Skip to main content

Docker Registries and Image Distribution

Introduction

So far, you’ve learned how to build Docker images and manage containers. But how do you share your images with your team, deploy them to production, or reuse them across projects? This is where Docker registries come in. Docker registries provide a centralized place to store, distribute, and manage Docker images.

In this lesson, you’ll learn about:

  • What Docker registries are and why they matter
  • Working with Docker Hub (the default public registry)
  • Using private registries for internal use
  • Pushing and pulling images
  • Understanding image tags and versioning
  • Common pitfalls and best practices

What is a Docker Registry?

A Docker registry is a storage and distribution system for Docker images. Registries can be public (e.g., Docker Hub) or private (e.g., self-hosted or cloud provider registries).

Key Concepts

  • Registry: Stores repositories of images.
  • Repository: A collection of related images (often different versions/tags of the same app).
  • Image: A snapshot of a container’s file system and configuration.

Docker Hub: The Default Public Registry

Docker Hub (https://hub.docker.com) is the most widely used public registry. It allows you to:

  • Store public and private images
  • Share images with others
  • Search for official and community images

Logging in to Docker Hub

Before you can push or pull private images, you must log in:

docker login

You’ll be prompted for your Docker Hub username and password.

Pulling Images from a Registry

You’ve already used docker pull to fetch images. By default, this pulls from Docker Hub.

docker pull nginx:latest

How it works:

  • If no registry is specified, Docker assumes Docker Hub.
  • You can specify other registries by prefixing the image name:
docker pull myregistry.example.com/myproject/myimage:tag

Pushing Images to a Registry

To share your own image, you need to tag it with the registry address and push.

1. Tag the Image

docker tag myapp:latest myusername/myapp:1.0

Or for a custom/private registry:

docker tag myapp:latest myregistry.example.com/myproject/myapp:1.0

2. Push the Image

# For Docker Hub
docker push myusername/myapp:1.0

# For a private registry
docker push myregistry.example.com/myproject/myapp:1.0

Using Private Docker Registries

For security or compliance, you may need a private registry.

Options

  • Docker Hub Private Repos: Limited free, paid for more.
  • Self-hosted Registry: Use Docker’s official registry image.
  • Cloud Registries: AWS ECR, Google GCR, Azure ACR, etc.

Running a Local Registry

You can run a registry locally for testing:

docker run -d -p 5000:5000 --name registry registry:2

Tag and push an image:

docker tag myapp:latest localhost:5000/myapp:1.0
docker push localhost:5000/myapp:1.0

Pull it:

docker pull localhost:5000/myapp:1.0

Image Tags and Versioning

Tags let you differentiate image versions.

  • latest: The default tag if none specified.
  • Custom tags: e.g., 1.0, 2024-06-01, dev

Best Practice: Always use explicit, meaningful tags in production.

docker tag myapp:latest myusername/myapp:2024-06-01
docker push myusername/myapp:2024-06-01

Use Cases

  • CI/CD Pipelines: Automatically build and push images to a registry, then deploy from there.
  • Team Collaboration: Developers share and pull common images.
  • Deployment: Orchestration tools (like Kubernetes) pull images from a registry.

Common Mistakes and Pitfalls

  • Forgetting to Tag Images: If you don’t tag with the registry address, docker push will fail.
  • Using latest in Production: This can lead to unexpected changes—always pin to a specific tag.
  • Authentication Issues: Failing to log in to private registries will cause push/pull operations to fail.
  • Exposing Private Registries: Always secure private registries (HTTPS, access controls).
  • Cleaning Up Old Images: Registries can fill up with unused images; implement pruning policies.

Summary

  • Docker registries store and distribute images for reuse and deployment.
  • Docker Hub is the default public registry; private registries are available for sensitive or internal use.
  • Tag images with the registry address before pushing.
  • Use meaningful tags for versioning and reproducibility.
  • Secure and maintain your registries properly.

Quiz

1. What is the command to push an image named myapp:1.0 to Docker Hub under your username alice?

Details

Answer docker tag myapp:1.0 alice/myapp:1.0
docker push alice/myapp:1.0

2. Why should you avoid using the latest tag in production deployments?

Details

Answer Because latest can change unexpectedly, leading to deployments with unintended versions of your image. Always use explicit, versioned tags for reproducibility.

3. How do you run a simple private Docker registry locally? Provide the command.

Details

Answer docker run -d -p 5000:5000 --name registry registry:2

4. What will happen if you try to push an image to a private registry without logging in (when authentication is required)?

Details

Answer The push will fail with an authentication error.

5. How do you pull an image named webapp:2.0 from a registry at myregistry.example.com?

Details

Answer docker pull myregistry.example.com/webapp:2.0

End of Lesson