Go to Qiita Advent Calendar 2024 Top
LoginSignup
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@leechungkyu(ChungKyu Lee)

Create Private Docker Registry (base on Nexus3)

Last updated at Posted at 2020-02-07

priavte-banner.jpg

I will share how to create an Private Docker Registry with Nexus3.x.
It built on Nexus, and provides GUI environment
I tried to write a lot of screenshots.

Demo Environment

  • Ubuntu 18.04
  • Docker version 18.09.1
    • Docker requires at least > v1.8
  • Nexus 3.20.1

Install Nexus3 and create Private Docker Registry

Nexus ip is 182.252.133.70.

$ ssh root@182.252.133.70


#### 1) Create Host <-> Nexus container permanent volume
```bash
$ mkdir /nexus-data

2) Create Nexus container

$ docker run --name nexus -d -p 5000:5000 -p 8081:8081 -v /nexus-data:/nexus-data -u root sonatype/nexus3

3) Connect to Nexus web http://182.252.133.70:8081

First time, login admin account is required.
admin password find /nexus-data/admin.password

$ cat /nexus-data/admin.password
6f471aea-1d52-4e4b-9988-1714e9bf849d # admin's password

registry001.png
registry002.png
Enter a new admin password.
registry003.png
registry004.png
registry005.png

4) Create docker-hosted and docker-proxy Blob on Nexus

Gear > Repository > Blob Stores > Create blob store
You need to create docker-hosted and docker-hub.
registry008.png

Name : docker-hosted
registry009.png

Name : docker-hub
registry010.png

5) Create docker-hosted and docker-proxy Repository on Nexus

Gear > Repository > Repositories > Create repository
You need to create docker-hosted and docker-hub.
registry011.png
Select docker (hosted)

  • Name : docker-hosted
  • Check HTTP and input 5000
  • Check Enable Docker V1 API
  • Select Blob store docker-hosted
    registry012.png
    registry013.png

Select docker (proxy)

  • Name : docker-hub
  • Check Enable Docker V1 API
  • Input https://registry-1.docker.io in Remote storage
  • Select Use Docker Hub
    registry014.png
    registry015.png

6) Set Realms on Nexus

Gear > Realms > Move Docker Bearer Token Realm to active > Save
registry017.png
registry018.png

7) Set docker command http enabled (v1)

Create file /etc/docker/daemon.json
✔️ If the file does not exist, you must create it.

$ cat /etc/docker/daemon.json

{
        "insecure-registries" : ["182.252.133.70:5000"]
}

Restart docker daemon

$ service docker restart

Restart Nexus container

$ docker restart nexus

Push image from external client to Private Docker Registry

Client ip is 182.252.133.71.

$ ssh root@182.252.133.71


#### 1) Set docker command http enabled (v1)
Create file `/etc/docker/daemon.json` 
✔️ If the file does not exist, you must create it.
💥 All clients **must** be setting.

```bash
$ cat /etc/docker/daemon.json

{
        "insecure-registries" : ["182.252.133.70:5000"]
}

Restart docker daemon

$ service docker restart

2) Login Private Docker Registry

$ docker login 182.252.133.70:5000

Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

3) docker pull and push Private Docker Registry

docker pull busybox image (from https://hub.docker.com/_/busybox)

$ docker pull busybox # docker pull from hub.docker.com 
bdbbaa22dec6: Pull complete
Digest: sha256:6915be4043561d64e0ab0f8f098dc2ac48e077fe23f488ac24b665166898115a
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest

Check busybox image

$ docker images -a
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
busybox             latest              6d5fcfe5ff17        5 weeks ago         1.22MB

tag

$ docker tag 6d5fcfe5ff17 182.252.133.70:5000/busybox:v20200205

push Private Docker Registry

$ docker push 182.252.133.70:5000/busybox:v20200205
The push refers to repository [182.252.133.70:5000/busybox]
195be5f8be1d: Pushed
v20200205: digest: sha256:edafc0a0fb057813850d1ba44014914ca02d671ae247107ca70c94db686e7de6 size: 527

Check image in Private Docker Registry

1) Connect to Nexus web http://182.252.133.70:8081

Browse > docker-hosted
registry020.png

tag
registry021.png

Pull in Private Docker Registry

$ docker pull 182.252.133.70:5000/busybox:v20200205
bdbbaa22dec6: Pull complete
Digest: sha256:edafc0a0fb057813850d1ba44014914ca02d671ae247107ca70c94db686e7de6
Status: Downloaded newer image for 182.252.133.70:5000/busybox:v20200205
182.252.133.70:5000/busybox:v20200205

$ docker images -a
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
182.252.133.70:5000/busybox   v20200205           6d5fcfe5ff17        5 weeks ago         1.22MB

More to do

443 port, need adding SSL

SSL should be applied.
After that, creating file /etc/docker/daemon.json can be omiited.
💡 I'll write this next posting.

1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?