Implementing a Self-hosted Docker Registry
At some point, you will outgrow storing custom images on Docker Hub. This course prepares you to deploy your own self-hosted registry.
What you'll learn
What would Docker be without Docker Hub? If it were not for images, you would never have heard of Docker, and that's because simplifying image distribution is what made Docker exponentially useful. Initially the images on Docker Hub suffice, but at some point, as you begin to build your own images, you'll outgrow storing them on Docker Hub for a variety of reasons.
In this course, Implementing a Self-hosted Docker Registry, we will dissect deploying your own registry in the following scenarios.
First, you will learn to take total control of a registry, perhaps as a matter of compliance, and learn to distribute sensitive images privately.
Next, you will see how to co-locate a registry for performance reasons, to save bandwidth, or to mirror Docker Hub images to a local registry cache.
Then, you will explore the internal workings of a registry and gain flexibility in securing your registry.
Finally, you will be able to standardize application packaging and distribution within your organization using Docker images, to reap the same benefits that Docker Hub brought to open-source public applications.
By the end of this course, you'll be well prepared to deploy your own self-hosted registry.
Table of contents
- The Journey to Self Hosting 4m
- Running the First Registry 3m
- Registry Organization Terms and API 5m
- Pushing an Image to a Registry 5m
- Configuring the Docker Daemon to Allow an Insecure Registry 4m
- Distributing Images Without Access to Docker Hub 3m
- Running a Registry Web UI 5m
- Beware of the Default Anonymous Registry Data Volume 2m
- Observing the Default Anonymous Volume Lifecycle 3m
- Storing Registry Data on a Named Volume 5m
- Why Self Host? 4m
- The Value of a Local Registry Mirror 5m
- Challenge: Setting up a docker-compose.yml for a Local Registry 4m
- Using an Enviroment Variable to Enable Mirroring 4m
- Configuring the Docker Daemon to Use a Registry Mirror 5m
- Pulling an Image Through the Mirror for the First Time 2m
- Even with Gigabit Download Speeds, a Mirror Can Help 1m
- Timing Docker Image Pull on a Slower Connection 4m
- Configure Docker for Windows Registry Mirrors 2m
- Automating Image Builds with Notifications 5m
- Building a Mongo Image with Sample Data 2m
- Setting up the Mongo with Data Example 5m
- Setting up a Registry Config File 3m
- Configuring a Jenkins Notification Endpoint 2m
- Creating a Registry Container That Uses the Custom Config File 3m
- Configuring Json Formatted Logging 5m
- Cleaning up the JSON with jq 2m
- Adding a Standalone RequestBin to Inspect Registry Notifications 5m
- Testing a Push Notification to RequestBin 5m
- A Fully-bootstrapped Jenkins Environment 6m
- Starting Two Registries and Jenkins 4m
- Simulating an Image Vetting Process 3m
- Setting the Notification URL to the Jenkins Docker Registry Webhook 2m
- Image Push Triggers Jenkins to Build and Push Dependent Images 5m
- Sadly You Cant --force-recreate in Production to Free up Space 1m
- Registry Storage Drivers 4m
- Switching to the in-memory Storage Driver 2m
- Restarting Wipes Data with the in-memory Storage Driver 5m
- Cloud Specific Storage Drivers 2m
- Deleting Images Example Setup 4m
- Exploring the Registry Filesystem Layout to Store Images 8m
- Enabling Deletes in the Front End 4m
- Digging into What Happens When You Delete an Image 4m
- Deleting from curl or a CI Tool Like TeamCity or Jenkins 1m
- Garbage Collection Dry Run 5m
- Safely Running Garbage Collection with Readonly 4m
- Running Garbage Collection 2m
- Tag Mutability and Garbage Collection 5m
- Time to Secure the Registry 2m
- Basic Auth Limits Client Access with an htpasswd File 3m
- Explaining the Basic Auth Example Files 3m
- Basic Auth to the Registry API from a Browser 2m
- Pushing Images to a Registry with Basic Auth 2m
- Token Auth 6m
- Token Auth with Docker Hub 5m
- Silly Auth 1m
- You Can Use a Proxy Too 1m
- TLS 2m
- TLS Example Files 2m
- Encrypted Communications to the Registry API 2m
- The Docker Daemon Needs to Trust the Registry Certificate 5m
- Pushing Images Fails with Untrusted Certificate 1m
- Trusting a Self-signed Certificate 5m
- Removing Trust in a Self-signed Certificate 2m
Course FAQ
This course is for those who have outgrown stroing images on Docker Hub and need more control and flexibility through a self-hosted Docker Registry.
A self-hosted Docker registry gives you complete control over the registry. It allows for a greater level of privacy, to see storage size, to push/pull images without internet connection, and it's free.
You should be familiar with Docker, Docker Hub, and image distribution. If you aren't very familiar with Docker, check out this course on Getting Started with Docker.
You will learn how to prepare and deploy your own self-hosted registry by:
- Taking control of a registry
- Learning to distribute sensitive images privately
- Co-locating registries to save bandwidth
- Mirroring Docker Hub images to local registry cache
- Learning internal workings of a registry
- Standardizing application packaging and distribution
- Much more
About the author
Wes Higbee is passionate about helping companies achieve remarkable results with technology and software. He’s had extensive experience developing software and working with teams to improve how software is developed to meet business objectives. Wes launched Full City Tech to leverage his expertise to help companies delight customers. Although his primary focus is on outcomes, implementation often includes technical competency. Wes frequently speaks about impactful aspects of software developm... more