CentOS Stream 10: Use Private Registry with Podman
Set up a private container image registry using Podman. Configure HTTP, basic authentication, and HTTPS with valid certificates.
May 25, 2026 • 5 min read
centoscentos-stream-10podmanregistrycontainersprivate-registry
Set up a private container image registry using the official Registry image.
Run the Registry Container
Pull the registry image and create persistent storage:
podman pull registry
mkdir /var/lib/containers/registry
Run the registry container (add --privileged if SELinux is Enforcing):
podman run --privileged -d -p 5000:5000 \
-v /var/lib/containers/registry:/var/lib/registry \
registry
Configure Firewall
firewall-cmd --add-port=5000/tcp
firewall-cmd --runtime-to-permanent
Push an Image (HTTP)
Tag an image and push it (use --tls-verify=false for HTTP):
podman tag centos:stream10 dlp.srv.world:5000/centos:stream10
podman push dlp.srv.world:5000/centos:stream10 --tls-verify=false
Enable Basic Authentication
Install httpd-tools and create a user:
dnf -y install httpd-tools
htpasswd -Bc /etc/containers/.htpasswd cent
Run the registry with authentication:
podman run --privileged -d -p 5000:5000 \
-v /var/lib/containers/registry:/var/lib/registry \
-v /etc/containers:/auth \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/.htpasswd \
-e REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm" \
registry
Login and push:
podman login dlp.srv.world:5000 --tls-verify=false
podman push dlp.srv.world:5000/centos:stream10 --tls-verify=false
Enable HTTPS with Valid Certificate
Run the registry with TLS certificates (e.g., Let's Encrypt):
podman run --privileged -d -p 5000:5000 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/fullchain.pem \
-e REGISTRY_HTTP_TLS_KEY=/certs/privkey.pem \
-v /etc/letsencrypt/live/dlp.srv.world:/certs \
-v /var/lib/containers/registry:/var/lib/registry \
registry