# Overview

The IONOS Cloud Container Registry is a universal repository manager with a recommended service for storing and managing custom container images and other artifacts in IONOS Cloud. Deploying and pulling images can be done using the Docker CLI or added directly to a Kubernetes deployment.

![IONOS Container Registry Architecture](https://1737632334-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MifAzdGvKLDTtvJP8sm%2Fuploads%2Fgit-blob-dbebbd907507835935ca4f58f5fb690da3d897f9%2Fcr_architecture.png?alt=media)

The IONOS Cloud Container Registry provides users with a dedicated registry or multiple registries based on their contracts, allowing them to host their own Docker images without the need for an external provider (such as Docker Hub).

A container registry is created to store and share custom images in the same regions where you deploy them. Container Registry is a high-performance platform for storing custom image containers. It can be used as part of CI/CD workflows for container workloads.

You can order and manage the Container Registry through the API. The API will allow integration into the Data Center Designer (DCD).

### Features

The IONOS Cloud Container Registry allows you to manage compatible registries by offering the following:

* An authenticated registry where **OCI-compliant artifacts** (including Docker container images) can be stored and retrieved.
* Access via the **Public Internet** and secure by requiring authentication to view, push, or pull images. The Container Registry is maintained by IONOS Cloud on your behalf, which means that our experts will apply non-stop patches to the underlying infrastructure and Container Registry software.
* All images stored in the container registry are **encrypted** at rest.
* Each container registry can have many repositories.

### Specifications

The IONOS Cloud Container Registry specifications are as follows:

|          Specification          |                                                              Status                                                             |
| :-----------------------------: | :-----------------------------------------------------------------------------------------------------------------------------: |
|         Docker Registry         |                                                               Yes                                                               |
|          Built-in CI/CD         | The container registry supports the Docker Registry HTTP v2 API, allowing it to be integrated into an automated CI/CD pipeline. |
| Built-in OSS Vulnerability Scan |                                                                No                                                               |

### Container Registry Characteristics

Our platform is responsible for providing the operations required to facilitate the distribution of images.

* The container registry is accessible from the public internet and maximally available (High availability setup) for pushing and pulling artifacts.
* The service is managed, including any components on which it is built.
* The container registry supports the [<mark style="color:blue;">Docker Registry HTTP API v2</mark>](https://docs.docker.com/registry/spec/api/), which allows it to be integrated into an automated CI/CD pipeline.
* It also supports authentication tokens for use by robot accounts to be able to integrate into an automated CI/CD pipeline. You can create a one-time token to allow the CI/CD pipeline to push a new image.
* You can use the registry with [<mark style="color:blue;">Docker Registry HTTP API v2</mark>](https://docs.docker.com/registry/spec/api/) compliant tools, e.g. [<mark style="color:blue;">Docker CLI</mark>](https://docs.docker.com/engine/reference/commandline/cli/).
* It is possible to use the same credentials to access all registries and repositories in the same IONOS Cloud account that the user has access to.
* All data in the registry will be encrypted at rest.

### Regional availability

The IONOS Cloud Container Registry is available in the **FRA** region.

### Benefits of Container Registry

The IONOS Container Registry offers the following benefits:

* create a registry access token with limited or unlimited permissions
* create a temporary registry access token with limited or unlimited permissions
* support for docker tools
* login to registry
* push an image
* pull an image
* delete an image

### Pricing

For more information, see [<mark style="color:blue;">Private Container Registry</mark>](https://docs.ionos.com/support/general-information/price-list/ionos-cloud-se-en#private-container-registry).

{% hint style="info" %}
**Note:** The network traffic is **not charged**.
{% endhint %}

### Limitations

There are the following few limitations when working with IONOS Container Registry APIs:

* You cannot choose your encryption keys (Trust-No-One) when encrypting data at rest; the Container Registry platform manages the keys.
* It is not possible to grant repository access permissions to push, pull, or delete from a specific repository.
* Any unauthenticated user will not be able to access the registry contents.