Why Use a Private Docker Registry?

Question

Why would someone use a private docker registry when they could just share their dockerfile's in source control and have docker image consumers build directly from the dockerfile with docker build?

To my untrained eye the private docker registry seems to serve the same purpose as source control except it adds complexity because it's been decoupled from the branch of code that you're in and so you (or your CI/CD server more to the point) has to reconstruct which tag to pull.

Answer 1

When you deploy on real machines (say you have a job that deploys on 10 machines), usually you don't really want to rebuild the image over and over again.

Instead you can build image once, store it somewhere (???) then maybe deploy on test environment, run some tests, make sure its a good image indeed (starts, tests pass, etc) and then deploy on production.

So this "somewhere" means that you should have some registry, and if you don't want to use docker hub - you can use private docker registry.

This makes sense from both security (don't publish on cloud if you don't need to) and performance (moving images between servers in private network is faster).

If you're running kubernetes you can also configure it to pull the images from the docker registry and run pods based on these images as specified in the kubernetes deployment files.

If you're running on AWS you can use docker registry to run services like Fargate or ECS. They will take care of scaling out across machines (pretty much like k8s does) but they still need to take the images from somewhere, well, its a private registry (in this case in the cloud called ECS - Elasctic Container Registry).

Bottom line, in many (simple) cases you can live without it, but in some other cases it comes pretty handy