How to Create a Private Docker Registry Using AWS and Docker

November 16, 2015

This article will cover creating a Docker Registry leveraging Amazon Web Services (AWS) and a Docker registry container itself. This registry will be built on AWS EC2 instance running Ubuntu 14.04 and leveraging an EBS Volume so that you can take backup snapshots of your registry. This setup will be secured by leveraging VPC and AWS Security Groups. (You should probably put authentication in even if its in your private network but I wont cover that.)

Step 0
Create your AWS Environment

Create a AWS Security Group for your Docker Registry Instance allowing port 80. Launch an AWS EC2 Instance running Ubuntu 14.04 in the designated region and VPC of your choice through the AWS Console applying the Security Group you created. Create and size an AWS EBS Volume to your needs and attach it to the instance you started via the AWS Console.

Step 1
Time Matters!

ubuntu$ sudo apt-get update
 
ubuntu$ sudo ntpdate pool.ntp.org
 
ubuntu$ sudo apt-get install ntp

Step 2
Install Build Tools *just because

ubuntu$ sudo apt-get install build-essential

Step 3
Create a file system for the EBS Volume you created and mount it.

ubuntu$ sudo cat /proc/partitions
 
major minor  #blocks  name
 
   7        0  104857600 loop0
   7        1    2097152 loop1
 202        0  104857600 xvda
 202        1  104848222 xvda1
 252        0  104857600 dm-0
 202       80  104857600 xvdf
 252        1   10485760 dm-1
 
ubuntu$ sudo mkfs -t ext4 /dev/xvdf
 
ubuntu$ sudo mkdir /data
 
ubuntu$ sudo mount /dev/xvdf /data
 
ubuntu$ sudo vim /etc/fstab
 
*ADD BELOW
/dev/xvdf    /data   ext4    defaults    1 1

Step 4
Install Docker

ubuntu$ sudo apt-get update
 
ubuntu$ sudo apt-get -y install docker.io
 
ubuntu$ sudo ln -sf /usr/bin/docker.io /usr/local/bin/docker

Step 5
Install Docker Registry Container

ubuntu$ sudo docker run -d -p 80:5000 --restart=always -v /data:/var/lib/registry registry:2

Step 6
Create a Security Group for your AWS ELB opening port 443 via the AWS Console

Step 7
Create an Internal AWS ELB that has a Load Balancer Port 443 and Server Port 80 and apply the Security Group you created in the previous step, then put your AWS EC2 instance in it. Create friendly DNS CNAME to that load balancer. This is needed since Docker Registry needs to leverage SSL.

Step 8
From a SEPARATE Development Docker Server Test Your New Registry

ubuntu$ sudo docker pull ubuntu
 
ubuntu$ sudo docker tag ubuntu the-dns-name-to-elb/mytestimage:1
 
ubuntu$ sudo docker push the-dns-name-to-your-elb/mytestimage
 
ubuntu$ sudo docker pull the-dns-name-to-your-elb/mytestimage

*NOTES

  • When creating the ELB you will want to apply your SSL Certificate for port 443
  • This setup is only securing things via the network layer in theory you should apply authentication
  • Snapshot your EBS Volume you created at whatever interval you like

Comments are closed.