Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
How to change the default docker registry from docker.io to my private registry #33069
Is there any way to set default registry as my private registry instead of docker.io ?
referenced this issue
May 7, 2017
I think this is a useful feature since at company level is normal to have an internal registry that caches also the docker hub but allows developers to push their own containers.
All package management systems allows you to configure the default source, but docker does not allow the open source community to do it?
If you want to have a pull-through mirror, then you can set that up with docker today by setting a
The problem is due to early design decisions, an image name (e.g.
What we want to do is have
This is a ridiculous decision to not support alternate default registries. Oh, I'm sorry, we've decided git will only default to github.com going forward, so every time you git pull or push, you have to type the remote origin fq-repo. (Yeah, yeah, I know the fq-repo is stored locally in the config, that's not the point)
Come on, this is not a security risk. You really think someone is going to hijack stuff accidentally or maliciously? Ever heard of running your own DNS internally so you can have nice and convenient short urls that are meaningful?
It's time someone went old school Linus on your asses to say just how stupid this is. You aren't going to break any compatibility by supporting this. The fact that "ubuntu" means "ubuntu" on docker.io is just a default. If you want a different default but still want docker.io/ubuntu, then you have to type it out. It's sooo much more security minded to require an fq-repo for public things than for your private things. FFS - if I want dev, qa, and prod repos, I should be able to have that rather than having to tag things as <account_num>.dkr.ecr.us-west-2.amazonaws.com/foo:bar. That's so clunky.
There's no real trust, as anyone who is allowed to contribute to that repo can upload anything they want. Docker.io doesn't curate the content, they're just a repo, like github. On top of that, it's standard practice for engineering organizations to audit the open source stuff they use for security and lock to known, safe versions, as well as just known well behaving versions. People don't operate in "latest" land if they know what they're doing.