Container Registry Enterprise Edition allows enterprises to manage and distribute Open Container Initiative (OCI) artifacts such as container images, Helm charts, and Operators in a secure and efficient way. Container Registry Enterprise Edition can distribute large-scale application artifacts in the production environment and distribute application artifacts across global regions. Container Registry Enterprise Edition also allows enterprises to efficiently build DevSecOps environments. Before you use Container Registry Enterprise Edition, you must create a Container Registry Enterprise Edition instance to manage and distribute your cloud-native assets.

Prerequisites

  • Container Registry Enterprise Edition is authorized to access your resources in other Alibaba Cloud services, such as Object Storage Service (OSS), Virtual Private Cloud (VPC), and CloudMonitor.
  • OSS is activated to store images of Container Registry Enterprise Edition instance.
  • CloudMonitor is activated if you want to query real-time data about your Container Registry Enterprise Edition instance.
  • VPC is activated if you want to access the Container Registry Enterprise Edition instance in a VPC.
  • ActionTrail is activated if you want to record operations in the Container Registry console.

Procedure

  1. Log on to the Container Registry console.
  2. In the top navigation bar, select a region.
  3. In the left-side navigation pane, click Instances.
  4. On the Instances page, click Create ACR EE.
  5. On the Container Registry Enterprise Edition page, configure the basic information and click Buy Now.
    Parameter Description
    Region The region where the Container Registry Enterprise Edition instance resides.
    Instance Type The instance type of the Container Registry Enterprise Edition instance. For more information, see What is Container Registry?.
    Instance Name The name of the instance.
    Instance Storage Valid values: Default and Custom.
    • Default: By default, an OSS bucket is created in your account to store container images.
    • Custom: You can select an existing OSS bucket to store container images.
    Select Bucket Select an existing OSS bucket to store container images.
    Note This parameter is displayed only when you set the Instance Storage parameter to Custom.
    Security Scan Container Registry Enterprise Edition provides the image security scan feature. It supports the following security scan engines:
    • Trivy Scan Engine: an open source scan engine that can detect system and application vulnerabilities. Trivy scan engines do not allow you to fix system vulnerabilities in a few clicks.
    • Security Center Scan Engine: a scan engine developed by Alibaba Cloud. The engine can detect system and application vulnerabilities, baseline risks, and malicious samples. Security Center scan engines allow you to fix system vulnerabilities in a few clicks.
    Repository Quota The default repository quotas for the Basic Edition, Standard Edition, and Advanced Edition are 1,000, 3,000, and 5,000 separately. You can apply for a quota increase based on your business requirements.
    Namespace Quota The default namespace quotas for the Basic Edition, Standard Edition, and Advanced Edition are 15, 25, and 50 separately. You can apply for a quota increase based on your business requirements.
    Duration You can select 1 Month, 2 Months, 3 Months, or 6 Months. If you require a longer duration, you can select 1 Year, 2 Years, 3 Years, 4 Years, or 5 Years.
    Note You can select to enable auto-renewal.
  6. On the Confirm Order page, verify the configurations, select I have read and agree to Container Registry Enterprise Edition Agreement of Service, and then click Pay.
  7. In the lower-right corner of the Purchase page, view the total fees of the instance. Verify the order information and complete the payment as prompted.

    On the Instances page, the status of the new instance is Starting. The status changes to Running after 2 or 3 minutes.