Skip to content

How To Start A Local Docker Registry

In certain environments, running a local Docker registry to mirror container images can be beneficial. A basic configuration can be set up to achieve this, but it’s important to replace the SSL key, certificate, and htpasswd in a production environment for security.

You can download a working example configuration for a local Docker registry here. The default credentials in this example are set as "user1" with the password "changeme." It’s recommended to change these credentials before using it in any production environment.

docker-compose.yml
version: "3"
services:
  registry:
    image: registry:2
    ports:
      - "5000:5000"
    environment:
      REGISTRY_AUTH: htpasswd
      REGISTRY_AUTH_HTPASSWD_REALM: AA Docker Registry
      REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password
    volumes:
      - ./auth:/auth
      - ./registry-storage:/var/lib/registry
      - ./config.yml:/etc/docker/registry/config.yml
      - ./cert.pem:/etc/ssl/registry-cert.pem
      - ./key.pem:/etc/ssl/registry-key.pem
Start the docker registry container
docker-compose up -d

Note

Before pushing a local image to your new registry, you need to pull the image from the main registry unless you're using an AA web server appliance, where the CEP is already running to manage local mirrored images.

Tag and push a CEP image into the registry
docker login docker.example.com:5000 -u user1
docker image tag registry.example.com/aaf/example-cep:1.9.22 docker.example.com:5000/aaf/example-cep:1.9.22
docker push docker.example.com:5000/aaf/example-cep:1.9.22

After pushing the image to your local registry, replace the original image with the locally mirrored one (e.g., docker.example.com:5000/aaf/example-cep:1.9.22). Ensure you log into your local registry before replacing the image to successfully pull from it.

Please visit https://docs.docker.com/registry for more information about managing a local docker registry.