Container Registry supports custom domain names. This feature allows you to create
a custom domain name that has an SSL certificate for a Container Registry Enterprise
Edition instance. In this case, you can use the custom domain name to access the instance
based on the HTTPS protocol. This topic describes how to use a custom domain name
to access a Container Registry Enterprise Edition instance.
Prerequisites
- An Internet Content Provider (ICP) filing is applied for a domain name.
A domain name consists of a string of labels separated by periods (.). You can identify
the location of a Container Registry Enterprise Edition instance based on its domain
name. You can register a domain name in the
Domains console. For more information, see
What is Alibaba Cloud Domains?.
Note If a Container Registry Enterprise Edition instance is deployed outside China, you
do not have to apply for an ICP filing for the domain name.
- An SSL certificate is obtained.
SSL certificates comply with the HTTPS protocol. If a Container Registry Enterprise
Edition instance has an SSL certificate, you can enable identity verification and
HTTPS encryption for the instance. This secures data transmission.
SSL Certificates Service provides digital server certificates issued by certification
authorities (CAs) both inside and outside China on the Alibaba Cloud platform. SSL
Certificates Service helps you convert your service from HTTP to HTTPS at a low cost.
You can purchase or upload an SSL certificate in the SSL Certificates Service console. For more information, see Overview.
- Alibaba Cloud DNS is activated.
Alibaba Cloud DNS can route user traffic to a Container Registry Enterprise Edition
instance by resolving a custom domain name to an IP address. For more information,
see Activate PrivateZone and Purchase an Alibaba Cloud DNS instance.
- A RAM role that has permissions on SSL certificates is configured.
Before you use a custom domain name, create a RAM role for your Alibaba Cloud account
and grant the RAM role permissions to access SSL certificates. This enables Container
Registry to access SSL certificates. For more information, see Grant permissions to a RAM role before you use a custom domain name.
Create a custom domain name
A Container Registry Enterprise Edition instance supports default and custom domain
names.
- Each instance provides two default domain names: a public domain name and a private
domain name.
- You can create custom domain names for an instance.
- Log on to the Container Registry console.
- In the top navigation bar, select a region.
- In the left-side navigation pane, choose .
- On the Instance page, click the name of the Container Registry Enterprise Edition instance or click
Manage in the Actions column for the instance.
- In the left-side navigation pane, choose .
- On the page that appears, click Add Domain Name.
- In the Add Domain Name dialog box, specify Domain Name and Certificate ID. Then, click OK.
Note You can take the following steps to delete a domain name. On the Domain page, find the domain name that you want to delete and click Delete in the Actions column. In the message that appears, click OK.
Configure access over the Internet and Alibaba Cloud DNS
Access over the Internet
After you configure access over the Internet and Alibaba Cloud DNS, you can use a
custom domain name to access your Container Registry Enterprise Edition instance over
the Internet.
- Configure access over the Internet. For more information, see Configure access over the public network.
- Log on to the Alibaba Cloud DNS console.
- In the left-side navigation pane, click Manage DNS.
- On the Domains tab, click Add Domain Name. In the Add Domain Name dialog box, enter a custom domain name and click OK.
- On the Domains tab, find the domain name that you want to manage, and click Configure in the Actions column.
- On the DNS settings page of the domain name, click Add Record.
- In the Add Record pane, configure the following parameters and click Confirm.
Parameter |
Description |
Type |
Select CNAME from the drop-down list. |
Host |
Enter a custom domain name. |
ISP Line |
In this example, select Default.
|
Value |
Enter the default public domain name. |
TTL |
The amount of time for a record to be cached. A smaller value indicates the less amount
of time. The default value is 10 minutes.
|
After you add a record, you can use the custom domain name to access your Container
Registry Enterprise Edition instance over the Internet.
Access over a virtual private cloud (VPC)
After you configure access over a VPC and PrivateZone, you can use a custom domain
name to access your Container Registry Enterprise Edition instance over a VPC.
- Configure access over a VPC. For more information, see Configure access over VPCs.
- Log on to the Alibaba Cloud DNS console.
- In the left-side navigation pane, click PrivateZone.
- On the Hosted Zones tab, click Add Zone.
- In the Add PrivateZone dialog box, enter a custom domain name in the Zone Name field. For example, you can enter www.example.com, select the Subdomain recursive resolution proxy check box, and then click OK.
- On the Hosted Zones tab, find the zone that you want to manage, and click Configure in the Actions column.
- On the resolution settings page of the zone, click Add Record.
- In the Add Record dialog box, configure the following parameters and click OK.
Parameter |
Description |
Record Type |
Select CNAME from the drop-down list. |
Resource Records |
Set the value to @. |
Record Value |
Enter the default private domain name. |
TTL Value |
Retain the default value. |
On the Resolution Settings tab, you can view the newly added record.
- Return to the PrivateZone page. On the Hosted Zones tab, find the zone that you want to manage, and click Bind VPC in the Actions column.
- In the Bind VPC dialog box, click Continue to associate VPC and select the VPC in Step 1. Then, click Confirm.
On the Hosted Zones tab, Bind VPC Status of the zone changes to Bind. In this case, you can use the custom domain name to access your Container Registry
Enterprise Edition instance over the VPC.