Implementing a Self-Hosted Docker Registry on Raspberry Pi

docker registry, self_hosted

Working with Docker is great but when you want to deploy your applications to another server you need a registry to push your images so that you can pull them from the other end. To have that capability in my dev environment I decided to setup my own self-hosted Docker registry.

For the sake of brevity, I will omit creating Raspberry Pi SD Card and installing Docker on it. There are lots of gret videos and articles out there already.

Self-hosted vs Hosted

When it comes to hosted Docker registries, there are lots of free and paid options.

Benefits of self-hosted registry:

  • See the storage size and number of repos required for your system early on without having to pay anything
  • Push/pull images on the go without Internet connection during development phase
  • No privacy concerns: If you upload your image with your application in it you may have some sensitive data inside the image which may pose a risk if the 3rd party registry has full access to them
  • Free!

Benefits of hosted registry:

  • Hassle-free: No backups or server management

There are great Docker registries such as Docker Hub and Amazon ECR. I wouldn’t recommend usign a self-hosted registry for production. But if the price or privacy is a concern it can certainly be an option.

Creating Self-Hosted Registry

It sounds like it requires installing a server application but the nice thing about Docker is, even it is a Docker registry it can run in a container itself. So first off we pull the registry repo for Docker Hub:

docker pull registry

Now let’s create a container that will act as our registry:

docker run -d -p 5000:5000 --restart always --name registry registry

In my case the hostname of the Raspbeery Pi is

Now to test how we can push and pull images let’s download Docker’s hello-world image from Docker Hub:

docker pull hello-world

Now to push this inot our own registry running in Raspbeery Pi all we have to do is tag it with the server URL such as:

docker tag hello-world HOBBITON.local:5000/hello-world

At this point if we take look at the images on our local machine we can see the hello-world image is duplicated.

Now let’s push it to Pi:

docker push HOBBITON.local:5000/hello-world

This doesn’t work because of the following reason:

This is because the reigstry is considered to be insecure and by default it’s rejected by the client. We can confirm it’s deemed to be insecure if we check the server by running the following command:

docker info

At the bottom of the bottom we can see the localhost registry is insecure:

To address this we can add this registry to the list of insecure registries. For example in a Mac client we add go to Preferences –> Daemon and add the Raspberry Pi registry as shown below:

After this, if we try once again to push to Pi we can see it succeded:

If you’re pulling from a client without a user interface, another Raspberry Pi for example, try the following:

sudo nano  /etc/docker/daemon.json

and add the following (with the correct registry name):

{ "insecure-registries":["myregistry.example.com:5000"] }

and restart Docker:

sudo service docker restart

Now if we check the repository list on the registry again we can see the hello-world image hosted on our Pi:

Let’s now see if we can pull this image from another client.

And after pulling the image we can see it in the image list: