directory with the following command:

mkdir -p /etc/docker/certs.d/registry-server:5000

Next, copy the ca.crt file from the registry server to the client machine:

scp root@registry-server:/etc/certs/ca.crt /etc/docker/certs.d/registry-server:5000/

Next, restart the Docker service to use this certificate:

systemctl restart docker

Next, upload your newly created image to the registry server with the following command:

docker push registry-server:5000/ubuntu:apachev1.0

You should get the following output:

The push refers to repository [registry-server:5000/ubuntu]

cc9d18e90faa: Pushed
0c2689e3f920: Pushed
47dde53750b4: Pushed
apachev1.0: digest: sha256:1d7b639619bdca2d008eca2d5293e3c43ff84cbee597ff76de3b7a7de3e84956 size: 943

Conclusion

Congratulations! You have successfully set up the Docker registry server and client on Ubuntu 20.04. You can now download and upload your own customized images to and from the registry server. Give it a shot on dedicated server hosting from Atlantic.Net!