I know this is selfhosted so most people here are hobbyists, but it’s a ton of work to selfhost in enterprise setting. I’d wager 90%+ of people using image registries are using Docker Hub, GHCR, or AWS ECR.
For your personal use, you don’t need an enterprise setting. It’s just a simple compose file that you run.
You can host a registry in pull through mode, so you still have all the images you use locally, but if it’s not in your registry yet, it pulls it from docker hub or whatever.
The only pain point is that a single registry can’t do both. So if you want to push your own docker images AND have a “cache” of stuff from docker hub, you need to run two registries in two different modes.
The one that hits us in self hosted is https://auth.docker.io/
Podman😉
You guys don’t selfhost a registry?
I know this is selfhosted so most people here are hobbyists, but it’s a ton of work to selfhost in enterprise setting. I’d wager 90%+ of people using image registries are using Docker Hub, GHCR, or AWS ECR.
For your personal use, you don’t need an enterprise setting. It’s just a simple compose file that you run.
You can host a registry in pull through mode, so you still have all the images you use locally, but if it’s not in your registry yet, it pulls it from docker hub or whatever.
The only pain point is that a single registry can’t do both. So if you want to push your own docker images AND have a “cache” of stuff from docker hub, you need to run two registries in two different modes.
I hadn’t actually considered that before. What’s your preferred way to do that?
I have just this (which ironically won’t work now cause docker hub is down)
services: registry: restart: always image: registry:2 ports: - 5000:5000 dns: - 9.9.9.9 - 1.1.1.1 volumes: - ../files/auth/registry.password:/auth/registry.password - registry-data:/var/lib/registry environment: REGISTRY_STORAGE_DELETE_ENABLED: true REGISTRY_HEALTH_STORAGEDRIVER_ENABLED: false REGISTRY_HTTP_SECRET: ${REGISTRY_HTTP_SECRET} REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm REGISTRY_AUTH_HTPASSWD_PATH: /auth/registry.password # REGISTRY_PROXY_REMOTEURL: "https://registry-1.docker.io/" volumes: registry-data:I don’t even remember how and when I set it up. I think it might be this: https://github.com/distribution/distribution/releases/tag/v2.0.0
Recently somebody has created a frontend, which I bookmarked but didn’t bother to set up: https://github.com/Joxit/docker-registry-ui
Harbor
Yeah I ran into this as well. Wondered why it needs a call to auth for public container images in the first place.
Oh god, that just 404s for me
https://auth.docker.io/token