πͺ Docker Registries: Your Image Supermarket
Imagine you baked the most amazing cake. Now you want to share it with friends or keep it safe for later. Where do you store it? In a special bakery fridge, of course! Docker registries are exactly that β special storage places for your container images!
π― What Youβll Learn
- What Docker registries are and why they matter
- How Docker Hub works (the biggest registry)
- Public vs Private registries
- How to log in and authenticate
π¦ What is a Docker Registry?
Think of a Docker registry like a huge library for container images.
πͺ Registry = Storage place for Docker images
π¦ Image = Your app packaged and ready to run
Just like a library stores books, a registry stores images. When you need an image, you βcheck it outβ (pull). When you create one, you βdonate itβ (push).
graph TD A[Your Computer] -->|push| B[Registry] B -->|pull| C[Any Other Computer] B -->|pull| D[Server] B -->|pull| E[Cloud]
Real-Life Example
When you run:
docker pull nginx
Docker goes to a registry, finds the nginx image, and downloads it to your computer. Magic! β¨
π Docker Hub: The Main Library
Docker Hub is the default and biggest Docker registry. Itβs like the main public library everyone knows.
Quick Facts
| Feature | What It Means |
|---|---|
| π Free tier | Yes! Anyone can use it |
| π Millions of images | nginx, python, node, etc. |
| π Official images | Verified by Docker team |
| π Address | hub.docker.com |
How Docker Hub Works
When you type a simple image name like nginx, Docker automatically looks in Docker Hub:
# These two commands do the same thing!
docker pull nginx
docker pull docker.io/library/nginx
Itβs like saying βGet me that bookβ β the librarian knows exactly where to look!
Finding Images on Docker Hub
- Official Images β Made by Docker team (blue badge β)
- Verified Publisher β From trusted companies
- Community Images β Made by regular users
π Official: nginx, mysql, redis
π’ Publisher: microsoft/dotnet
π€ Community: someuser/myapp
π Public vs Private Registries
Hereβs the big question: Should everyone see your images?
Public Registries π’
Like a public library β anyone can browse and borrow.
β
Great for:
- Open source projects
- Sharing with the world
- Learning from others
β Not good for:
- Secret company code
- Private applications
- Sensitive data
Private Registries π
Like your personal safe β only you (and people you trust) can access.
β
Great for:
- Company applications
- Secret projects
- Paid software
Popular options:
- Docker Hub (private repos)
- AWS ECR
- Google Container Registry
- Azure Container Registry
- Self-hosted (Harbor, Nexus)
Quick Comparison
graph LR A[Your Image] --> B{Public or Private?} B -->|Public| C[Everyone can pull] B -->|Private| D[Only authorized users]
| Type | Who Can See? | Cost | Example |
|---|---|---|---|
| Public | Everyone | Free | Docker Hub public |
| Private | Only you/team | Often paid | AWS ECR, private repos |
π Registry Authentication
To push images or access private registries, you need to prove who you are. This is called authentication.
The docker login Command
# Log into Docker Hub
docker login
# You'll see:
# Username: yourname
# Password: ********
# Login Succeeded β
Thatβs it! Now Docker remembers you.
Logging Into Other Registries
Different registries have different addresses:
# Docker Hub (default)
docker login
# AWS ECR
docker login <account>.dkr.ecr.<region>.amazonaws.com
# Google Container Registry
docker login gcr.io
# GitHub Container Registry
docker login ghcr.io
How Authentication Works
graph TD A[You type docker login] --> B[Enter username + password] B --> C[Registry checks credentials] C --> D{Valid?} D -->|Yes| E[Token saved locally] D -->|No| F[Access denied] E --> G[Now you can push/pull!]
Where Credentials Are Stored
After logging in, Docker saves your credentials safely:
π ~/.docker/config.json
This file keeps your login info so you donβt need to type it every time.
Logging Out
Done working? Always log out on shared computers:
docker logout
πͺ Putting It All Together
Letβs see the complete flow:
Step 1: Log In
docker login
# Enter your Docker Hub credentials
Step 2: Tag Your Image
docker tag myapp:latest yourname/myapp:v1
Step 3: Push to Registry
docker push yourname/myapp:v1
Step 4: Anyone Can Pull (if public)
docker pull yourname/myapp:v1
π§ Key Takeaways
| Concept | One-Line Summary |
|---|---|
| Registry | Storage place for Docker images |
| Docker Hub | The default, biggest public registry |
| Public | Anyone can see and download |
| Private | Only authorized users can access |
docker login |
Prove who you are to push/pull |
π‘ Pro Tips
- Always use official images when possible β theyβre safer!
- Donβt put secrets in images β use environment variables instead
- Tag your images properly β
v1.0.0is better thanlatest - Log out on shared computers β protect your account!
π You Did It!
Now you understand Docker registries! You know:
- β What registries are (image storage)
- β How Docker Hub works (the main library)
- β Public vs private (who can see?)
- β Authentication (proving who you are)
Think of it this way: registries are like cloud storage for your apps. Push to share, pull to use. Simple! π