I struggled for a few hours to get the right set up for a local Docker Registry. This blog post is what ended up working for me.


I’m currently working on a project that’s planning to use Docker Swarm and for making the Docker images availables for all nodes it made a lot of sense setting up a private registry.
The recommended configuration is to set up your private registry with TLS but I could think of a lot of use cases where your registry is not exposed publicly and you want your instances to connect to it using good ‘ol HTTP.


Docker offers a very simple way to fire up a local repository in the Hub’s documentation.

$ docker run -d -p 5000:5000 --restart always --name registry registry:2

That’s literally the only command you have to run to get your registry running, which is great.
But everything comes with a catch, right? Doing this will allow you to pull, push and search images refering only to localhost and if you want to access that registry from another host you will not be able to.

Docker Engine clients are hardwired to enforce TLS for the communication used with registries so you’ll have to add an insecure registry. There’s even a documentation page for how to set it up but it appears to not apply for those operating systems that are using systemd and lucky me, I was running Ubuntu 16.04 on my instances.

After an extensive session of googling around I found an issue from Kamil Tamiola, aka the MVP of the story, with something that was actually working.

Modifying the file under /etc/docker/daemon.json with:

"insecure-registries": ["yourRegistryIP:5000"]

and restarting docker afterwards (sudo service docker restart) worked like a charm.
You should be able to confirm that the insecure registry was added by running docker info.