Login
      Contents x
      Container Registry overview
        • Print
        • PDF
        Contents

        Container Registry overview

          • Print
          • PDF
          Article Summary

          Available in Classic and VPC

          NAVER Cloud Platform's Container Registry is a private Docker container image storage with Docker Registry v2 specifications. You can use it to easily save, manage, and distribute container images. It takes the burden off developers since they no longer have to build their own container registry and infrastructure, thus simplifying container development.

          A variety of features Container Registry offers

          Please see below for detailed descriptions about the variety of features that Container Registry offers.

          • Docker container image management: The Container Registry and NAVER Cloud Platform servers can be used in integration. You can define the registry (image storage) of Container Registry using namespace, view or delete Docker container images, and manage metadata through the Container Registry's dashboard.
          • Docker support and linkage with Container Registry: It supports the Docker registry HTTP API V2, and you can link with NAVER Cloud Platform's Container Registry using Docker CLI commands.
          • Collaborations and access control through segmentation of permissions: You can set API jobs (change, view) that can be executed on Container Registry by users, so you can share the storage with other users. You can also control and monitor permissions using Sub Account. The policy can be segmented as you can specify different permissions by user and role.
            • Manager permissions (Change, View): permission to upload (Push) or download (Pull) Docker container images to Container Registry, and delete registries and container images
            • Viewer permissions (View): permission to download (Pull) container images
          • Provision of public/private endpoints: It provides public endpoints and private endpoints that can be safely used only within the internal network environment of NAVER Cloud Platform. Private endpoints block user access through external networks to reinforce security.
          • Reinforced security through container vulnerability analysis: The security vulnerabilities in container images registered on Container Registry can be analyzed, and their vulnerabilities can be identified based on the CVE system. Based on the provided scan results, the vulnerabilities can be removed to reinforce security of the container.
          • Storage of container images in the cloud: Uploaded private Docker container images are stored on Object Storage of NAVER Cloud Platform, so developers can focus on developing containers without needing to worry about infrastructure for image storage.

          About Container Registry guide

          Container Registry provides services in Korea and Singapore regions. The service content is identical in both regions. Please check the following table of contents and their details for smooth use of Container Registry.

          NAVER Cloud Platform provides a variety of related resources as well as the guide to help customers better understand Container Registry. If you are a developer or marketer in need of detailed information while you are considering adopting Container Registry or establishing data related policies, then please make good use of the resources below.

          Please check FAQs first.

          You can get your questions answered quickly by referring to the answers in the FAQ before reading the guide. If you haven't found the answer to your question in the FAQ below, then search the guide for what you'd like to know.

          Q. How do I log in to Container Registry in the CLI environment?

          • If you select the registry you want to log in to from the Container Registry menu of the NAVER Cloud Platform console, then you can check the command for logging in from the Access commands field in Details.
          • Use the authentication key for the ID and password to log in to the registry. You can check the authentication key from Portal > My Page > Manage account > Manage authentication key. Use the Access Key ID as the ID, and Secret Key as the password.
          • When logging in to the registry with a sub account, use the API authentication key as the ID. If API Gateway access in the sub account's Access type is activated, then the API authentication key can be viewed and managed from the [Access Key] tab in the details displayed after selecting the sub account from the Services > Management > Sub Account menu in the NAVER Cloud Platform console.

          Q. Can I grant Container Registry permissions to sub accounts?

          • You can grant permissions for the registry from the Sub Account > Sub Accounts menu in the NAVER Cloud Platform console.
          • The available permissions include manager (NCP_CONTAINER_REGISTRY_MANAGER) and viewer (NCP_CONTAINER_REGISTRY_VIEWER) permissions. The manager has Push and Pull permissions for Docker container images, and the viewer only has Pull permissions.
          • In addition, the manager gets registry creation and deletion, image deletion, and metadata modification permissions.

          Q. Can I enter notes for images uploaded to Container Registry?

          • Container Registry allows two types of notes to be entered for uploaded images: Short description and Full description.
          • For Short description, simple notes under 100 characters can be entered.
          • The Full description supports markdown format, which allows richer description of metadata for the image.

          Q. How much is Container Registry

          • Container Registry does not charge a separate management cost. The fees for the use of Object Storage linked to the registries are charged. You only need to pay the fees for the amount of data stored in Object Storage, number of API calls, and network transmissions.

          Q. Can I modify the content of the Object Storage's bucket linked to Container Registry?

          • Container Registry provides push and pull features for private Docker container images in linkage with Object Storage. You need to be careful since proper operation may not be provided when modifying or deleting the content of the Object Storage bucket.

          Q. What are private endpoints? (VPC)

          • Private endpoints are Container Registry endpoints that are only available within the NAVER Cloud Platform's VPC network. Using private endpoints allows all network traffic to be limited only to the NAVER Cloud Platform network for enhanced security.
          • When accessing through public endpoints, you need to configure an environment for using external internet. If configured with NAT Gateway and public subnet, then resources such as public IP may be required, which may incur additional charges.
          • When accessing through private endpoints, it falls under private communication section, so network charges may apply when communicating with the Object Storage bucket.

          Q. What are private endpoints? (Classic)

          • Private endpoints are Container Registry endpoints that are only available within the NAVER Cloud Platform's VPC network. Using private endpoints allows all network traffic to be limited only to the NAVER Cloud Platform network for enhanced security.
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout