Container Registry Enterprise Edition allows enterprises to manage and distribute Open Container Initiative (OCI) artifacts such as container images, Helm charts, and Operators in a secure and efficient way. Container Registry Enterprise Edition can distribute large-scale application artifacts in the production environment and distribute application artifacts across global regions. Container Registry Enterprise Edition also allows enterprises to efficiently build DevSecOps environments. Before you use Container Registry Enterprise Edition, you must create a Container Registry Enterprise Edition instance to manage and distribute your cloud-native assets.
Prerequisites
Container Registry Enterprise Edition is authorized to access your resources in other Alibaba Cloud services, such as Object Storage Service (OSS), Virtual Private Cloud (VPC), and CloudMonitor.
OSS is activated to store images of Container Registry Enterprise Edition instance.
CloudMonitor is activated if you want to query real-time data about your Container Registry Enterprise Edition instance.
VPC is activated if you want to access the Container Registry Enterprise Edition instance in a VPC.
ActionTrail is activated if you want to record operations in the Container Registry console.
Procedure
Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click Create ACR EE.
On the Container Registry buy page, configure parameters and then click Buy Now. The following table describes the parameters.
Parameter
Description
Region
The region where the Container Registry Enterprise Edition instance resides.
Instance Type
The edition of the instance. For more information, see What is Container Registry?
Instance Name
The name of the instance.
Instance Storage
Valid values: Default and Custom.
Default: By default, an OSS bucket is created in your account to store container images.
Custom: You can select an existing OSS bucket to store container images.
Select Bucket
Select an existing OSS bucket to store container images.
NoteThis parameter is displayed only when you set the Instance Storage parameter to Custom.
Security Scan
Container Registry Enterprise Edition provides the image security scan feature. It supports the following security scan engines:
Trivy Scan Engine: an open source scan engine that can detect system and application vulnerabilities. Trivy scan engines do not allow you to fix system vulnerabilities in a few clicks.
Security Center Scan Engine: a scan engine developed by Alibaba Cloud. The engine can detect system and application vulnerabilities, baseline risks, and malicious samples. Security Center scan engines allow you to fix system vulnerabilities in a few clicks.
Repository Quota
By default, the Basic Edition provides a repository quota of 1,000 and the Advanced Edition provides a repository quota of 5,000. You can apply for a quota increase based on your business requirements.
Namespace Quota
By default, the Basic Edition provides a namespace quota of 15 and the Advanced Edition provides a namespace quota of 50. You can apply for a quota increase based on your business requirements.
Duration
You can select 1 Month, 2 Months, 3 Months, or 6 Months. If you require a longer duration, you can select 1 Year, 2 Years, 3 Years, 4 Years, or 5 Years.
NoteYou can enable auto-renewal based on your requirements.
On the Confirm Order page, verify the configurations, select I have read and agree to Container Registry Enterprise Edition Agreement of Service, and then click Pay.
In the lower-right corner of the Purchase page, view the total fees of the instance. Verify the order information and follow the on-screen instructions to complete the payment.
On the Instances page, the status of the new instance is Starting. The status changes to Running after 2 or 3 minutes.