Container Registery

Introduction

Container Registry is a service for storing private container images. It provides a subset of features provided by Artifact Registry, a universal repository manager and the recommended service for managing container images and other artifacts .

Artifact

A service for storing and managing artifacts in private repositories, including container images, and Helm charts.

Artifact Registry extends the capabilities of Container Registry. In addition to supporting multiple artifact formats, the service provides additional benefits such as:

Ability to create multiple discrete repositories in the same region.

Working with your images

Many people use Docker Hub as a central registry for storing public Docker images, but to control access to your images you need to use a private registry such as Container Registry.

You can access the registry through secure HTTPS endpoints, which allow you to push, pull, and manage images from any system.

Getting Started

How to Launch Container Registry from Myaccount portal

../_images/container_registry11.png

Login into MyAccount

Please go to ‘My Account’ and log in using your credentials set up at the time of creating and activating the E2E Networks ‘My Account’.

Working with Container Registry

The following sections describe how you can use Container Registry .

Create New Container Registry

  • Click on the “Container Registry” sub-menu available under the Storage section.

  • You will be directed to the ‘Container Registry manager’ page.

  • You can provide the project name(optional).

  • Click on the “Create Container Registry ” button.

../_images/container_registry31.png

Actions

You can perform the following actions available for the respective container registry

../_images/container_registry4.png

Scan Project

Click on the scan Project button to scan your Project.

../_images/container_registry5.png

Reset Password

Click on the Reset Password button to Change the password of your Project.

../_images/container_registry6.png ../_images/container_registry7.png

Delete Project

Click on the Delete Password button to Delete your Project

../_images/container_registry8.png ../_images/container_registry9.png

Connecting to your Container Registry

Enter the following command at a command prompt on your local or client desktop to connect to a container Registry.

docker login registry.e2enetworks.net -u <user_name> -p <password>

Push Command

Using Docker

Enter the following command to push your image on the project.

Create tag -

docker tag <image> registry.e2enetworks.net/<project_name>/<image>

Push Image -

docker push registry.e2enetworks.net/<project_name>/<image_name>
../_images/container_registry10.png

Scan repositories

For scan repositories you have to click on the scan button to scan your Repositories.

../_images/container_registry111.png

Delete Repositories

For deleting the repositories you have to click on the Delete button. And confirmation popup will be open and you need to confirm that click on Delete button.

../_images/container_registry12.png ../_images/container_registry13.png

Scan Artifact

For scanning the Artifact click on scan button of artifact.

../_images/container_registry14.png

Vulnerability

A vulnerability scan in a container registry is a security process that involves examining container images stored in the registry for known vulnerabilities. These vulnerabilities could be related to software dependencies, libraries, or other components within the container image that might have security flaws.

../_images/vulner1.png

In the above screenshot :

  • Red: At least one critical vulnerability found

  • Orange: At least one high level vulnerability found

  • Yellow: At least one medium level vulnerability found

  • Blue: At least one low level vulnerability found

  • Green: No vulnerabilities found

  • Grey: Unknown vulnerabilities

In the vulnerabilities section, it shows a list of vulnerabilities and their respective details.

../_images/vulner2.png

Delete Artifact

Click on the Delete button to Delete your Artifact. And confirmation popup will be open and you need to confirm that click on Delete button.

../_images/container_registry15.png ../_images/container_registry16.png

Connecting Kubernetes to Container Registry

Secrets

A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in a container image. Using a Secret means that you don’t need to include confidential data in your application code.

Create Secrets

kubectl create secret docker-registry name-secrets \

--docker-username=username \

--docker-password=pass1234 \

--docker-server=registry.e2enetworks.net
cat > private-reg-pod-example.yaml << EOF
apiVersion: v1
kind: Pod
metadata:
name: node-hello
spec:
containers:
- name: node-hello-container
image:registry.e2enetworks.net/vipin-repo/node-hello@sha256:bd333665069e66b11dbb76444ac114a1e0a65ace459684a5616c0429aa4bf519
imagePullSecrets:
- name: name-secrets
EOF