How to Setup Docker Private Registry on CentOS 7.x / RHEL 7.x

Pradeep Kumar

I am a huge fan of open source and love to share How To's tutorials on Linux, Cloud and DevOps. I have been working as Linux Consultant, Cloud & DevOps Engineer since 2010

You may also like...

3 Responses

  1. Anders Jackson says:

    Good article, and it is posible to move this to Ubuntu, by using ufw(8) instead of firewall-cmd(8).

    But how do we secure the repository? Shouldn’t it be using https instead of http?

  2. James Yu says:

    Hi, I just followed through your post and found out the –insecure-registry setting does not work, maybe a hand?
    The setting is as follows:
    # cat /usr/lib/systemd/system/docker.service
    [Unit]
    Description=Docker Application Container Engine
    Documentation=https://docs.docker.com
    After=network-online.target firewalld.service
    Wants=network-online.target

    [Service]
    Type=notify
    # the default is not to use systemd for cgroups because the delegate issues still
    # exists and systemd currently does not support the cgroup feature set required
    # for containers run by docker
    ExecStart=/usr/bin/dockerd –-insecure-registry boot-node:5000
    ExecReload=/bin/kill -s HUP $MAINPID
    # Having non-zero Limit*s causes performance problems due to accounting overhead
    # in the kernel. We recommend using cgroups to do container-local accounting.
    LimitNOFILE=infinity
    LimitNPROC=infinity
    LimitCORE=infinity
    # Uncomment TasksMax if your systemd version supports it.
    # Only systemd 226 and above support this version.
    #TasksMax=infinity
    TimeoutStartSec=0
    # set delegate yes so that systemd does not reset the cgroups of docker containers
    Delegate=yes
    # kill only the docker process, not all processes in the cgroup
    KillMode=process
    # restart the docker process if it exits prematurely
    Restart=on-failure
    StartLimitBurst=3
    StartLimitInterval=60s

    [Install]
    WantedBy=multi-user.target

    also I have
    192.168.0.31 boot-node
    in /etc/hosts

    • James Yu says:

      after I change “192.168.0.31 boot-node” to “192.168.0.31 boot-node boot-node” in /etc/hosts
      and change “/usr/bin/dockerd –insecure-registry boot-node:5000” to “/usr/bin/dockerd –insecure-registry=boot-node:5000” for ExecStart
      it starts to work

Leave a Reply

Your email address will not be published. Required fields are marked *