Alibaba Cloud Container Registry is a service that allows you to manage and distribute cloud-native artifacts that meet the standards of Open Container Initiative (OCI) in an effective manner. Container Registry Enterprise Edition provides end-to-end acceleration capabilities to support global image replication, distribution of large images at scale, and image building based on multiple code sources. The service seamlessly integrates with Container Service for Kubernetes (ACK) to help enterprises reduce delivery complexity and provides a one-stop solution for cloud-native applications.
Editions
Container Registry Enterprise Edition
Container Registry Enterprise Edition is a platform designed to manage the lifecycle of cloud-native application artifacts that meet the standards of OCI, including container images and Helm charts. Container Registry Enterprise Edition efficiently distributes large-scale application artifacts across multiple regions in different scenarios. The service seamlessly integrates with ACK, which simplifies the application delivery for enterprises.
Container Registry Personal Edition
Container Registry Personal Edition provides individual developers with basic features for container image management. The features include application image hosting, image building, and image access control. Personal Edition supports full lifecycle management of container images.
Features
Features of Container Registry Enterprise Edition
Feature | Description |
Hosting of diverse OCI artifacts | Container Registry Enterprise Edition can manage multiple types of OCI artifacts, such as container images that are based on multiple architectures (such as Linux, Windows, and Arm), and charts of Helm 2 and Helm 3. |
Accelerated application distribution | Container Registry Enterprise Edition can synchronize container images across different regions around the world to improve distribution efficiency. Container Registry Enterprise Edition supports image distribution in P2P mode. |
Comprehensive security assurance | Container Registry Enterprise Edition ensures storage and content security by storing cloud-native application artifacts after encryption, supports image scanning to detect vulnerabilities, and generates vulnerability reports from multiple perspectives. Container Registry Enterprise Edition ensures secure access by providing network access control and fine-grained operation audit for container images and Helm charts. |
Efficient and secure cloud-native application delivery | Container Registry Enterprise Edition allows you to create cloud-native application delivery chains that are observable, traceable, and configurable. Container Registry Enterprise Edition can automatically deliver applications all over the world upon source code changes in multiple scenarios based on delivery chains and blocking rules. This improves the efficiency and security of cloud-native application delivery. |
Features of Container Registry Personal Edition
Feature | Description |
Hosting of multi-arch images | Container Registry Personal Edition supports container images that are based on multiple architectures, including Linux, Windows, and Arm. |
Flexible region selection |
|
Architecture
The following figure shows the architecture of Container Registry. For more information about the functional components in the figure, see the help documentation.
Specifications of different editions
The following table describes the specifications of Container Registry Personal Edition and Enterprise Edition. In the following table, ticks (️✓) indicate that a feature is supported and crosses (×) indicate that a feature is not supported.
Container Registry Personal Edition is designed for individual developers. Alibaba Cloud does not provide service level agreement (SLA) guarantee and SLA penalties for Container Registry Personal Edition, and has limits on using the edition. Do not use Container Registry Personal Edition in your production and business.
To learn how to select the edition that meets your business requirements and configure disaster recovery solutions, refer to the instance type features and differences. Then follow the disaster recovery instructions to prepare a zone, cross-region disaster recovery solution, and data backup solution.
Module | Feature | Personal Edition instance | Enterprise Edition instance | ||||
Basic Edition instance | Advanced Edition instance | ||||||
Disaster recovery | Instance | Cross-zone disaster recovery | None. | By default, multi-zone regions support this feature. | |||
Cross-region disaster recovery | None. | Only cross-region Enterprise Edition instances support this feature. For more information, see Best practices for geo-disaster recovery of Container Registry Enterprise Edition instances. | |||||
Instance storage | Cross-zone disaster recovery | None. | The zone-redundant storage (ZRS) feature of Object Storage Service (OSS) is required to support this feature. For more information, see Create a ZRS bucket. | ||||
Cross-region backup | None. | The cross-region replication (CRR) feature of OSS is required to support this feature. For more information, see CRR. | |||||
Service guarantee | - | SLA | None. | 99.95% | 99.95% | ||
Module | Feature | Personal Edition instance | Enterprise Edition instance | ||||
Basic Edition instance | Advanced Edition instance | ||||||
Disaster recovery | Instance | Cross-zone disaster recovery | None. | By default, multi-zone regions support this feature. | |||
Cross-region disaster recovery | None. | Only cross-region Enterprise Edition instances support this feature. For more information, see Best practices for geo-disaster recovery of Container Registry Enterprise Edition instances. | |||||
Instance storage | Cross-zone disaster recovery | None. | The zone-redundant storage (ZRS) feature of Object Storage Service (OSS) is required to support this feature. For more information, see Create a ZRS bucket. | ||||
Cross-region backup | None. | The cross-region replication (CRR) feature of OSS is required to support this feature. For more information, see CRR. | |||||
Service guarantee | - | SLA | None. | 99.95% | 99.95% | ||
Module | Feature | Personal Edition | Enterprise Edition | ||
Basic Edition | Advanced Edition | ||||
Artifact management | Container images | Hosting |
|
|
|
Namespace quota | 3 | 15 | 50 | ||
Public repository quota | 300 | 1000 | 5000 | ||
Private repository quota | |||||
VPC quota for Access Control List (ACL) |
| Purchase based on needs | |||
Helm Chart | Hosting |
|
|
| |
Namespace quota |
| 15 | 50 | ||
Public repository quota |
| 1000 | 5000 | ||
Private repository quota | |||||
OCI Artifact |
|
|
| ||
Image tag immutability |
|
|
| ||
Image tag management (automatic tag deletion) |
|
|
| ||
Artifact building | Task quota for concurrent artifact building | 1 | 3 | 10 | |
Intelligent acceleration |
|
|
| ||
Multi-arch image building |
|
|
| ||
Artifact security | Artifact scan by using multiple engines |
|
|
| |
Vulnerability fixing |
|
|
| ||
Risk blocking |
|
|
| ||
Signing and signature verification |
|
|
| ||
Network access control |
|
|
| ||
Operation audits |
|
|
| ||
Artifact distribution | Distribution performance or the maximum number of nodes that can concurrently pull an image | Not guaranteed | 250 | 1000 | |
Distribution in P2P mode |
|
|
| ||
On-demand distribution |
|
|
| ||
Image replication around the world |
|
|
| ||
Artifact subscription |
| 5 | 30 | ||
Synchronization rule |
|
| 60 | ||
Artifact delivery | Event notification |
|
|
| |
Image pulls without using a secret |
|
|
| ||
Cloud-native application delivery chains |
|
|
| ||
Instance management | Custom domain names |
|
|
| |
Fast image migration from Harbor registries |
|
|
| ||
Use Container Registry
Try Container Registry now.