[Satellite 6] How to create Internal docker registry on Red Hat Satellite 6 using SSL and Non-SSL methods.

Solution Verified - Updated -

Environment

  • Red Hat Satellite 6
  • Red Hat Enterprise Linux 7

Issue

  • How to create Internal docker registry on Red Hat Satellite 6 using SSL and Non-SSL methods.

Resolution

  • Create Docker Product, Docker Repository on Red Hat Satellite 6
- Create Custom Product and Custom Repository with type as 'docker'
- Sync docker images from Upstream registry ie- 'registry.access.redhat.com' OR 'https://registry-1.docker.io'
- This would show Published At URL like 'satellite.example.com:5000/default_organization-docker_product-docker_repo'.
where satellite.example.com = Satellite Server HostName , default_organization = Organization Name, docker_product = Product Name, docker_repo  = Repository Name
- Once sync is done,  Click on `Manager Docker Manifests` or `Manage Docker Images` and note the Tag ID.
Eg:- 6.7-32
  • Building Custom Images using Red Hat Satellite 6 as Docker Registry Server
- Install docker packages on Red Hat Satellite Server available in `rhel-7-server-extras-rpms`
- On Satellite cli, create Dockerfile under any directory and write the sample code as below:-
vi Dockerfile
FROM localhost:5000/default_organization-docker_product-docker_repo:6.7-32
RUN touch /usr/local/bin/hello
RUN echo "Hi, Welcome to Docker, World !!!" >> /usr/local/bin/hello
RUN chmod 777 /usr/local/bin/hello

- # docker build -t <IMAGE NAME> .           >>>>>>        Note:- build must be performed where Dockerfile is written.
- # docker images
  • On Docker Client, Pull,Push,Search images that are synced on Red Hat Satellite6 (non-ssl)
- Install docker package on docker client available in "rhel-7-server-extras-rpms".
- vi to /etc/sysconfig/docker
INSECURE_REGISTRY='--insecure-registry satellite5.example.com:5000'  >>> Replace satellite5.example.com:5000 with your Satellite host details.
- # systemctl restart docker
- # docker pull default_organization-docker_product-docker_repo:6.7-32
  • Create Docker Registry on Red Hat Satellite 6 (ssl).
- On Red Hat Satellite Server Install docker-registry package and create self.key and self.crt file using openssl.
   # openssl genrsa -out /etc/pki/tls/private/self.key 1024
   # openssl req -new -key /etc/pki/tls/private/self.key -x509 -out /etc/pki/tls/certs/self.crt
  • On Docker Client.
# mkdir -p /etc/docker/certs.d/<Satellite registry Server Name>:5000
# scp root@satellite.example.com:/etc/pki/tls/certs/self.crt /etc/docker/certs.d/docker.example.com\:5000/ca.crt   >>>> docker.example.com is RHEL docker client and satellite.example.com is Red Hat Satellite Registry Server.
# systemctl restart docker.
  • On Docker Client, test SSL Registry.
# docker pull satellite.example.com:5000/<IMAGE>/<TAG ID>
  • To create Local registry on custom port on Red Hat Satellite 6, edit config.yml file and restart docker-distribution service.
# yum install docker-distribution
# vi /etc/docker-distribution/registry/config.yml 
http:
    addr: :6000           ## Changed 5000 to 6000
# systemctl restart docker-distribution.service

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.