Prerequisites: Make sure you have the appropriate permissions. Only Contract Owners, Admins or Users with the Manage Registry permission can create a Container Registry. Other user types have read-only access.
1. To create a Container Registry, go to Menu > Containers > Container Registry.
2. In the Container Registry Manager, click + Add to start creating a new container registry.
3. Provide an appropriate Name.
Note: The registry name must be globally unique across all customers. It is not possible to change the registry name later.
4. Choose the Location where you want your container registry to be run and the images to be stored.
Note: It is not possible to change the location later.
5. Click Create Registry. Your Container Registry and storage will be created.
6. Your Container Registry will be ready to use when the status is updated to "Running".
Once you have created a Container Registry, you will want to create one or more tokens to provide (and control) access to your registry.
1. To create a Token for a Container Registry, go to Menu > Containers > Container Registry.
2. In the Container Registry Manager, select the Container Registry that you want to configure.
3. Click on the + Add in the Tokens section to create a new Token
4. Complete the following fields:
Name This is a user-visible name for the token so that it can be easily identified
Status Leave as Enabled. The token can be Disabled at a later date if required
Expiry Date (if required)
Scopes: Scopes define what actions the token has permission to perform and on which repositories. You must have at least one scope added (by clicking the Add scope button). You can have multiple scopes if the token needs different permissions per repository.
Name
List the names of the repositories to which the token will have access. * can be used as a wildcard. * will provide access to all repositories
Actions Select the required Actions for the token (Pull, Push and/or Delete)
Type Choose either repository or registry. Use registry to get the list of repositories in the registry. Use repository to manage the contents of the repository(s)
Click Add scope and add further scopes if needed
5. Click Save
6. You are then presented with the details of the created credential and the Docker Login command using the newly created token.
Note: This is the only time you will be able to access the password for this token. It is not possible to recover the password for a token so you must store it securely and safely.
Each Container Registry has the option to configure the Garbage Collection schedule. By default, Garbage Collection is disabled because each customer will choose a schedule based upon their needs.
Garbage Collection frees up storage space for image layers data that are no longer referenced. This is necessary if, for example, all your images use the same base operating system image. Garbage Collection ensures that layers are not referenced by other images before deletion.
The duration of Garbage Collection will increase based on the volume of deleted repositories or tags and the total number of repositories and tags to be checked.
Note: During Garbage Collection, the container registry is read only. This is so that a complete analysis can be completed without changes being made to repositories.
1. To configure Garbage Collection for a Container Registry, go to Menu > Containers > Container Registry.
2. In the Container Registry Manager, select the Container Registry that you want to configure.
3. Click on the edit icon.
4. Select the day and time that you want Garbage collection to run on a weekly basis.
Note: For more granular and customised control over the Garbage Collection schedule, you can do this via the API.
