Distinguish between multiple docker registries

Hi community,

I’ve got a question for which I didn’t find any answer (maybe I searched wrong):
We’ve got the use case, that we use Nexus for multiple docker registries, e.g. docker hub and github’s registry. As there might be the case, that a package is obtainable from both registries, we’d like to be able to manually distinguish the registries and select them via URL in the docker pull command, e.g.:

docker pull nexus.server/github/somerepo/somepackage:latest
docker pull nexus.server/dockerhub/somepackage:latest

Unfortunately, I did not succeed in setting that up. Is this usecase even possible? I think that this usecase will be more relevant, as more and more registries arise for various packages (gitlab, github, docker, redhat, etc). These registry often are even generic and can host python and npm stuff, which makes this use-case also interesting for us to roll out on these packages, too.

The only solution, which I can see right now would be to setup multiple nexus which doesn’t really make sense to me. I hope someone can help me setting this up in one nexus installation.

Kind regards,
Raphael

Hi Raphael,

In case of a group repository we will traverse all member repositories in the order as specified in group repository’s configuration until the first one returns a matching content - this is true for any format. As you have probably noticed, because of the Docker specification, you have to access you Docker repository via a port connect or a reverse proxy. If you use any of these methods, then you would have to enable them for each repository you would like to have independently accessible.

Just to add to Dawid’s answer…

Docker can’t use “paths” to work out which repository to use, so you can’t have https://nexus.example.com/docker/repo1 and https://nexus.example.com/docker/repo2 or whatever. Instead, you have to use port numbers, so you’d open (say) port 9000 for repo1 and 9001 for repo2. Each repository has to be created with a port number, and they have to be unique. That’ll give you http://nexus.example.com:9000 and http://nexus.example.com:9001 (although docker command lines omit the https:// prefix).

In my case, I’m running an nginx reverse proxy in front of the Nexus web port (so I can use TLS, a certificate, etc). Since I’m doing that, I also use nginx to “reverse proxy” the docker ports too. So in my nginx config I’ve got some stuff about port 443, port 9000, 9001 etc. If I remember correctly, you have to use TLS with Docker, so you’ll need to make sure you provide TLS somewhere/somehow in your setup.

2 Likes