Docker Tutorials

Docker Registry & Image Management

32 min

Docker Registry & Image Management

Docker Registry & Image Management

Overview

Learn how to manage Docker images using registries, push/pull images, and work with private registries.

Docker Hub

Login to Docker Hub

bash
# Login
docker login

# Logout
docker logout

# Tag image
docker tag myapp:1.0 username/myapp:1.0

# Push to Docker Hub
docker push username/myapp:1.0

# Pull from Docker Hub
docker pull username/myapp:1.0

Private Registries

Docker Registry (Self-Hosted)

bash
# Run registry container
docker run -d -p 5000:5000 --name registry registry:2

# Tag and push
docker tag myapp:1.0 localhost:5000/myapp:1.0
docker push localhost:5000/myapp:1.0

# Pull from private registry
docker pull localhost:5000/myapp:1.0

Private Docker Hub Repository

bash
# Make repository private
# Via Docker Hub UI

# Push to private repo
docker tag myapp:1.0 username/private-repo:1.0
docker push username/private-repo:1.0

# Pull from private repo (requires authentication)
docker pull username/private-repo:1.0

Image Scanning

Built-in Scanning

bash
# Scan with Docker Scout
docker scout cves myapp:1.0

# View detailed report
docker scout recommendations myapp:1.0

Trivy Scanner

bash
# Install Trivy
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh

# Scan image
trivy image myapp:1.0

# Generate report
trivy image --severity HIGH,CRITICAL myapp:1.0

Image Management

Cleanup Old Images

bash
# Remove dangling images
docker image prune

# Remove all unused images
docker image prune -a

# Remove images older than 24 hours
docker image prune --filter "until=24h"

Backup and Restore

bash
# Save image to file
docker save myapp:1.0 | gzip > myapp-1.0.tar.gz

# Load image from file
docker load < myapp-1.0.tar.gz

Best Practices

✅ Docker Registry Best Practices

✅ DO Use version tags instead of latest
Specify exact versions for reproducible deployments
✅ DO Scan images for vulnerabilities
Regular security scanning with Docker Scout or Trivy
✅ DO Use private registries for sensitive images
Keep proprietary code secure in private registries
✅ DO Implement image retention policies
Clean up old images to save storage space
✅ DO Sign images for security
Use Docker Content Trust for image signing
❌ DON'T Push secrets in images
Never include passwords, API keys, or tokens in images
❌ DON'T Use latest tag in production
Always pin specific versions for stability
❌ DON'T Ignore scan warnings
Address security vulnerabilities found in scans

Next Steps

Press j for next, k for previous