This article shows you how to use the Docker Registry.

Why Do You Need the Docker Registry?

Public Docker images can be updated at any time. There is nothing to stop an image update with the same tag as the previous image. Therefore, if you trust the Public Registry, there is no guarantee that every environment is indeed based on the same images.

If you are using images directly from the Public Registry, you must download them to your system and upload them to your own registry so you have control over the release of updates.

Servers not connected to the Internet

Another necessary aspect of using the Local Docker Registry is if the servers running Apinizer do not have access to, you need it to be able to patch (version update).

Before starting the installation

Follow these steps to install and configure the Docker registry on your CentOS 7 server.

  • The docker distribution package on CentOS 7.4 is available in the extra repository. You may need to enable it if CentOS 7 is disabled on your system.

Installation Steps


sudo yum -y install docker-distribution

Configure the Docker Registry

The Docker registry configuration file is located at /etc/docker-distribution/registry/config.yml. It is in YAML format. If you need to make any changes, do so here. Example configuration file is shown below:

version: 0.1
    service: registry
        layerinfo: inmemory
        rootdirectory: /var/lib/registry
    addr: :5000

From the default config file:

  • /var/lib/: registry is the directory where docker images will be stored.
  • Service: will connect to port 5000 on all network interfaces

If you have SELinux enabled, you may have a problem using port 5000, consider disabling SELinux or putting it in permissive mode if you encounter problems.

If the firewall is enabled and running, allow the port in the firewall.

firewall-cmd --add-port = 5000 / tcp - goalkeeper
firewall-cmd - reload

Start the Docker Registry

Now you can start the service and set it to start on boot.

systemctl start docker-distribution
systemctl enable docker-distribution

Verify that the docker-distribution service is running:

systemctl status docker-distribution

● docker-distribution.service - v2 Registry server for Docker
   Loaded: loaded (/usr/lib/systemd/system/docker-distribution.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2018-03-31 14:31:16 EDT; 2min 20s ago
 Main PID: 16262 (registry)
   CGroup: /system.slice/docker-distribution.service
           └─16262 /usr/bin/registry serve /etc/docker-distribution/registry/...

Add Registry to Docker Engine

By default docker uses https to connect to the docker registry. However, there may be use cases for using an unsafe registry, especially if you're on a trusted network. This eliminates the need for a CA signed certificate for internal use or relying on a self-signed certificate on all docker nodes. Here are the steps to add the Insecure Registry to Docker Engine.

All lines in the /etc/docker/daemon.json file are deleted and the following line is added.

vi /etc/docker/daemon.json

 "insecure-registries" : ["dockerregistry.local:5000"]

The above line must be done on all servers that will connect to /etc/docker/daemon.json docker registry.

Now that the registry is ready, you can start importing docker images into it. If you don't have a DNS server, use the /etc/hosts file to map the hostname to the IP Address.

cat /etc/hosts dockerregistry.local

It can also be added like this: "insecure-registries" : [""] 

Note: If the hostname is written, it must be specified in the host files of the other machines in the k8s cluster.

After making the above changes, restart Docker.

systemctl restart docker

Using the Docker Registry

First of all, the images are downloaded to the environment with the docker registry installed.

sudo docker pull apinizercloud/manager:2022.04.01

Tag the image as dockerregistry.local:5000 /manager:2022.04.01. This creates an additional tag for the current image. When the first part of the tag is a hostname and port, Docker interprets it as the location of a registry during push.

docker tag apinizercloud/manager:2022.04.01 dockerregistry.local:5000/manager:2022.04.01

Submit the image to the local registry running at dockerregistry.local:5000/manager:2022.04.01.

docker push dockerregistry.local:5000/manager:2022.04.01

If the image upload was successful, you should finally get the sha256 hash. The exported images are stored under the /var/lib/registry/docker/registry/v2/repositories directory.

ls /var/lib/registry/docker/registry/v2/repositories

Example Uses

Sample: To push the image that was pulled to the local registry. To install Manager, Worker and Caches;

sudo docker pull apinizercloud/manager:2022.04.01 $ sudo docker tag apinizercloud/manager:2022.04.01 YOUR-IP:5000/manager:2022.04.01 $ sudo docker push YOUR-IP:5000/manager:2022.04.01  --- Worker ---
sudo docker pull apinizercloud/worker:2022.04.01 $ sudo docker tag apinizercloud/worker:2022.04.01 YOUR-IP:5000/worker:2022.04.01 $ sudo docker push YOUR-IP:5000/worker:2022.04.01  --- Cache ---
sudo docker pull apinizercloud/cache:2022.04.01 $ sudo docker tag apinizercloud/cache:2022.04.01 YOUR-IP:5000/cache:2022.04.01 $ sudo docker push YOUR-IP:5000/cache:2022.04.01

Sample: Uploading an Apinizer image taken as .tar to the registry

Apinizer Image'ı yükleme

docker image load < apinizer-manager.tar
docker tag apinizer-manager:latest YOUR-IP:5000/apinizer-manager:latest
docker push YOUR-IP:5000/apinizer-manager:latest

Adding Images to Local Docker Registry with Linux Schell Code

Listing versions of images with v2 API



if [ "$localRepositoryUrl" == "$localRepositoryUrl" ]; then
    echo "Please enter your local Docker Repository URL"
    echo "Your Local Repository Url : "$localRepositoryUrl

if [ $# -eq 0 ]; then
    echo "Please enter the version information as a parameter."

echo 'Version = ' $1

docker pull apinizercloud/manager:"$version"
docker tag apinizercloud/manager:$version $localRepositoryUrl/manager:$version
docker push $localRepositoryUrl/manager:$version
docker pull apinizercloud/worker:$version
docker tag apinizercloud/worker:$version $localRepositoryUrl/worker:$version
docker push $localRepositoryUrl/worker:$version
docker pull apinizercloud/cache:$version
docker tag apinizercloud/cache:$version $localRepositoryUrl/cache:$version
docker push $localRepositoryUrl/cache:$version

echo "Image pull operation completed." 


# List image'n versions with v2 API

sh 2022.04.01
# Catalog information query

curl http://YOUR-IP:5000/v2/_catalog
    "repositories": [
# Registry listing with v2 API

curl http://YOUR-IP:5000/v2/manager/tags/list
    "name": "manager",
    "tags": [
# image path when deploying to k8s

image: myregistry.local:5000/apinizer-manager:latest
# To delete images in the repository

cd /var/lib/registry/docker/registry/v2/repositories 
sudo rm -rf *

Another issue to consider when installing a local docker Registry is SSL.

docker image prune -a