How to Build and Use a Private Docker Registry on Your Own Server
This guide explains what a Docker repository is, why private registries are needed, and provides step‑by‑step instructions to set up a local registry, push images, resolve HTTPS errors, and pull images from other hosts.
Introduction
Repository is a place to store Docker images, divided into public and private registries.
When we run docker pull xxx, Docker contacts the public registry at registry.docker.com. For enterprise projects we cannot use the public registry, so Docker allows us to run a local private registry.
The most common private registries are registry and Harbor. The following explains how to set up a private registry.
Set up a registry private repository
Docker provides an official registry image. Pull it and run a container exposing port 5000.
1、下载镜像
docker pull registry:2
2、运行容器
docker run -d -v /opt/registry:/var/lib/registry -p 5000:5000 --name myregistry registry:2The registry service stores uploaded images in the container’s /var/lib/registry . Using the -v option maps this directory to the host’s /opt/registry , so images are saved on the host.
Access the registry via a browser at http://HOST_IP:5000/v2; a response of {} indicates the registry is running correctly.
Push images to the private registry
Steps to push an image:
1、下载docker hub官方镜像
docker pull ubuntu
2、将镜像标志为要推送到私有仓库:
docker tag ubuntu:latest 10.43.187.251:5000/myubuntu:v1
3、上传镜像到私有仓库
docker push 10.43.187.251:5000/myubuntu:v1The push fails with http: server gave HTTP response to HTTPS client because Docker registry defaults to HTTPS while the private registry is running over HTTP.
Docker switched to HTTPS by default after version 1.3.X; the private registry remains HTTP, causing the error.
Solution
1. Edit /etc/docker/daemon.json and add the insecure registry:
{ "insecure-registries":["10.43.187.251:5000"] }2. Reload the daemon and restart Docker:
systemctl daemon-reload
systemctl restart dockerAfter the fix, the push succeeds:
docker pull 10.43.187.251:5000/myubuntu:v1Client pulls private image
On another Docker host, attempt to pull the image:
[root@qll252 ~]# docker pull 10.43.187.251:5000/myubuntu:v1
Trying to pull repository 10.43.187.251:5000/myubuntu ...
Get https://10.43.187.251:5000/v1/_ping: http: server gave HTTP response to HTTPS clientThe same HTTPS error appears; applying the previous solution resolves it.
Pull succeeds
[root@qll252 ~]# docker pull 10.43.187.251:5000/myubuntu:v1
Trying to pull repository 10.43.187.251:5000/myubuntu ...
v1: Pulling from 10.43.187.251:5000/myubuntu
d51af753c3d3: Pull complete
fc878cd0a91c: Pull complete
6154df8ff988: Pull complete
fee5db0ff82f: Pull complete
Digest: sha256:5747316366b8cc9e3021cd7286f42b2d6d81e3d743e2ab571f55bcd5df788cc8
Status: Downloaded newer image for 10.43.187.251:5000/myubuntu:v1Verification completed; the private Docker registry is now fully operational.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Open Source Linux
Focused on sharing Linux/Unix content, covering fundamentals, system development, network programming, automation/operations, cloud computing, and related professional knowledge.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.