Authenticate and manage registry

Authenticate registry

The Container Registry service allows you to store and manage Docker container images. After installing Docker on your environment, you can authenticate via the Docker CLI (Docker Command Line Interface).

info

The Container Registry service requires Docker to be installed in your environment. For more details on installing Docker, refer to the official Docker documentation.

Get IAM access key

You can issue an access key from the KakaoCloud Console.
For instructions on issuing an access key and secret access key, refer to API preparation.

Log in to Docker

After obtaining the access key ID and secret access key, use the following command to log in to Docker. Upon successful login, Login Succeeded will be displayed.

Docker login command

docker login {project name}.{region}.kcr.dev --username {access key ID} --password {secret access key}

Set up authentication when pulling Kubernetes images

To pull images in your Kubernetes environment, configure authentication as shown below. For more details, refer to the official Kubernetes documentation.

1. Create a secret.

   • Enter the access key information issued from the KakaoCloud Console in --docker-username and --docker-password.

     Create secret command

     kubectl create secret docker-registry {secret name to create} \
     --docker-server={project name}.{region}.kcr.dev \
     --docker-username={access key ID} \
     --docker-password={secret access key} \
     --docker-email={email} \

2. Create a POD.

   • When you enter the created secret name in the imagePullSecrets field, images can be pulled from the Container Registry service.

     Create POD command

     $ vi -f my-private-reg-pod.yaml
     apiVersion: v1
     kind: Pod
     metadata:
       name: private-reg
     spec:
       containers:
       - name: private-reg-container
         image: {project name}.{region}.kcr.dev/{repository name}/{image name}:{tag name}
       imagePullSecrets:
       - name: {created secret name}
     kubectl apply -f my-private-reg-pod.yaml

Manage registry

You can manage registries from the Container Registry > Manage menu.

Garbage collection

You can run garbage collection to delete layer data of manifests that are not associated with any image from the registry storage. Manifests that are still referenced by images will not be affected.

caution

• When running garbage collection, images with multi-architecture manifests may be deleted. Proceed with caution.
• During garbage collection, you cannot create or delete repositories, push images, or add tags.
• Once garbage collection is completed, tags cannot be restored to their state prior to execution.

1. Go to the KakaoCloud Console > Container Pack > Container Registry menu.

2. In the Manage menu, click the [Garbage collection] button.

Check outbound traffic usage

You can view outbound traffic usage data for each repository. Trends from the current month and the previous two months are available.

info

• Outbound traffic is billed based on the Container Registry outbound traffic pricing policy.
• Traffic usage shown in the monitoring interface may differ slightly from actual billable usage.
• For storage usage, it may take about 30 minutes for collected data to be reflected.