Docker Hub and Registries
Docker Hub and Container Registries
Section titled “Docker Hub and Container Registries”A container registry stores and distributes Docker images. Docker Hub is the default public registry. Cloud providers offer private registries for production use.
Docker Hub
Section titled “Docker Hub”Docker Hub is the default registry. When you pull nginx, Docker actually pulls from docker.io/library/nginx:latest.
# Pull an imagedocker pull nginx:alpinedocker pull node:20
# Pull a specific versiondocker pull postgres:16.1-alpine
# Pull with full registry path (equivalent)docker pull docker.io/library/nginx:latestLogging In
Section titled “Logging In”docker login # Docker Hubdocker login myregistry.example.com # private registrydocker login ghcr.io # GitHub Container Registrydocker login registry.gitlab.com # GitLab RegistryCredentials are stored in ~/.docker/config.json.
Tagging and Pushing
Section titled “Tagging and Pushing”# Build and tagdocker build -t myusername/my-app:1.0.0 .docker build -t myusername/my-app:latest .
# Tag an existing imagedocker tag my-app:local myusername/my-app:1.0.0
# Push to Docker Hubdocker push myusername/my-app:1.0.0docker push myusername/my-app:latestTagging Strategy
Section titled “Tagging Strategy”# Tag by version AND latestdocker tag my-app myusername/my-app:1.2.3docker tag my-app myusername/my-app:1.2docker tag my-app myusername/my-app:latest
docker push myusername/my-app:1.2.3docker push myusername/my-app:1.2docker push myusername/my-app:latestUsers pinning 1.2 get patch updates automatically. Pinning 1.2.3 gets no updates.
Cloud Registries
Section titled “Cloud Registries”Azure Container Registry (ACR)
Section titled “Azure Container Registry (ACR)”# Create registryaz acr create --name myregistry --resource-group my-rg --sku Basic
# Loginaz acr login --name myregistry
# Push imagedocker tag my-app myregistry.azurecr.io/my-app:1.0docker push myregistry.azurecr.io/my-app:1.0Google Artifact Registry
Section titled “Google Artifact Registry”# Configure Docker authenticationgcloud auth configure-docker europe-west2-docker.pkg.dev
# Push imagedocker tag my-app europe-west2-docker.pkg.dev/my-project/my-repo/my-app:1.0docker push europe-west2-docker.pkg.dev/my-project/my-repo/my-app:1.0Amazon ECR
Section titled “Amazon ECR”# Authenticateaws ecr get-login-password --region eu-west-2 | \ docker login --username AWS --password-stdin 123456789.dkr.ecr.eu-west-2.amazonaws.com
# Pushdocker tag my-app 123456789.dkr.ecr.eu-west-2.amazonaws.com/my-app:1.0docker push 123456789.dkr.ecr.eu-west-2.amazonaws.com/my-app:1.0GitHub Container Registry (GHCR)
Section titled “GitHub Container Registry (GHCR)”# Login with a Personal Access Tokenecho $CR_PAT | docker login ghcr.io -u USERNAME --password-stdin
# Pushdocker tag my-app ghcr.io/myusername/my-app:1.0docker push ghcr.io/myusername/my-app:1.0Images pushed to GHCR are associated with your GitHub repository — useful for open-source projects.
GitHub Actions Pipeline
Section titled “GitHub Actions Pipeline”name: Build and Push
on: push: branches: [main]
jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4
- name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_TOKEN }}
- name: Build and push uses: docker/build-push-action@v5 with: push: true tags: | myusername/my-app:latest myusername/my-app:${{ github.sha }}Useful Commands
Section titled “Useful Commands”# List local imagesdocker images
# Remove an imagedocker rmi myusername/my-app:1.0
# Remove all unused imagesdocker image prune -a
# Inspect an image (layers, config)docker inspect myusername/my-app:1.0
# View image history (layers)docker history myusername/my-app:1.0
# Search Docker Hubdocker search nginx.dockerignore
Section titled “.dockerignore”Prevent secrets and unnecessary files from being sent to the build context:
.git.gitignorenode_modulesdist.env.env.**.logREADME.mdDockerfile*.dockerignore