codingstuff.io
ExploreTutorialsProblemsCS Subjects
Get Started
ExploreTutorialsProblemsCS Subjects
Get Started
codingstuff.io

Master the art of building software through interactive tutorials, real-world problems, and guided projects.

Pune, Maharashtra, India

codingstuffmail@gmail.com

Product

  • Explore
  • Tutorials
  • Problems
  • CS Subjects

Company

  • About
  • Contact
  • Privacy Policy
  • Terms & Conditions
  • Sitemap

© 2026 codingstuff.io. All rights reserved.

Built with ❤️ for developers everywhere

/
/
All Tutorials
🐳

Docker

23 / 60 topics
22Docker Hub23Private Registries38Docker Hub Advanced39Private Registries Advanced54Docker Hub Advanced Topics55Private Registries Advanced Topics
Tutorials/Docker/Private Registries
🐳Docker

Private Registries

Updated 2026-05-15
10 min read

Private Registries

Introduction

In the world of containerization, Docker has become an essential tool for developers and operations teams alike. While Docker Hub provides a public registry where anyone can push and pull images, there are scenarios where you need to maintain control over your images. This is where private registries come into play. Private registries allow you to store and manage your Docker images securely, ensuring that only authorized users can access them.

In this tutorial, we'll explore how to set up and use a private Docker registry. We'll cover both self-hosted solutions and managed services like AWS ECR or Google Container Registry.

Concept

A Docker registry is essentially a service where you can store your Docker images. When you build a Docker image, you typically push it to a registry so that others (or yourself) can pull it down and run containers from it. By default, Docker uses Docker Hub as its public registry, but you can also set up your own private registry.

Private registries are useful for several reasons:

  1. Security: You can control who has access to your images.
  2. Compliance: You can ensure that only approved images are used in production environments.
  3. Performance: Images stored in a private registry hosted closer to your infrastructure can reduce latency and improve performance.

Examples

Setting Up a Private Registry Using Docker

Docker provides a simple way to set up a private registry using the registry image from Docker Hub. Here’s how you can do it:

  1. Run the Registry Container

    First, pull the official registry image from Docker Hub and run it as a container.

Terminal
{`$ docker run -d -p 5000:5000 --restart=always --name registry registry:2`}

This command runs the registry on port 5000 of your host machine. The --restart=always flag ensures that the container restarts automatically if it stops.

  1. Pushing an Image to the Private Registry

    Now, let's push an image to our private registry. First, tag your Docker image with the private registry URL.

Terminal
{`$ docker tag my-image localhost:5000/my-image`}

Then, push the image to the registry.

Terminal
{`$ docker push localhost:5000/my-image`}
  1. Pulling an Image from the Private Registry

    To pull the image back down, use the following command:

Terminal
{`$ docker pull localhost:5000/my-image`}

Using a Managed Service

If you prefer not to manage your own registry infrastructure, you can use managed services like AWS ECR or Google Container Registry.

AWS Elastic Container Registry (ECR)

  1. Create an ECR Repository

    You can create an ECR repository using the AWS Management Console or the AWS CLI.

Terminal
{`$ aws ecr create-repository --repository-name my-ecr-repo`}
  1. Authenticate Docker to Your ECR Registry

    Before you can push images, you need to authenticate your Docker client to your ECR registry.

Terminal
{`$ aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-west-2.amazonaws.com`}
  1. Push an Image to ECR

    Tag your image with the ECR repository URL and push it.

Terminal
{`$ docker tag my-image 123456789012.dkr.ecr.us-west-2.amazonaws.com/my-ecr-repo:latest`}
Terminal
{`$ docker push 123456789012.dkr.ecr.us-west-2.amazonaws.com/my-ecr-repo:latest`}

Securing Your Private Registry

For a private registry to be truly secure, you should enable authentication. Docker provides several ways to secure your registry:

  1. Basic Authentication

    You can use basic authentication by creating a htpasswd file and configuring the registry to use it.

Terminal
{`$ htpasswd -Bbn user password > auth/htpasswd`}

Then, modify your registry configuration file (config.yml) to include authentication settings:

version: 0.1
log:
  fields:
    service: registry
storage:
  delete:
    enabled: true
http:
  addr: :5000
  tls:
    certificate: /certs/domain.crt
    key: /certs/domain.key
  auth:
    htpasswd:
      realm: basic-realm
      path: /auth/htpasswd
  1. TLS Encryption

    To secure the communication between your clients and the registry, you should enable TLS encryption. This involves obtaining an SSL certificate and configuring the registry to use it.

What's Next?

In this tutorial, we covered how to set up and use private Docker registries. In the next section, we'll explore Docker Content Trust, which allows you to sign your images and verify their integrity before pulling them down. This adds another layer of security to your containerized applications.


PreviousDocker HubNext Docker Content Trust

Recommended Gear

Docker HubDocker Content Trust