Image registry¶
The image registry is a service that allows you to store and retrieve images.
Docker registry¶
A Docker registry or repository provides storage and versioning for Docker images. Installing a private Docker registry is useful if you don’t want to share your algorithms. Also, a private registry may have security benefits, for example, you can scan your images for vulnerabilities and you can limit the range of IP addresses that the node may access to the vantage6 hub and the private registry.
Note
If you use your own registry, make sure that it conforms to the OCI distribution specification. This specification is supported by all major container registry providers, such as Docker Hub, Harbor, Azure Container Registry and Github container registry.
The image registry is not really a part of the vantage6 infrastructure. You should install and configure your own image registry, depending on your needs. Below, we list some of the most popular image registries that we recommend.
Github Container Registry¶
Github Container Registry is a private registry that is provided by Github. It is a turn-key solution for hosting your own Docker images. It is free to use (at time of writing) and links to your Github repository. We use it to host the main vantage6 images.
Harbor¶
Another solution for hosting a Docker registry is Harbor. Harbor provides access control, a user interface and automated scanning on vulnerabilities. This setup is more complex, but it offers more features.
Docker Hub¶
Docker itself provides a registry as a turn-key solution on Docker Hub. Instructions for setting it up can be found here: https://hub.docker.com/_/registry.
Note that some features of vantage6, such as timestamp based retrieval of the newest image, or multi-arch images, are not supported by the Docker Hub registry.
Note
If you are using a private docker registry, your nodes need to login to it in order to be able to retrieve the algorithms. You can do this by adding the following to the node configuration file:
private_docker_registries:
- registry: docker-registry.org
username: docker-registry-user
password: docker-registry-password