Container Registry Enterprise Edition allows enterprises to securely and efficiently manage and distribute Open Container Initiative (OCI) artifacts, such as container images, Helm charts, and Operators. This service supports large-scale distribution in production environments, distribution across global regions, and improved efficiency for cloud-native DevSecOps. Before you can use Container Registry Enterprise Edition, you must create an Enterprise Edition instance to host and distribute your cloud-native assets.
Prerequisites
You have granted Container Registry Enterprise Edition the required permissions to access your resources in other Alibaba Cloud services, such as Object Storage Service (OSS), Virtual Private Cloud (VPC), and Cloud Monitor.
OSS is activated. Container Registry Enterprise Edition requires OSS to store images.
Cloud Monitor must be activated to query real-time data about your instance.
ImportantIf your free quota for Cloud Monitor is used up, API calls are throttled. This may prevent monitoring information from being displayed correctly in the Container Registry console. However, you can still view the information in the Cloud Monitor console.
For more information about the free quota provided by Cloud Monitor, see Free quotas.
If the free quota of API calls for metric data query is used up, resolve the issue by referring to How do I fix the issue that the quotas of CloudMonitor are insufficient?
VPC must be activated to access the instance over a VPC.
ActionTrail must be activated to record console operations.
Procedure
Log on to the Container Registry console.
In the top navigation bar, select a region.
In the left-side navigation pane, click Instances.
On the Instances page, click Create ACR EE.
On the Container Registry purchase page, configure the basic information and click Buy Now.
Parameter
Description
Region
Select the region for the Enterprise Edition instance.
Instance Type
Select an instance type. For more information, see What is Container Registry?.
Instance Name
Enter a name for the instance.
Instance Storage
Valid values: Default and Custom.
Default: An OSS bucket is created in your account by default to host container images.
The default bucket is named in the format: <ACR instance ID>-registry.
Custom: You can select an existing OSS bucket to host container images.
Select Bucket
Select an existing bucket to host container images.
NoteThis parameter is required only when you set Instance Storage to Custom.
Security Scan
This feature provides image security scanning. You can select one of the following scan engines:
Trivy Scan Engine: An open source scan engine that detects system and application vulnerabilities. This engine does not support one-click fixing for system vulnerabilities.
Security Center Scan Engine: A scan engine developed by Alibaba Cloud. It detects system vulnerabilities and application vulnerabilities, performs baseline checks, and finds malicious samples. This engine supports one-click fixing for system vulnerabilities.
Repository Quota
The default repository quota is 1,000 for the Basic Edition, 3,000 for the Standard Edition, and 5,000 for the Premium Edition. You can increase the quota as needed.
Namespace Quota
The default namespace quota is 15 for the Basic Edition, 25 for the Standard Edition, and 50 for the Premium Edition. You can increase the quota as needed.
Subscription Duration
Select a subscription duration of 1, 2, 3, or 6 months, or 1 to 5 years.
NoteYou can also enable auto-renewal.
On the Confirm Order page, confirm the Parameter Settings, review the Terms of Service, and then click Pay.
On the Payment page, review the total fee and complete the payment.
On the Instances page, the status of the new instance is Starting. After 2 to 3 minutes, the status changes to Running.