Run a Private podman Registry #
podman pull registry
podman run -it -d -p 5000:5000 --name baeldung-registry registry
podman pull centos
podman tag centos:latest localhost:5000/baeldung-centos
Push an Image to the Private Registry #
podman push localhost:5000/baeldung-centos
Pull an Image From the Private Registry #
podman images
podman pull localhost5000/baeldung-centos
Set up Authentication for a Private Registry #
podman allows us to store the images locally on a centralized server, but sometimes, it's necessary to protect the images from external abuse. In that case, we'll need to authenticate the registry with the basic htpasswd authentication.
Let's first create a separate directory to store the podman registry credentials:
mkdir -p podman_registry/auth
Next, let's run an httpd container to create a htpasswd protected user with a password:
cd podman_registry &&
podman run \
--entrypoint htpasswd \
httpd:2 -Bbn baeldung-user baeldung > auth/htpasswd
The above command will create a user with an htpasswd authenticated password. The details of the credentials are stored in the auth/htpasswd file.
Now, let's run the same podman registry container using the auth/htpasswd authentication file:
podman run -itd \
-p 5000:5000 \
--name registry \
-v "$(pwd)"/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
registry
3a497bafed4adb21a5a3f0b52307b4beaa261c6abe265e543cd8f5a15358e29d
Since the podman registry is running with the basic authentication, we can now test the login using:
podman login localhost:5000 -u baeldung-user -p baeldung
Once successfully logged in to the podman registry, we can both push and pull images in the same way we discussed above.
Quick Version #
podman run -d -p 5000:5000 --restart always --name registry registry
Now, use it from within podman:
podman pull ubuntu
podman tag ubuntu localhost:5000/ubuntu
podman push localhost:5000/ubuntu