Private Podman Registry.

· e22's blog

Create a private repo for your containers.

Run a Private podman Registry #

podman pull registry
podman run -it -d -p 5000:5000 --name baeldung-registry registry

podman pull centos
podman tag centos:latest localhost:5000/baeldung-centos

Push an Image to the Private Registry #

podman push localhost:5000/baeldung-centos

Pull an Image From the Private Registry #

podman images
podman pull  localhost5000/baeldung-centos

Set up Authentication for a Private Registry #

podman allows us to store the images locally on a centralized server, but sometimes, it's necessary to protect the images from external abuse. In that case, we'll need to authenticate the registry with the basic htpasswd authentication.

Let's first create a separate directory to store the podman registry credentials:

mkdir -p podman_registry/auth

Next, let's run an httpd container to create a htpasswd protected user with a password:

cd podman_registry &&
podman run \
  --entrypoint htpasswd \
  httpd:2 -Bbn baeldung-user baeldung > auth/htpasswd

The above command will create a user with an htpasswd authenticated password. The details of the credentials are stored in the auth/htpasswd file.

Now, let's run the same podman registry container using the auth/htpasswd authentication file:

podman run -itd \
  -p 5000:5000 \
  --name registry \
  -v "$(pwd)"/auth:/auth \
  -e "REGISTRY_AUTH=htpasswd" \
  -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
  -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
  registry
  3a497bafed4adb21a5a3f0b52307b4beaa261c6abe265e543cd8f5a15358e29d

Since the podman registry is running with the basic authentication, we can now test the login using:

podman login localhost:5000 -u baeldung-user -p baeldung

Once successfully logged in to the podman registry, we can both push and pull images in the same way we discussed above.

Quick Version #

podman run -d -p 5000:5000 --restart always --name registry registry

Now, use it from within podman:

podman pull ubuntu
podman tag ubuntu localhost:5000/ubuntu
podman push localhost:5000/ubuntu

e22@2022