Skip to main content

Authenticate and manage registry

Authenticate registry

Container Registry is a service for storing and managing Docker container images. After installing Docker in the user environment, authentication is performed through the Docker CLI (Docker Command Line Interface).

info

Container Registry is a service for storing and managing Docker container images and requires Docker to be installed in the user environment. For detailed instructions on Docker installation, please refer to Docker official documentation.

Get access key

You can create an access key at KakaoCloud Console. For information on how to get access keys and secret access keys, please refer to API preparation.

Login in to Docker

After creating an access key ID and secret access key, you can log in to Docker using the command. When login is successful, Login Succeeded is displayed.

Docker login command
docker login {project name}.{region name}.kcr.dev --username {access key ID} --password {secret access key}

Set up authentication when pulling Kubernetes images

To pull an image from the Kubernetes you are using, you must set authentication as follows. For details, please refer to Kubernetes official documentation.

  1. Create a Secret.

    • The --docker-username and --docker-password parameters enter access key information issued by KakaoCloud Console.
    Secret creation command
    kubectl create secret docker-registry {Secret name to create} \
    --docker-server={project name}.{region name}.kcr.dev \
    --docker-username={access key ID} \
    --docker-password={secure access key} \
    --docker-email={email} \

  2. Create a POD.

    • When you enter the secret name created in the imagePullSecrets item, you can pull the image from Container Registry.
    POD creation command
    $ vi -f my-private-reg-pod.yaml
    apiVersion:v1
    kind: Pod
    metadata:
    name: private-reg
    spec:
    containers:
    - name: private-reg-container
    image: {project name}.{region name}.kcr.dev/{repository name}/{image name}:{tag name}
    imagePullSecrets:
    - name: {name of the secret you created}
    $ kubectl apply -f my-private-reg-pod.yaml

Manage registry

Here's how to manage the registry in Container Registry:

Garbage collection

You can run garbage collection to delete layer data in the manifest that does not have a referenced image among the data stored in registry storage. However, this does not affect manifests that contain referenced images.

caution
  • When running garbage collection, images with multi-architecture manifests may be deleted, so please be careful when deleting them.
  • Registry use, such as repository creation, repository deletion, image push, and tag addition, is restricted until garbage collection is completed.
  • After garbage collection is completed, tags cannot be restored to the state they were in before garbage collection was run.

  1. Go to KakaoCloud Console > Container Pack > Container Registry.

  2. in the Management menu, click the [Garbage collection] button.

    Image

Check Outbound traffic usage

You can check Outbound traffic usage and outbound usage trends for the past three months, etc.

info
  • Outbound traffic is charged according to the Outbound traffic billing policy of the Container Registry.
  • Outbound traffic usage information on the monitoring screen may differ slightly from the actual billed usage.
  • For storage usage, it takes approximately 30 minutes for actual usage to be collected and reflected.