Sefl-Hosted Registry

If you have multiple docker envs or kubernetes nodes, it's better to create a self-hosted registry to serve the images, avoid the network issue and improve the deployment speed.

CNCF Distribution is lightweight and easy to deploy than Harbor, it's a better choice for home lab and small team.

Docker Registry is deprecated, replaced by CNCF Distribution.

Docker Distribution

  • Create Registry Config

Refer to Configuring a registry, create a config.yml file.

version: 0.1
log:
  fields:
    service: registry
storage:
    delete:
      enabled: true
    cache:
        blobdescriptor: inmemory
    filesystem:
        rootdirectory: /var/lib/registry
    maintenance:
        uploadpurging:
            enabled: false
http:
    addr: :5000
    headers:
        X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3
proxy:
  remoteurl: https://registry-1.docker.io
  ttl: 168h
  • Run Registry

mount the created config.yml to /etc/docker/registry/config.yml

docker run -d -p 5000:5000 --restart=always --name registry -v ./config.yml:/etc/docker/registry/config.yml registry:2

China mainland users need to set the http proxy to avoid the GFW.

docker run -d -p 5000:5000 --restart=always -e HTTP_PROXY=<> -e HTTPS_PROXY=<> --name registry -v ./config.yml:/etc/docker/registry/config.yml registry:2
  • Set Mirror

Assume the registry endpoint is http://192.168.31.110:5000

Docker Daemon

Create /etc/docker/daemon.json described in Configure the Docker daemon

{
    "registry-mirrors": [
        "http://192.168.31.110:5000"
    ]
}

then restart the docker daemon

sudo systemctl daemon-reload
sudo systemctl restart docker

Kubernetes

Create /etc/rancher/k3s/registries.yaml described in k3s Private Registry

mirrors:
  "docker.io":
    endpoint:
      - http://192.168.31.110:5000

Advanced

S3 as Storage

CNCF Distribution support S3 Storage as backend storage, it's better to separate the storage from the registry container, so you can rebuild or transfer the registry easily.

sample of config.yml 

version: 0.1
log:
  fields:
    service: registry
storage:
  cache:
    blobdescriptor: inmemory
  s3:
    accesskey: <>
    secretkey: <>
    region: <>
    regionendpoint: <>
    bucket: <>
    loglevel: debug
http:
  addr: :5000
  headers:
    X-Content-Type-Options: [nosniff]
health:
  storagedriver:
    enabled: true
    interval: 10s
    threshold: 3
proxy:
  remoteurl: https://registry-1.docker.io
  ttl: 168h