Managed Private Registry
Managed Private Registry
Easily store, manage, and access your container images and Helm charts with this fully managed service.
Managed Private Registry
Full interoperability
Managed Private Registry, based on open-source solutions such as Docker and the CNCF Harbor project, is designed to guarantee interoperability. It is compatible with all Open Container Initiative (OCI) images and Helm charts, and works seamlessly with containerisation platforms or orchestration tools, including Kubernetes.
Maximum security
Use Role-Based Access Control (RBAC) to secure your teams’ access, and ensure your images are from trusted sources with Content Trust. You can also leverage Automatic Vulnerability Analysis to shield your private container registry from everyday security risks. All of this is further protected by robust SLAs.
Predictable pricing
The Managed Private Registry service offers a range of pay-as-you-go plans to suit your specific needs. These include the amount of stored data, concurrent connections to your private container registry, and SLAs. Inbound/outbound traffic and maintenance are also included in the price, so you don’t have to worry about surprise fees at the end of the month.
Health data hosting compliance
Our cloud infrastructures and services are certified ISO/IEC 27001, 27017, 27018 and 27701. These certifications ensure an information security management system (ISMS) is in place to manage risks and support business continuity, along with a privacy information management system (PIMS). Additionally, our services are compliant with health data hosting standards, meaning you can securely host healthcare data.
Key features
Helm chart and container images
Stick with familiar Kubernetes or container tools to manage images. Helm charts and container images are compatible with Managed Private Registry, which makes integrating them into your existing workflows simple.
Harbor interface and API
Manage your registry via the Harbor interface or Docker registry API. The UI simplifies daily tasks and the API facilitates advanced automation and workflow integration.
RBAC, namespaces, and service accounts
Implement secure, role-based access with customisable namespace privileges. Service accounts use specific tokens to automate processes and streamline image management without compromising security.
Logging, vulnerability scanning, and Content Trust
Automated logging provides the necessary traceability needed for compliance. Content Trust uses Cosign to verify and validate images, ensuring they are from trusted sources. By detecting known threats, vulnerability scanning maintains the security of deployments.
Replication and automated deletion
Sync images across registries for consistent versioning. With automated deletion, unused images are removed to optimise storage and streamline lifecycle management.
Security, compliance, and high availability
Managed Private Registry provides a secure, compliant, and highly available container image environment through access controls, validation, scanning, and logging – so teams can focus on development.
Harbor and OVHcloud at KubeCon: From challenges to future plans
Find out how Harbor overcomes security and management challenges in container registries, how OVHcloud leverages it to support customers, and which innovations are coming next, from Orlin Vasilev, Harbor Community Manager and CNCF Ambassador.
YouTube conditions the playback of its videos on the deposit of tracers in order to offer you targeted advertising based on your browsing.
In order to watch the video, you need to accept the Sharing cookies on third-party platforms privacy category in our Privacy Center. You have the option of withdrawing your consent at any time.
For more information,visit the YouTube cookies policy and the OVHcloud cookies policy .
Managed Private Registry solutions
Choose the plan that fits your needs. Enjoy advanced features at a fixed price, no matter what plan you pick.
Use cases
Easy CI/CD setup
Managed Private Registry streamlines integration with your CI/CD via API. Focus on your software releases, from development to production, while OVHcloud manages your private container registry. This ensures images are readily available and your application deployments go smoothly without hassle.
Improved team collaboration
Enable the efficient and secure delivery of images, wherever you operate. Depending on their permissions, developers access approved images, which minimises the risk of using deprecated content. Managed Private Registry also enables concurrent connections to your container registry, further boosting your teams’ agility.
Streamlined image management
Manage your private storage configuration via a single, dedicated Harbor interface, or through the Harbor API. This way, you can ensure the integrity of your images by syncing multiple container registries and automating the removal of unused images.
Secure and scalable AI model delivery
MPR securely stores and manages AI model containers, providing version control, access restrictions, and effortless deployment in various environments. It enables reproducible MLOps workflows, faster rollouts, and compliant, tamper-proof distribution of AI models across cloud or edge infrastructures.
Streamlined dev-to-prod image promotion
Using immutable tags and access rules, MPR enables controlled promotion of container images from development to staging and production. This lowers risk, standardises environments, and prevents unintentional overwrites or untested deployments.
Automated image vulnerability scanning
MPR uses built-in or integrated scanners to automatically detect known security vulnerabilities in container images as soon as they are pushed. As a result, unsafe builds can be stopped before they reach production, supporting DevSecOps best practices without slowing down the release cycle.
Global access with geo-replication
MPR replicates container images across multiple regions to reduce latency and maximise availability. Global developers and deployment pipelines have quicker access to shared images, which speeds up deployments and increases operational efficiency across distributed environments.
Centralised governance and audit trails
MPR keeps detailed logs of all image pushes, pulls, and modifications. This, coupled with access controls and policy enforcement, ensures governance, compliance, and traceability in regulated industries or organisations dealing with sensitive workloads.
Optimised storage and lifecycle management
MPR automatically cleans up unused images through retention policies. This helps to reduce storage costs and clutter, while ensuring only the most recent, authorised artifacts are available for builds and deployments.
Documentation
Other products
Your questions answered
What is a private container registry?
A private container registry is a storage and delivery system for container images, which are files that hold all the code, libraries, and other resources needed to run an application within a containerised environment. It is essentially a secure space for storing container images, accessible only to authorised users. A private container registry enables organisations to easily manage their container images, and offers simple integration with existing continuous integration/continuous deployment (CI/CD) workflows for seamless app development, testing, and deployment.
Managed Private Registry
The Managed Private Registry service is a managed solution from OVHcloud. It offers a highly secure and compliant environment for storing container images and Helm charts, with predictable pricing and a range of security, automation, and storage features. The best part is that this is a fully managed service, which means we will handle your private registry’s setup, maintenance, and administration – freeing you up to focus on other projects.
How do I host a private container registry?
Hosting a private container registry requires a secure environment for storing your container images. To do this, you can either use a service from a cloud provider, install third-party software on your own infrastructure, or create a tailored solution.
Using a cloud provider’s service – such as OVHcloud’s Managed Private Registry – is the simplest way to host a private container registry. As a fully managed service, it removes the burden of maintaining your private registry while providing you with robust security, predictable pricing, and a range of features.
If you opt to deploy third-party software on your own instead, consider popular options like Harbor, JFrog Artifactory, and Sonatype Nexus. Alternatively, if you decide to build your own custom solution, there are easy-to-follow guides available online to help you set this up.
What is the difference between a public and private registry in Docker?
The key differences lie in access, security, and compliance. Unlike a public registry in Docker which can be accessed by anyone, a private registry in Docker restricts access to specific/authorised users. This significantly boosts security and allows for effortless compliance with industry regulations. Another difference is that public registries are free, but private registries are much easier to manage and integrate with existing workflows.
Is Docker Private Registry free?
Yes, Docker Registry software is open-source and therefore free of charge. However, running Docker Registry on your own comes with costs linked to infrastructure, security, maintenance, scalability, and backup. A service from a cloud provider, like OVHcloud’s Managed Private Registry, makes it easier to keep overheads down. Although you have to pay for these services, they save you the trouble and expense of managing and maintaining the container registry infrastructure on your own.