Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Image sourcePublic imageLogin required
DockerhubNoYes, dockerhubDockerhub
C4science registryYes


C4science registryNoYes, c4science registry

When using authentication, it's relative to the source you want to use (dockerhub Dockerhub and c4science registry supported) and the authentication is saved per cluster.

You need to ask for an account on the c4science registry, see Account request.

NOTE: By defaut, shiterimg is pulling from c4science registry, you have to specify for Dockerhub

Upload an image to Shifter from


Dockerhub using the (preferred)


You need to have Docker installed on your machine

  1. Get a docker image from dockerhub Dockerhub for instance (From local computer)

    Code Block
    $ docker pull alpine:latest
    $ docker images

  2. Set up your machine (From local computer)

    Login on the registry from your local Docker installation (you need an account, see Account request)

    Code Block
    $ docker login
    Username (username): username
    Login Succeeded

  3. Upload a Docker image to the registry (From local computer)

    • On the web interface, create a Project on the registry (private or public)
    • Tag the image you want to upload on your local machine and push it to the registry
      NOTE: Do not use the `-` character in the tag name, only letters, numbers and underscore

      Code Block
      $ docker tag alpine:latest
      $ docker push

  4. Pull an image on Shifter and specify a user or group ACL (From cluster login node)

    • From each cluster frontend (i.e.:, login to the registry, pull the image and check it's was pulled with success.

      Code Block
      $ shifterimg login
        default username: <username>
        default password:
      $ shifterimg pull yourproject/alpine:latest
      $ shifterimg images
      tcm        docker     READY    9797e5e798   2018-03-15T16:00:59 yourproject/alpine:latest

    • You can specify one or multiple (separated by a comma) LDAP username and/or group so the image is only available to those people

      Code Block
      $ id
      $ shifterimg --group scitas-ge --user aubort,user2 pull yourproject/alpin

    • To update the user/group ACL you can re-run the pull command
    • The images are unique for each cluster (deneb, fidis, helvetios, izar)
    • To view the full info about the images (warning: JSON):

      Code Block
      $ shifterimg -v images
      Message: {
        "list": [
            "ENTRY": null, 
            "ENV": [
            "WORKDIR": "MISSING", 
            "groupACL": [], 
            "id": "9797e5e798a034d53525968de25bd25c913e7bb17c6d068ebc778cb33e3ff6e5", 
            "itype": "docker", 
            "last_pull": 1536842228.15727, 
            "status": "READY", 
            "status_message": "", 
            "system": "fdata2-int.fidis", 
            "tag": [
            "userACL": []

Upload an image directly from


Dockerhub to Shifter

Optionnal Optional (needed for private dockerhub images only)

Code Block
$ shifterimg login

Get the image from dockerhub Dockerhub by specifying the image account (optionnal optional for official image) and name