- use a proxy server and enable only the docker registries
- use a “pull through cache” registry and access only your registry on LAN network which has access to Docker Hub and use the original image names
- Download allowed images manually or with some automation tool like cronjob, and
- push them to your registry with a different name.
- or export them using
docker save, copy them to other servers and load them using
I recommend these based on my experiences since these are what I have already used… The solution you choose depends on what is more important to you. Setting a proxy can be complicated since you have to find out what domains you have to allow on the proxy, but sometimes one registry redirects to other domains. You can set up a registry without restrictions and download images, then check the access logs looking for used domains, although sometimes these domains are changing.
I am not sure because it was long ago, but if I remember well, the cache registry has some limitations. For example I am not sure if it can be used for multiple registries.
Using an exported copy of images requires some automation or regular manual work.
Using a local registry could be the best solution if you don’t mind renaming the official images.
(I was slow again :D)