Setting Up a Private Docker Registry Using Nexus

Ayush DabhiAyush Dabhi
2 min read

Prerequisites

  • Ubuntu 24.04 server

  • Instance type: t2.medium

  • Disk: 25GB

  • Security Group (SG) open inbound ports: 3000-10000, 80, 443, 22

Step 1: Install Docker

First, update the package index and install Docker.

sudo apt update -y
sudo apt install docker.io -y
sudo usermod -aG docker $USER

To apply the group changes, either log out and log back in, or run:

newgrp docker

Step 2: Setup Nexus Using Docker

Run Nexus in a Docker container.

docker run -d -p 8081:8081 -p 5000:5000 sonatype/nexus3

  • Port 5000 will be used for the Docker registry.

  • Nexus web interface will run on port 8081.

Step 3: Configure Nexus

  1. Allow a few minutes for Nexus to start.

  2. Access the Nexus container to retrieve the admin password.

docker exec -it <container_id> /bin/bash
cat sonatype-work/nexus3/admin.password

  1. Log in to the Nexus web interface at http://<your-server-ip>:8081 using the retrieved password.

  2. Follow the prompts to set a new password.

Create Docker (hosted) Repository

  1. Navigate to SettingsRepositoryCreate RepositoryDocker (hosted).

  2. Configure the repository as needed.

  3. Enable Docker Bearer Token Realm:

    • Go to SecurityRealms.

    • Add Docker Bearer Token Realm to the active realms.

    • Save the changes.

Step 4: Configure Docker to Use Insecure Registry

Since the Nexus registry will use HTTP, we need to configure Docker to allow insecure registries.

  1. Edit Docker's daemon configuration.
cd /etc/docker
sudo nano daemon.json
  1. Add the following configuration:
{
  "insecure-registries": ["<your-nexus-ip>:5000"]
}
  1. Restart Docker.
sudo systemctl restart docker
  1. Start the Nexus container again if it stopped.
docker start <container_id>

Step 5: Testing the Implementation

  1. Log in to your private registry.
docker login <your-nexus-ip>:5000
  1. Tag and push a Docker image to the Nexus repository.
docker tag hello-world:latest <your-nexus-ip>:5000/hello-world:latest
docker push <your-nexus-ip>:5000/hello-world:latest

Key Points

  • We are pushing a digital representation of the image, which is significantly smaller than the full image size.
0
Subscribe to my newsletter

Read articles from Ayush Dabhi directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#PrivateRegistry#DockerSecurity #SecureDevOps DockerDevops#NexusUbuntuDevOps toolscontainerizationTech TutorialserversetupCloud Computingdevopsengineering

Written by

Ayush Dabhi
Ayush Dabhi