Best practise for dedicated docker image source for a company


ever since docker implemented the image limit on anonymous pulls, we have had the problem of sporadically hitting the pull rate limit.

Now my question is, what is the easiest way to incorporate a docker account with a higher rate limit into our company intranet?

We currently have next to no control over who is pulling images through our proxy server and we dont want to implement complex user- or team-specific access-structures.

The ideal solution would be a kind of “docker-proxy” that we can setup to use a docker account and to function as a kind of relay-server for image requests. We would specify that server as a proxy-server in docker and any docker-client wanting to pull an image would use THAT servers docker account and thus not hit the anonymous rate limit.

Is such an idae feasable? What are the potential risks involved?

Thank you for you help!


Turns out what I need is a docker mirror aka a pul-through registry: