Docker Registries
A registry is a storage and distribution system for Docker images.
Docker Hub
Docker Hub is the default public registry.
Authentication
# Login to Docker Hub
docker login
# Login with credentials
docker login -u USERNAME
# Logout
docker logout
# Login to other registries
docker login registry.example.comPulling Images
# Pull from Docker Hub
docker pull nginx
docker pull nginx:1.25-alpine
# Full format
docker pull docker.io/library/nginx:latest
# Pull from other registry
docker pull gcr.io/google-containers/nginx
docker pull ghcr.io/owner/image:tagPushing Images
# Tag for Docker Hub
docker tag myapp:1.0 username/myapp:1.0
# Push to Docker Hub
docker push username/myapp:1.0
# Tag for private registry
docker tag myapp:1.0 registry.example.com/myapp:1.0
# Push to private registry
docker push registry.example.com/myapp:1.0Image Naming Convention
[REGISTRY/][NAMESPACE/]REPOSITORY[:TAG]
Examples:
nginx # Official image
username/myapp:1.0 # User image
gcr.io/project/myapp:latest # Google Container Registry
ghcr.io/owner/image:tag # GitHub Container Registry
registry.example.com/app:v1 # Private registryRunning Private Registry
# Run local registry
docker run -d -p 5000:5000 --name registry registry:2
# Tag and push to local registry
docker tag myapp:1.0 localhost:5000/myapp:1.0
docker push localhost:5000/myapp:1.0
# Pull from local registry
docker pull localhost:5000/myapp:1.0Registry with Persistent Storage
# docker-compose.yml
services:
registry:
image: registry:2
ports:
- "5000:5000"
volumes:
- ./registry-data:/var/lib/registry
environment:
REGISTRY_STORAGE_DELETE_ENABLED: "true"Image Tagging Strategies
| Strategy | Example | Use Case |
|---|---|---|
| Semantic Version | myapp:1.2.3 |
Production releases |
| Git SHA | myapp:abc123 |
Traceability |
| Date-based | myapp:2025-01-15 |
Daily builds |
| Branch | myapp:develop |
Development |
| Latest | myapp:latest |
Default (avoid in prod) |
# Multiple tags for same image
docker tag myapp:abc123 myapp:1.2.3
docker tag myapp:abc123 myapp:latest
docker push myapp:1.2.3
docker push myapp:latestSearching Images
# Search Docker Hub
docker search nginx
docker search --limit 5 nginx
# Filter by stars
docker search --filter stars=100 nginx
# Filter official images
docker search --filter is-official=true nginxBest Practices
- Use specific tags - Avoid
latestin production - Sign your images - Use Docker Content Trust
- Scan for vulnerabilities -
docker scout cves IMAGE - Use minimal base images - Alpine, distroless
- Multi-arch images - Support multiple platforms
- docker hub
- registry
- push
- pull
- authentication