Need help?

Our experts will login to your server within 30 minutes to fix urgent issues.

Customer support or server support, make your own solution using our support configuration wizard.

Easy steps to setup your Docker private repository

Easy steps to setup your Docker private repository

In a Docker system, the containers are created based on images which are like templates. An image can be of an OS, webserver, mail server or any application that you require to create a container instance for.

Docker itself provides a set of container images for use by the public. These images are stored in a public repository known as the Docker hub. Users can download and upload their images from this docker registry.

But the Docker hub is a publicly accessible registry and anyone can push and pull the container images in it. This may not be suitable for all online businesses as everyone can access the Docker images that you upload to the hub..

Setup and manage your Docker system

GET IN TOUCH WITH THE DOCKER EXPERTS NOW!

What is Docker private repository

For businesses that require to store their custom images in a secure and confidential manner, a docker private repository has to be setup to do this task.

A private repository is similar to the Docker hub, but it is setup in the user’s own server instead of an external or public location. A private registry can be further configured to provide all the features of a Docker hub.

Using private repository, businesses can configure locations to store their custom images and restrict the access to those images for their users only.

[ Running a Docker infrastructure doesn’t have to be hard, or costly. Get world class Docker management services at affordable pricing. ]

Benefits of setting up a Docker private repository

Having a private docker repository provides businesses with the following benefits:

  1. You can keep your custom images private and hidden from the public.
  2. It is easy to manage and keep the Docker images updated, as you have control over it.
  3. The private repository can be secured further using SSL.
  4. Bandwidth savings and speed of upload/download are also other benefits of using private repos.

Today, we’ll discuss how we setup a Docker private repository for our internal Docker infrastructure.

Pre-requisites for setting up Docker private repository

You can configure the private registry in any machine, even in a Docker container. Before setting up the private registry, choose a container and a directory location which has enough space for storing your images.

The storage space requirement should be assessed based on the number of users in the system and approximate image sizes. The ‘registry’ image is configured to start on port 5000 in the container.

So make sure that this port in the repository container is open in the firewall and accessible. Users should be able to connect to this Docker registry container via network, to download the images from the private repository.

Setting up a secure Docker private repository

Here, we’ll explain the step-by-step process that was followed to create our own Docker private registry in a Docker machine and how we secured it with TLS certificate:

1. Create a storage location

First step in setting up a private repository is to create a directory location for storing the images, inside the Docker machine, dedicated for this purpose. This can be done using the command:

mkdir -p /opt/registry/{data,ssl,config}

2. Setup SSL for container

To ensure secure transmission of the images stored in it, it is important to secure the Docker container with TLS certificate. We used ‘omgwtfssl‘, a Docker image for creating self signed SSL certs easily.

You can secure the Docker container with this command:

docker run --rm -v /opt/registry/ssl:/certs -e SSL_SUBJECT=registry.docker-repo.net paulczar/omgwtfssl

 

The hostname of the registry machine need be given as a parameter to the command to install SSL. The following SSL files are created by this Docker image:

SSL files for Docker private repository

SSL files for Docker private repository

 

These files include the certificate, CSR and the key files associated with the SSL. Now, a configuration file for the registry should be created, which should contain the path to these cert and key files.

The registry configuration file is named ‘registry.env’ and it located in the ‘config’ folder in the registry directory:

 

Docker private repository SSL configuration

Private registry SSL settings


Secure your Docker images!

Wish you had more time to focus on your business? Let us help you.

Our engineers will assist you to setup, monitor and manage your Docker infrastructure 24/7.

GET IN TOUCH WITH THE EXPERTS NOW!




Bobcares provides Outsourced Hosting Support and Outsourced Server Management for online businesses. Our services include Hosting Support Services, server support, help desk support, live chat support and phone support.

Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.
MORE ABOUT BOBCARES

Privacy Preference Center

    Necessary

    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

    PHPSESSID - Preserves user session state across page requests.

    gdpr[consent_types] - Used to store user consents.

    gdpr[allowed_cookies] - Used to store user allowed cookies.

    PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
    PHPSESSID
    WHMCSpKDlPzh2chML

    Statistics

    Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

    _ga - Preserves user session state across page requests.

    _gat - Used by Google Analytics to throttle request rate

    _gid - Registers a unique ID that is used to generate statistical data on how you use the website.

    smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

    _ga, _gat, _gid
    _ga, _gat, _gid
    smartlookCookie

    Marketing

    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

    IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

    test_cookie - Used to check if the user's browser supports cookies.

    1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

    NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

    DV - Google ad personalisation

    IDE, test_cookie, 1P_JAR, NID, DV, NID
    IDE, test_cookie
    1P_JAR, NID, DV
    NID