Alibaba Cloud Container Registry is a secure platform that allows you to effectively manage and distribute cloud-native artifacts that meet the standards of Open Container Initiative (OCI). The artifacts include container images and Helm charts. Container Registry Enterprise Edition provides end-to-end acceleration capabilities to support global image synchronization, distribution of large images at scale, and image building based on multiple code sources. The service seamlessly integrates with Container Service for Kubernetes (ACK) to help enterprises reduce delivery complexity and provides a one-stop solution for cloud-native applications.
Container Registry Personal Edition
Container Registry Personal Edition is a managed and free registry that makes it easy for developers to publicly share container images worldwide. It provides application image hosting, image scanning, image building, and image access control. The service supports full lifecycle management of container images.
Container Registry Enterprise Edition
Container Registry Enterprise Edition is target for enterprise market for high availability (99.95% SLA), e2e security and large-scale distribution. It manages the lifecycle of cloud-native application artifacts that meet the standards of OCI, including container images and Helm charts. Container Registry Enterprise Edition efficiently distributes large-scale application artifacts across multiple regions in different scenarios. The service seamlessly integrates with ACK, which simplifies the application delivery for enterprises.
Features of Container Registry Personal Edition
- Multi-architecture images
Container Registry Personal Edition supports container images that are based on multiple architectures, including Linux, Windows, and ARM.
- Various regions
- You can create and delete repositories in different regions based on your business requirements.
- Each repository has three endpoints, which can be accessed over the Internet, internal network, and a virtual private cloud (VPC).
- Image scanning
- Container Registry Personal Edition allows you to scan images for security risks and provides detailed information about image layers.
- After an image is scanned, Container Registry Personal Edition provides a vulnerability report for the image. The report includes detailed vulnerability information, such as the vulnerability number, the vulnerability severity, and the version in which the vulnerability is fixed.
Features of Container Registry Enterprise Edition
- OCI artifact management
Container Registry Enterprise Edition can manage multiple types of OCI artifacts, such as container images that are based on multiple architectures (such as Linux, Windows, and ARM), and charts of Helm v2 and Helm v3.
- Multi-dimensional security protection
Container Registry Enterprise Edition ensures storage and content security by storing cloud-native application artifacts after encryption, supports image scanning to detect vulnerabilities, and generates vulnerability reports from multiple perspectives. Container Registry Enterprise Edition ensures secure access by providing network access control and fine-grained operation audit for container images and Helm charts.
- Accelerated application distribution
Container Registry Enterprise Edition can synchronize container images across different regions around the world to improve distribution efficiency. Container Registry Enterprise Edition supports image distribution in P2P mode to accelerate application deployment and expansion.
- Efficient and secure cloud-native application delivery
Container Registry Enterprise Edition allows you to create cloud-native application delivery chains that are observable, traceable, and configurable. Container Registry Enterprise Edition can automatically deliver applications all over the world upon source code changes in multiple scenarios based on delivery chains and blocking rules. This improves the efficiency and security of cloud-native application delivery.
The following figure shows the architecture of Container Registry. For more information about the functional components in the figure, see the help documentation.
Specifications of different editions
|Module||Feature||Container Registry Personal Edition||Container Registry Enterprise Edition|
|Basic Edition||Advanced Edition|
|Artifact management||Container images||Hosting|
|Public repository quota||300||1000||5000|
|Private repository quota|
|Public repository quota||1000||5000|
|Private repository quota|
|Version management (automatic version deletion)|
|Artifact building||Quota for concurrent artifact building||1||3||10|
|Multi-architecture image building|
|Artifact security||Artifact scanning by using multiple engines|
|Signature signing and verification|
|Network access control|
|Artifact distribution||Distribution performance (pull QPS)||Not guaranteed||250||1000|
|Distribution in P2P mode|
|Global image synchronization|
|Artifact delivery||Event notifications|
|Cloud-native application delivery chains|
|Instance management||Custom domain names|
|Fast image migration from Harbor instances|