Authenticate and manage registry
Authenticate registry
The Container Registry service allows you to store and manage Docker container images. After installing Docker on your environment, you can authenticate via the Docker CLI (Docker Command Line Interface).
The Container Registry service requires Docker to be installed in your environment. For more details on installing Docker, refer to the official Docker documentation.
Get IAM access key
You can issue an access key from the KakaoCloud Console.
For instructions on issuing an access key and secret access key, refer to API preparation.
Log in to Docker
After obtaining the access key ID and secret access key, use the following command to log in to Docker. Upon successful login, Login Succeeded
will be displayed.
docker login {project name}.{region}.kcr.dev --username {access key ID} --password {secret access key}
Set up authentication when pulling Kubernetes images
To pull images in your Kubernetes environment, configure authentication as shown below. For more details, refer to the official Kubernetes documentation.
-
Create a secret.
-
Enter the access key information issued from the KakaoCloud Console in
--docker-username
and--docker-password
.Create secret commandkubectl create secret docker-registry {secret name to create} \
--docker-server={project name}.{region}.kcr.dev \
--docker-username={access key ID} \
--docker-password={secret access key} \
--docker-email={email} \
-
-
Create a POD.
-
When you enter the created secret name in the
imagePullSecrets
field, images can be pulled from the Container Registry service.Create POD command$ vi -f my-private-reg-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: private-reg
spec:
containers:
- name: private-reg-container
image: {project name}.{region}.kcr.dev/{repository name}/{image name}:{tag name}
imagePullSecrets:
- name: {created secret name}
kubectl apply -f my-private-reg-pod.yaml
-
Manage registry
You can manage registries from the Container Registry > Manage menu.
Garbage collection
You can run garbage collection to delete layer data of manifests that are not associated with any image from the registry storage. Manifests that are still referenced by images will not be affected.
- When running garbage collection, images with multi-architecture manifests may be deleted. Proceed with caution.
- During garbage collection, you cannot create or delete repositories, push images, or add tags.
- Once garbage collection is completed, tags cannot be restored to their state prior to execution.
-
Go to the KakaoCloud Console > Container Pack > Container Registry menu.
-
In the Manage menu, click the [Garbage collection] button.
Check outbound traffic usage
You can view outbound traffic usage data for each repository. Trends from the current month and the previous two months are available.
- Outbound traffic is billed based on the Container Registry outbound traffic pricing policy.
- Traffic usage shown in the monitoring interface may differ slightly from actual billable usage.
- For storage usage, it may take about 30 minutes for collected data to be reflected.