- Print
- PDF
Container Registry overview
- Print
- PDF
Available in Classic and VPC
NAVER Cloud Platform's Container Registry is a private Docker container image storage with Docker Registry v2 specifications. You can use it to easily save, manage, and distribute container images. It takes the burden off developers since they no longer have to build their own container registry and infrastructure, thus simplifying container development.
A variety of features Container Registry offers
Please see below for detailed descriptions about the variety of features that Container Registry offers.
- Docker container image management: The Container Registry and NAVER Cloud Platform servers can be used in integration. You can define the registry (image storage) of Container Registry using namespace, view or delete Docker container images, and manage metadata through the Container Registry's dashboard.
- Docker support and linkage with Container Registry: It supports the Docker registry HTTP API V2, and you can link with NAVER Cloud Platform's Container Registry using Docker CLI commands.
- Collaborations and access control through segmentation of permissions: You can set API jobs (change, view) that can be executed on Container Registry by users, so you can share the storage with other users. You can also control and monitor permissions using Sub Account. The policy can be segmented as you can specify different permissions by user and role.
- Manager permissions (Change, View): permission to upload (Push) or download (Pull) Docker container images to Container Registry, and delete registries and container images
- Viewer permissions (View): permission to download (Pull) container images
- Provision of public/private endpoints: It provides public endpoints and private endpoints that can be safely used only within the internal network environment of NAVER Cloud Platform. Private endpoints block user access through external networks to reinforce security.
- Reinforced security through container vulnerability analysis: The security vulnerabilities in container images registered on Container Registry can be analyzed, and their vulnerabilities can be identified based on the CVE system. Based on the provided scan results, the vulnerabilities can be removed to reinforce security of the container.
- Storage of container images in the cloud: Uploaded private Docker container images are stored on Object Storage of NAVER Cloud Platform, so developers can focus on developing containers without needing to worry about infrastructure for image storage.
About Container Registry guide
Container Registry provides services in Korea and Singapore regions. The service content is identical in both regions. Please check the following table of contents and their details for smooth use of Container Registry.
- Container Registry overview: introduction to Container Registry, related resources helpful for the use, and FAQ
- Prerequisites for using Container Registry: required specifications in order to use Container Registry, supported items, and restrictions
- Container Registry scenario: introduction to overall Container Registry usage process
- Getting started with Container Registry: introduction to requesting subscription to Container Registry and managing it from NAVER Cloud Platform's console
- Using Container Registry: features available in Container Registry and their instructions
- Viewing and managing Container Registry information: instructions on viewing Container Registry information and registered images, how to download (pull) and upload (push) images
- Scanning security vulnerabilities in Docker container images: instructions on how to analyze security vulnerabilities in container images
- Container Registry glossary: introduction to important terms and their descriptions in using Container Registry
- Container Registry release notes: update history of Container Registry guide
Container Registry related resources
NAVER Cloud Platform provides a variety of related resources as well as the guide to help customers better understand Container Registry. If you are a developer or marketer in need of detailed information while you are considering adopting Container Registry or establishing data related policies, then please make good use of the resources below.
- Improvement in comprehension and usage methods for Container Registry
- Container Registry API Guide: API usage methods for Container Registry developers
- Introduction to pricing, characteristics, and detailed features: summary of Container Registry's pricing system, as well as the characteristics and detailed features of Container Registry
- Latest service news: latest news related to Container Registry
- FAQ frequently asked questions by Container Registry users
- Contact us: Send direct inquiries in case of any unresolved questions that aren't answered by the guides.
- Guides for linked services required for the use of Container Registry
- Object Storage Guide: how to create and use Object Storage to store Docker container images in
- Sub Account Guide: how to use Sub Account that helps the management of Container Registry and administration permissions
- Ncloud Kubernetes Service Guide: how to use Container Registry in Kubernetes
Please check FAQs first.
You can get your questions answered quickly by referring to the answers in the FAQ before reading the guide. If you haven't found the answer to your question in the FAQ below, then search the guide for what you'd like to know.
Q. How do I log in to Container Registry in the CLI environment?
- If you select the registry you want to log in to from the Container Registry menu of the NAVER Cloud Platform console, then you can check the command for logging in from the Access commands field in Details.
- Use the authentication key for the ID and password to log in to the registry. You can check the authentication key from Portal > My Page > Manage account > Manage authentication key. Use the Access Key ID as the ID, and Secret Key as the password.
- When logging in to the registry with a sub account, use the API authentication key as the ID. If API Gateway access in the sub account's Access type is activated, then the API authentication key can be viewed and managed from the [Access Key] tab in the details displayed after selecting the sub account from the Services > Management > Sub Account menu in the NAVER Cloud Platform console.
Q. Can I grant Container Registry permissions to sub accounts?
- You can grant permissions for the registry from the Sub Account > Sub Accounts menu in the NAVER Cloud Platform console.
- The available permissions include manager (NCP_CONTAINER_REGISTRY_MANAGER) and viewer (NCP_CONTAINER_REGISTRY_VIEWER) permissions. The manager has Push and Pull permissions for Docker container images, and the viewer only has Pull permissions.
- In addition, the manager gets registry creation and deletion, image deletion, and metadata modification permissions.
Q. Can I enter notes for images uploaded to Container Registry?
- Container Registry allows two types of notes to be entered for uploaded images: Short description and Full description.
- For Short description, simple notes under 100 characters can be entered.
- The Full description supports markdown format, which allows richer description of metadata for the image.
Q. How much is Container Registry
- Container Registry does not charge a separate management cost. The fees for the use of Object Storage linked to the registries are charged. You only need to pay the fees for the amount of data stored in Object Storage, number of API calls, and network transmissions.
Q. Can I modify the content of the Object Storage's bucket linked to Container Registry?
- Container Registry provides push and pull features for private Docker container images in linkage with Object Storage. You need to be careful since proper operation may not be provided when modifying or deleting the content of the Object Storage bucket.
Q. What are private endpoints? (VPC)
- Private endpoints are Container Registry endpoints that are only available within the NAVER Cloud Platform's VPC network. Using private endpoints allows all network traffic to be limited only to the NAVER Cloud Platform network for enhanced security.
- When accessing through public endpoints, you need to configure an environment for using external internet. If configured with NAT Gateway and public subnet, then resources such as public IP may be required, which may incur additional charges.
- When accessing through private endpoints, it falls under private communication section, so network charges may apply when communicating with the Object Storage bucket.
Q. What are private endpoints? (Classic)
- Private endpoints are Container Registry endpoints that are only available within the NAVER Cloud Platform's VPC network. Using private endpoints allows all network traffic to be limited only to the NAVER Cloud Platform network for enhanced security.