SH
SHELL
AI Powered Learning Portal
Module 11 Lesson 1: Docker Registries
·DevOps

Module 11 Lesson 1: Docker Registries

Where images live. Explore the major Docker registries like Docker Hub, GitHub Container Registry (GHCR), and AWS ECR to choose the right library for your images.

docker-registrydocker-hubghcrecrartifacts

Module 11 Lesson 1: Docker Registries

A Registry is the "Library" or "Cloud Storage" where you store your Docker images so they can be downloaded by other servers or teammates.

1. Public vs. Private Registries

  • Public: Anyone in the world can "Pull" your image. Best for Open Source. (Example: Official Nginx).
  • Private: Only people with a password/token can see the images. Essential for company code and proprietary apps.

2. The Major Players

A. Docker Hub

The "Original" and largest registry.

  • Pros: Largest collection of images; built-in to the docker CLI.
  • Cons: Free tier has "Rate Limits" (you can only pull so many times per hour).

B. GitHub Container Registry (GHCR)

Best for developers already using GitHub.

  • Pros: Integrated with your GitHub permissions/teams; free for public repos.
  • Login: docker login ghcr.io

C. Cloud-Native Registries (AWS ECR, GCP GCR, Azure ACR)

Best if your app is already running on those platforms.

  • Pros: Extreme speed (since the images are in the same data center as your servers); superior security integration (IAM).

3. Self-Hosted Registries (Harbor)

For high-security environments, you can run your own registry container.

  • Harbor is the most popular open-source tool for this. It includes built-in vulnerability scanning and role-based access control.

4. The Registry URL Structure

When you don't specify a URL, Docker assumes Docker Hub. Otherwise, the registry is part of the name:

  • my-app:v1 -> Looks on Docker Hub.
  • ghcr.io/my-user/my-app:v1 -> Looks on GitHub.
  • 123456789.dkr.ecr.us-east-1.amazonaws.com/my-app:v1 -> Looks on AWS.

Exercise: The Registry Safari

  1. Identify where your team currently stores its source code (GitHub, GitLab, Bitbucket).
  2. Check if that platform has a built-in "Container Registry" (GitHub does, GitLab does).
  3. Why would a company choose AWS ECR even if they have to pay for it, rather than using the free tier of Docker Hub?
  4. Research: What is a "Pull Through Cache" and how does it help a company avoid Docker Hub rate limits?

Summary

Registries are the "Supply Chain" of your software. By choosing the right registry, you ensure that your images are secure, close to your servers, and easy for your team to manage.

Next Lesson: Sharing with the world: Pushing and pulling images.

Previous LessonModule 10 Lesson 5: Securing Container Comms
Next LessonModule 11 Lesson 2: Pushing and Pulling Images

Subscribe to our newsletter

Get the latest posts delivered right to your inbox.

Subscribe on LinkedIn