sitemap.md

copyright	lastupdated	keywords	subcollection
years 2021, 2025	2025-03-18	container registry, site map, policy, storage, images, overview, registry	Registry

{{site.data.keyword.attribute-definition-list}}

Site map for {{site.data.keyword.registryshort_notm}}

{: #sitemap}

Getting started

{: #sitemap_getting_started}

Getting started

• Before you begin

• Install the {{site.data.keyword.registryshort_notm}} CLI

• Set up a namespace

• Pull images from a registry to your local computer

• Tag the image

• Push images to your namespace

• Verify that the image was pushed

• Set up an audit trail for changes in {{site.data.keyword.registryshort_notm}}

• Monitor metrics for {{site.data.keyword.registryshort_notm}}

• Next steps in {{site.data.keyword.registryshort_notm}}

About {{site.data.keyword.registryshort_notm}}

{: #sitemap_about_}

About {{site.data.keyword.registryshort_notm}}

• Service plans

• Quota limits and billing

  • Billing for storage and pull traffic

    • Storage charges

    • Pull traffic charges

  • Quota limits for storage and pull traffic

    • Storage quota limits

    • Pull traffic quota limits

  • Cost of {{site.data.keyword.registryshort}}

• Upgrading your service plan

• Terms that are used in {{site.data.keyword.registrylong_notm}}

  • Container image

  • Digest

  • Dockerfile

  • Docker V2 container images

  • Domain name

  • Image manifest

  • OCI container images

  • Registry

  • Registry namespace

  • Repository

  • Tag

  • Untagged image

• Regions

  • Global registry

    • Targeting the global registry

  • Local regions

    • Targeting a local region

• Supported clients

  • Support for Docker

  • Support for other clients

Architecture and workload

{: #sitemap_architecture_and_workload}

Architecture and workload

• Segmentation of data

• Private connections

Public IBM images

{: #sitemap_public_ibm_images}

Public IBM images

• Accessing the public IBM images by using the CLI

What are containers?

{: #sitemap_what-are-containers}

What are containers?{: external}

Notifications

{: #sitemap_notifications}

Notifications

• Notifications topics

  • 2024

  • 2023

  • 2022

  • 2021

  • 2020

  • 2019

  • 2018

  • 2017

Firewall changes from 4 September 2024 for users that pull images from global

• What you need to know about this change

• What actions you must take by 4 September 2024

• Original announcement

Vulnerability Advisor version 3 is being discontinued on 13 November 2023

• What you need to know about this change

• What actions you must take by 13 November 2023

• Original announcement

Upcoming public networking changes from 15 June 2023

• Original announcement

Update Vulnerability Advisor to version 4 by 19 June 2023

• What you need to know about this change

• What actions you must take by 19 June 2023

• Original announcement

Changes to VPE gateways from 11 November 2022

• What you need to know about this change

• How you benefit from this change

• Understanding if you are impacted by this change

• What actions you must take

• Original announcement

Changes to private IP addresses from 15 December 2022

• What you need to know about this change

• What actions you need to take

• Original announcement

Container Registry CLI stops returning security status results in lists from version 1.0.0

• What actions you need to take

• Original announcement

Private IP addresses changed on 5 July 2022

• What you need to know about this change

• How you benefit from this change

• Understanding if you are impacted by this change

• What actions you need to take

• Original announcement

IAM access policies are required from 5 July 2022

• What are the changes?

• Check whether these changes affect you

• Prepare for the changes

• What if I did not implement the changes in time?

• Original announcement

Minimum supported Docker version from 1 March 2022

• Original announcement

Ending exemption synchronization across regions on 31 January 2022

• What are exemptions?

• What is the current behavior?

• Which regions currently replicate exemptions?

• Do I have any exemptions?

• How does this change affect me?

• Original announcement

Billing for storage used by untagged images from 1 February 2022

• What are untagged images?

• Do I have any untagged images?

• Do I need untagged images?

• How does this change affect me?

• How can I remove untagged images?

• Original announcement

Support for the container build service ends on 5 October 2021

• What you need to know

• What actions you need to take

• Original announcement

Changes to public IP addresses from 13 September 2021

• What you need to know:

• What actions you need to take

• When the changes take effect

• Original announcement

Using Notary v1 for signing images is deprecated from 8 July 2021

• Original announcement

Registry tokens discontinued for authentication on 19 August 2021

• What actions you must take by 19 August 2021

• Learn more

• Original announcement

Deprecation of container builds - act by 6 September 2021

• What you need to know about this change

• What actions you must take by 6 September 2021

• Learn more

• Original announcement

End of support for UAA tokens from 12 August 2020

• Next steps to use IAM for authentication

• Summary

• Original announcement

Introducing retention policies from 23 September 2019

• Setting retention policies in the CLI

• Learn more

• Original announcement

Registry token creation is discontinued from 1 July 2019

• What you need to know about this change

• How you benefit from this change

• Original announcement

Introducing new domain names from 25 February 2019

• What you need to know about this change

• How you benefit from this change

• Original announcement

Vulnerability Advisor version 2 API is being discontinued on 8 January 2019

• What is changing?

• End of support Date: 8 January 2019

• Original announcement

Support for IAM access policies

• Original announcement

IBM Cloud Container Registry is available

• Original announcement

Release notes

{: #sitemap_release_notes}

Release notes

• 14 February 2025

  • Access {{site.data.keyword.registrylong_notm}} by using trusted profiles

• 9 December 2024

  • Content delivery network (CDN) is enabled for users that pull {{site.data.keyword.registrylong_notm}} images from global (icr.io) over a public network

• 26 June 2024

  • Firewall changes from 4 September 2024 for users that pull {{site.data.keyword.registrylong_notm}} images from global (icr.io)

• 15 March 2024

  • New region in Madrid

• 13 November 2023

  • Discontinuation of Vulnerability Advisor version 3

• 11 October 2023

  • Vulnerability Advisor version 3 is discontinued from 13 November 2023

• 24 July 2023

  • Added the option to output several {{site.data.keyword.registrylong_notm}} commands in JSON format

  • The --json option for {{site.data.keyword.registrylong_notm}} commands is deprecated

• 19 June 2023

  • Vulnerability Advisor version 3 is deprecated from 19 June 2023

• 19 May 2023

  • Update Vulnerability Advisor to version 4 by 19 June 2023

• 26 April 2023

  • Using Portieris to block the deployment of images with issues is deprecated.

• 11 November 2022

  • Change to virtual private endpoints

• 2 November 2022

  • Changes to private IP addresses from 15 December 2022

• 15 September 2022

  • {{site.data.keyword.registryshort}} plug-in 1.0.0 is available

  • All releases of {{site.data.keyword.registryshort}} plug-in 0.1 are deprecated

  • Vulnerability Advisor 4 is available from {{site.data.keyword.registryshort}} plug-in 1.0.0

  • New commands for setting and checking the Vulnerability Advisor version are available from {{site.data.keyword.registryshort}} plug-in 1.0.0

• 3 August 2022

  • The CLI stops returning security status results in lists by default from version 1.0.0

• 8 July 2022

  • Context-based restrictions

• 5 July 2022

  • Change to {{site.data.keyword.registryshort}} private IP addresses in all regions

  • All accounts require IAM access policies

• 23 June 2022

  • Change to {{site.data.keyword.registryshort}} private IP addresses in the following regions only: br-sao, ca-tor

• 20 April 2022

  • {{site.data.keyword.registryshort}} private IP addresses are changing from 23 June 2022

• 1 March 2022

  • Amendment to the minimum supported Docker version for {{site.data.keyword.registryshort}}

• 9 February 2022

  • All accounts will require IAM access policies from 5 July 2022

• 2 February 2022

  • Replication of exemption policies between {{site.data.keyword.IBM_notm}} regions is discontinued

• 1 February 2022

  • Storage that is used by untagged images is being charged for

• 17 January 2022

  • View {{site.data.keyword.at_full_notm}} events for {{site.data.keyword.redhat_notm}} signing

• 7 December 2021

  • Define configuration rules for {{site.data.keyword.registryshort}}

• 1 November 2021

  • Using Notary v1 for signing images is discontinued

• 5 October 2021

  • {{site.data.keyword.registryshort}} container builds are discontinued

• 2 September 2021

  • Namespaces that are assigned to a resource group show in the Resource list page

• 30 August 2021

  • New region in Brazil

• 19 August 2021

  • Using registry tokens is discontinued

• 9 August 2021

  • The ibmcloud cr login command logs you into the <region>.icr.io registry domain only

• 8 July 2021

  • Using Notary v1 for signing images is deprecated

• 21 June 2021

  • Global registry

• 10 May 2021

  • New region in Canada

• 4 May 2021

  • The ibmcloud cr ppa-archive-load command is discontinued

• 18 February 2021

  • Increase the performance of the ibmcloud cr image-list and ibmcloud cr image-digests commands by using the --no-va option

• 15 February 2021

  • New region in Japan

• 19 November 2020

  • You can use Portieris to enforce container image security

• 21 October 2020

  • Find out about the usage on your account by using platform metrics

• 6 October 2020

  • {{site.data.keyword.registryshort}} container builds are deprecated

• 27 August 2020

  • Setting exemption policies by digest

• 12 August 2020

  • Using UAA tokens is discontinued

• 30 July 2020

  • New access roles are required for Vulnerability Advisor exemption policies

• 29 July 2020

  • You can set permissions so that access to resources within a namespace can be configured at the resource group level

• 13 July 2020

  • To work with namespaces, you must have the Manager role at the account level

• 24 June 2020

  • Restoring all tags for a digest in a repository is now an option

• 18 May 2020

  • Retaining untagged images is now an option when you clean up your namespaces

• 30 April 2020

  • ibmcloud cr image-prune-untagged command is available

• 16 April 2020

  • You can use private network connections to securely route your data in {{site.data.keyword.registryshort}}

  • ibmcloud cr private-only command is available

• 3 February 2020

  • Using {{site.data.keyword.registryshort}} tokens is deprecated

• 31 January 2020

  • ibmcloud cr image-digests command is available

• 4 December 2019

  • Support for {{site.data.keyword.redhat_notm}} signatures is available

• 25 October 2019

  • {{site.data.keyword.la_full_notm}} platform services logs are available

• 14 October 2019

  • ibmcloud cr manifest-inspect command is available

• 23 September 2019

  • You can create retention policies for your images

  • You can restore deleted images from the trash

• 1 August 2019

  • ibmcloud cr retention-run command is available

• 25 July 2019

  • {{site.data.keyword.at_full_notm}} available for {{site.data.keyword.registryshort}}

• 1 July 2019

  • ibmcloud cr token-add command is no longer available

• 27 June 2019

  • Container Scanner is no longer available

• 13 June 2019

  • Remove tags from images

• 13 May 2019

  • End of support for Container Scanner

• 2 April 2019

  • General Availability of Container Image Security Enforcement

• 14 March 2019

  • {{site.data.keyword.cloudaccesstrailfull_notm}} available for {{site.data.keyword.registryshort}}

• 25 February 2019

  • New domain names

  • Adding IAM API key policies to control access to resources

  • New region in jp-tok

• 21 February 2019

  • Automating access to your namespaces

• 8 January 2019

  • End of support for Vulnerability Advisor API version 2

• 4 October 2018

  • Managing user access

• 7 August 2018

  • Exemption policies available in Vulnerability Advisor

• 25 July 2018

  • {{site.data.keyword.cloudaccesstrailfull_notm}} available for Vulnerability Advisor

• 12 July 2018

  • Vulnerability Advisor API version 3

• 31 May 2018

  • Use Helm for Passport Advantage images

• 21 March 2018

  • Container Scanner

• 16 March 2018

  • Container Image Security Enforcement beta

• 20 February 2018

  • Trusted content

• 6 November 2017

  • Global registry

• 29 September 2017

  • Build Docker images

• 24 August 2017

  • Graphical user interface released

• 27 June 2017

  • Introducing {{site.data.keyword.registrylong_notm}}

Container Registry and Vulnerability Advisor workflow tutorial

{: #sitemap_container_registry_and_vulnerability_advisor_workflow_tutorial}

Container Registry and Vulnerability Advisor workflow tutorial

• Objectives

• Services used

• Before you begin

• From code to a running container

  • Create a namespace

  • Build and push an image

  • Deploy a container that uses your image

• Secure your images and clusters

  • View the vulnerability report for your image

  • Enforce security in your cluster

  • Resolve vulnerabilities in your image

• Deploying to nondefault Kubernetes namespaces

Granting access to Container Registry resources tutorial

{: #sitemap_granting_access_to_container_registry_resources_tutorial}

Granting access to Container Registry resources tutorial

• Before you begin

• Authorize a user to configure the registry

• Authorize a user to access specific namespaces

• Create a service ID and grant access to a resource

• Cleaning up your account

Solution tutorials

{: #sitemap_solution_tutorials}

Moving a VM based app to Kubernetes

• Objectives

• Architecture

  • Traditional app architecture with VMs

  • Containerized architecture

  • VMs, containers, and Kubernetes

    • Virtual machines vs containers

    • Kubernetes orchestration

  • What IBM is doing for you

• Sizing clusters

• Decide what Database option to use

• Decide where to store application files

  • Non-persistent data storage

  • Learn how to create persistent data storage for your app

  • Learn how to move existing data to persistent storage

  • Set up backups for persistent storage

• Prepare your code

  • Apply the 12-factor principles

  • Store credentials in Kubernetes secrets

• Containerize your app

• Deploy your app to a Kubernetes cluster

  • Learn how to create a Kubernetes deployment yaml file

• Summary

• Put everything learned to practice, run the JPetStore app in your cluster

• Related Content

Resilient and secure multi-region Kubernetes clusters with {{site.data.keyword.cis_full_notm}}

• Objectives

• Before you begin

• Deploy an application to one location

  • Create a Kubernetes cluster

  • Deploy the application to the Kubernetes cluster

  • Get the Ingress Subdomain assigned to the cluster

  • Configure the Ingress for your DNS subdomain

• And then to another location

• Configure multi-location load-balancing

  • Register a custom domain with {{site.data.keyword.cis_full_notm}}

  • Configure Health Check for the Global Load Balancer

  • Define Origin Pools

    • One pool for the cluster in Dallas

    • One pool for the cluster in London

  • Create the Global Load Balancer

• Secure the application

  • Turn the Web Application Firewall On

  • Increase performance and protect from Denial of Service attacks

• Remove resources

  • Remove Kubernetes Cluster resources

  • Remove {{site.data.keyword.cis_short_notm}} resources

• Related content

Setting up the CLI and namespace

{: #sitemap_setting_up_the_cli_and_namespace}

Setting up the CLI and namespace

• Installing the container-registry CLI plug-in

• Updating the container-registry CLI plug-in

  • Updating container-registry CLI plug-in version 1.0

  • Updating container-registry CLI plug-in version 0.1

• Uninstalling the container-registry CLI plug-in

• Planning namespaces

  • User permissions for working with namespaces

• Setting up a namespace

• Assigning existing namespaces to resource groups

• Removing namespaces

Setting up {{site.data.keyword.registryshort}} as a private registry on {{site.data.keyword.redhat_openshift_notm}}

{: #sitemap_setting_up_as_a_private_registry_on_}

Setting up {{site.data.keyword.registryshort}} as a private registry on {{site.data.keyword.redhat_openshift_notm}}

• Set up {{site.data.keyword.openshiftlong_notm}} to use {{site.data.keyword.registryshort}}

• Set up {{site.data.keyword.redhat_openshift_notm}} Container Platform to use {{site.data.keyword.registryshort}}

  • Set up the {{site.data.keyword.redhat_openshift_notm}} Container Platform internal registry to pull from {{site.data.keyword.registryshort}}

  • Set up the {{site.data.keyword.redhat_openshift_notm}} Container Platform build to push images to {{site.data.keyword.registryshort}}

Adding images to your namespace

{: #sitemap_adding_images_to_your_namespace}

Adding images to your namespace

• Pulling images from another registry

• Pushing Docker images to your namespace

• Copying images between registries

• Creating images that refer to a source image

• Building Docker images to use them with your namespace

• Pushing images by using an API key

• Removing tags from images in your private repository

• Deleting images from your private repository

  • Deleting images from your private repository in the CLI

  • Deleting images from your private repository in the console

• Listing images in the trash

• Restoring images

  • Restoring images by digest

  • Restoring images by tag

• Deleting a private repository and any associated images

Using Helm charts

{: #sitemap_using_helm_charts}

Using Helm charts

• OCI support for Helm charts

• Adding Helm charts to your namespace

  • Pulling charts from another registry or Helm repository

  • Pushing Helm charts to your namespace

  • Copying charts between registries

  • Installing a Helm chart to the cluster

• Deleting charts from your private repository

  • Deleting charts from your private repository in the CLI

  • Deleting charts from your private repository in the console

• Listing charts in the trash

• Restoring charts

  • Restoring charts by digest

  • Restoring charts by tag

• Deleting a private repository and any associated charts

Cleaning up your namespaces

{: #sitemap_cleaning_up_your_namespaces}

Cleaning up your namespaces

• Planning retention

• Clean up your namespaces to keep a set number of images

• Set a retention policy for your namespaces

• Update a retention policy to keep all your images

• Clean up your namespaces by deleting untagged images

Managing quota limits for storage and pull traffic

{: #sitemap_managing_quota_limits_for_storage_and_pull_traffic}

Managing quota limits for storage and pull traffic

• Setting quota limits for storing and pulling images

• Reviewing quota limits and usage

• Staying within quota limits

Managing user access

{: #sitemap_managing_user_access}

Accessing Container Registry

• Accessing your namespaces in automation

  • Creating a service ID API key manually

  • Creating a user API key manually

  • Using client software to authenticate in automation

    • Using Buildah to authenticate with the registry

    • Using Docker to authenticate with the registry

    • Using Podman to authenticate with the registry

    • Using Skopeo to authenticate with the registry

• Accessing your namespaces interactively

  • Using Buildah to access your namespace

  • Using Docker to access your namespace

  • Using Podman to access your namespace

  • Using Skopeo to access your namespace

• Accessing your namespaces programmatically

Accessing Container Registry by using trusted profiles

• Accessing namespaces in automation by using a trusted profile

  • Creating a trusted profile

  • Creating a service ID API key manually

  • Using client software to authenticate in automation

    • Using Buildah to authenticate with the registry

    • Using Docker to authenticate with the registry

    • Using Podman to authenticate with the registry

    • Using Skopeo to authenticate with the registry

Managing IAM access

• Access policies

• Assign roles

• Context-based restrictions

• Platform management roles

• Service access roles

  • Access roles for configuring {{site.data.keyword.registryshort}}

  • Access roles for using {{site.data.keyword.registryshort}}

• Assigning access to {{site.data.keyword.registryshort}} in the console

• Assigning access to {{site.data.keyword.registryshort}} in the CLI

• Assigning access to {{site.data.keyword.registryshort}} by using the API

• Assigning access to {{site.data.keyword.registryshort}} by using Terraform

Defining IAM access policies

• Creating policies

• Setting up region-based policies for IAM

  • Region-based user policies

  • Region-based service ID policies

Managing image security with Vulnerability Advisor

{: #sitemap_managing_image_security_with_vulnerability_advisor}

Managing image security with Vulnerability Advisor

• About Vulnerability Advisor

  • Data protection

• Types of vulnerabilities

  • Vulnerable packages

  • Configuration issues

• Setting the version of Vulnerability Advisor

• Reviewing a vulnerability report

  • Reviewing a vulnerability report by using the console

  • Reviewing a vulnerability report by using the CLI

• Setting organizational exemption policies

  • Setting exemption policies by using the console

  • Setting exemption policies by using the CLI

Setting up Terraform

{: #sitemap_setting_up_terraform}

Setting up Terraform

• Installing Terraform and creating a {{site.data.keyword.registryshort}} namespace

• Next steps

Enhancing security

{: #sitemap_enhancing_security}

Managing security and compliance

Using VPE for VPC to connect privately

• Before you begin

• Virtual private endpoints

• Setting up a VPE for {{site.data.keyword.registrylong_notm}}

  • Configuring an endpoint gateway

Securing your connection

• Using private network connections

  • Enabling service endpoint support for the account

  • Considerations for private network connections

  • Pushing and pulling images

• Enforcing access to your account

Encrypting images for content confidentiality

• Before you begin

• Create the public-private key pair

• Encrypt the image

• Pull and decrypt the image

• Storing keys

• Next steps

Managing your data

• How your data is stored

  • Image data

  • Scanning data

• Deleting your data

  • Deleting the service

  • Deleting namespaces

  • Deleting images

  • Deleting private repositories

• Restoring deleted data

Signing images for trusted content

• Signing images by using {{site.data.keyword.redhat_notm}} signatures

  • Using Skopeo to sign images

  • Using Podman to sign images

  • Signing images by using the {{site.data.keyword.redhat_openshift_notm}} CLI

Using IAM IP address access restrictions

• Granting access if you are using a public network

• Granting access if you are using a private network

Enforcing container image security by using Portieris

• Installing Portieris in your cluster

• Portieris policies

• Uninstalling Portieris

Protecting resources with context-based restrictions

• How {{site.data.keyword.registryshort}} integrates with context-based restrictions

• Protecting specific resources

• Limitations

• Creating rules

  • Creating rules in the {{site.data.keyword.cloud_notm}} console

  • Creating rules by using the CLI

  • Creating rules by using the API

• Setting up region-based policies for context-based restrictions

Accessing {{site.data.keyword.registryshort}} through a firewall

Observability

{: #sitemap_observability}

Monitoring metrics

• Enabling metrics for {{site.data.keyword.registryshort_notm}}

• Locations of platform metrics

• Where to look for metrics

  • {{site.data.keyword.mon_short}} metrics

• Viewing metrics

  • Starting the Monitoring UI from the Observability page

• Predefined dashboards

• Platform metrics

  • Pull Traffic

  • Pull Traffic Quota

  • Storage Quota

  • Storage

Activity tracking events

• Locations where activity tracking events are generated

• Locations where activity tracking events are sent to {{site.data.keyword.at_full_notm}} hosted event search

• Locations where activity tracking events are sent by {{site.data.keyword.atracker_full_notm}}

• Viewing activity tracking events for {{site.data.keyword.registryshort}}

  • Starting {{site.data.keyword.logs_full_notm}} from the Observability page

• Account management events

• Events for images

• Events for namespaces

• Events for vulnerabilities

• Analyzing {{site.data.keyword.registryshort}} activity tracking events

  • Request data for vulnerability events

    • Request data for the account vulnerability report

    • Request data for the account vulnerability status

    • Request and response data for the vulnerability report

    • Request and response data for the vulnerability status

  • Request data for image signing events

Logging

• Locations where platform logs are generated

• Locations where logs are sent to {{site.data.keyword.la_full_notm}}

• Locations where logs are sent by {{site.data.keyword.logs_routing_full_notm}}

• Platform logs that are generated

• Viewing logs

  • Launching {{site.data.keyword.logs_full_notm}} from the Observability page

• Fields by log type

IAM and Activity Tracker actions by API method

• {{site.data.keyword.registryshort_notm}}

  • Authorization API methods

  • Image API methods

  • Message API methods

  • Namespace API methods

  • Plan API methods

  • Quota API methods

  • Retention API methods

  • Settings API methods

  • Tag API methods

  • Trash API methods

• Vulnerability Advisor API methods

  • Report API methods

  • Exemption API methods

Container Registry CLI

{: #sitemap_container_registry_cli}

CLI

• Prerequisites

  • Notes

• ibmcloud cr api

  • Prerequisites

• ibmcloud cr exemption-add

  • Prerequisites

  • Command options

  • Examples

• ibmcloud cr exemption-list (ibmcloud cr exemptions)

  • Prerequisites

  • Command options

  • Examples

• ibmcloud cr exemption-rm

  • Prerequisites

  • Command options

  • Examples

• ibmcloud cr exemption-types

  • Prerequisites

  • Command options

• ibmcloud cr iam-policies-enable

  • Prerequisites

• ibmcloud cr iam-policies-status

• ibmcloud cr image-digests (ibmcloud cr digests)

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-inspect

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-list (ibmcloud cr images)

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-prune-untagged

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-restore

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-rm

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr image-tag

  • Prerequisites

  • Command options

  • Examples

• ibmcloud cr image-untag

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr info

  • Prerequisites

• ibmcloud cr login

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr manifest-inspect

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr namespace-add

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr namespace-assign

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr namespace-list (ibmcloud cr namespaces)

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr namespace-rm

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr plan

  • Prerequisites

  • Command options

• ibmcloud cr plan-upgrade

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr platform-metrics

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr private-only

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr quota

  • Prerequisites

  • Command options

• ibmcloud cr quota-set

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr region

  • Prerequisites

• ibmcloud cr region-set

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr retention-policy-list

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr retention-policy-set

  • Prerequisites

  • Command options

  • Examples

• ibmcloud cr retention-run

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr trash-list

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr va-version

  • Prerequisites

• ibmcloud cr va-version-set

  • Prerequisites

  • Command options

  • Example

• ibmcloud cr vulnerability-assessment (ibmcloud cr va)

  • Prerequisites

  • Command options

  • Examples

Formatting and filtering the CLI output

• Go template options for ibmcloud cr image-digests

• Go template options for ibmcloud cr image-list

• Go template options for ibmcloud cr image-inspect

  • Config field details

  • Healthcheck field details

  • RootFS field details

CLI change log

• Version 1.3.13

• Version 1.3.12

• Version 1.3.11

• Version 1.3.10

• Version 1.3.8

• Version 1.3.7

• Version 1.3.5

• Version 1.3.4

• Version 1.3.1

• Version 1.2.2

• Version 1.1.0

• Version 1.0.11

• Version 1.0.8

• Version 0.1.587

• Version 1.0.6

• Version 1.0.5

• Version 0.1.585

• Version 1.0.2

• Version 0.1.584

• Version 1.0.1

• Version 0.1.583

• Version 1.0.0

• Version 0.1.582

Service dependencies

{: #sitemap_service_dependencies}

Service dependencies

High availability and disaster recovery

{: #sitemap_high_availability_and_disaster_recovery}

High availability

• Ownership of responsibilities

• What level of availability do I need?

• What level of availability does {{site.data.keyword.cloud_notm}} offer?

• Locations for service availability

• FAQ about high availability

  • Does {{site.data.keyword.cloud_notm}} replicate the service?

  • Are users required to replicate the service?

Business continuity and disaster recovery

• Your responsibilities when you're using {{site.data.keyword.registryshort_notm}}

• Disaster recovery strategy

• Locations for service availability

• FAQ about disaster recovery

  • Does the service replicate the data?

  • What data is backed up or replicated?

  • Are users required to replicate the data?

Understanding data portability

{: #sitemap_understanding_data_portability}

Understanding data portability

• Responsibilities

• Procedures for exporting data

• Exported data formats

• Data ownership

Your responsibilities

{: #sitemap_your_responsibilities}

Your responsibilities

• Incident and operations management

• Change management

• Identity and access management

• Security and regulation compliance

• Disaster recovery

Terraform reference

{: #sitemap_terraform-reference}

Terraform reference{: external}

API reference

{: #sitemap_api_reference}

IBM Cloud Container Registry API{: external}

Vulnerability Advisor 4 for IBM Cloud Container Registry API{: external}

Related links

{: #sitemap_related_links}

IBM Cloud Kubernetes Service documentation

Red Hat OpenShift on IBM Cloud documentation

IBM Developer - Containers{: external}

Troubleshooting

{: #sitemap_troubleshooting}

Troubleshooting {{site.data.keyword.registryshort_notm}}

• Troubleshooting topics

  • Troubleshooting CLI login

  • Troubleshooting pull and push errors

  • Troubleshooting CLI commands

  • Troubleshooting networking

  • Troubleshooting Portieris

Troubleshooting CLI login

{: #sitemap_troubleshooting_cli_login}

Why can't I log in to {{site.data.keyword.registryshort}}?

Why does the {{site.data.keyword.registryshort}} login keep expiring?

Why can't I get started with {{site.data.keyword.registryshort}}?

Why do commands fail saying they're not registered?

Why is docker login on my Mac failing?

Troubleshooting pull and push errors

{: #sitemap_troubleshooting_pull_and_push_errors}

Why can't I push or pull a Docker image?

Why is pulling images slow?

Why am I getting Authorization required errors?

• Scenario A. You're trying to push or pull an image

• Scenario B. You're logged in to the wrong region

• Scenario C. You're trying to use the API

Why am I getting an Unauthorized error when I use Code Engine?

Why have I got a problem pulling an image with cosign when I use Podman?

Why am I getting Access denied errors?

Why am I getting errors for a resource?

Why am I getting errors about insufficient scope?

Why am I getting errors about my quota?

Why am I getting errors about using a private network?

Why am I getting a Forbidden error when I'm using Code Engine?

Why do images fail to pull from registry with ImagePullBackOff or authorization errors?

• Troubleshooting image pull secrets that use API keys

Troubleshooting CLI commands

{: #sitemap_troubleshooting_cli_commands}

Why can't I add a namespace?

Why aren't I authorized to access a specified resource?

Why can't I find my image or my namespace?

Why don't all my namespaces show in the resource list?

Why does it time out when I list images?

Why can't I pull the newest image by using the latest tag?

Why do all the tags get deleted when I delete an image?

Why doesn't the retention command show all the images?

Why do I get an error when I'm restoring an image?

Why aren't all the tags restored when I restore by digest?

Why do I get a manifest unknown error?

Why do I get a manifest type error when I tag my image?

Why do I get a manifest version error?

Why do I get a manifest list invalid error?

Why do I get an error about an invalid version of Vulnerability Advisor being specified?

Troubleshooting networking

{: #sitemap_troubleshooting_networking}

Why can't I access {{site.data.keyword.registryshort_notm}} through a custom firewall?

Why can't I connect to {{site.data.keyword.registryshort_notm}}?

Troubleshooting Portieris

{: #sitemap_troubleshooting_portieris}

Why don't my pods restart after my workers are down?

FAQ

{: #sitemap_faq}

FAQ

• FAQ for {{site.data.keyword.registryshort_notm}}

  • Where is the reference documentation for {{site.data.keyword.registryshort}}?

  • How do I set up the {{site.data.keyword.registryshort}} CLI?

  • How do I configure my firewall to allow connections to {{site.data.keyword.registryshort}}?

  • How many namespaces can you have?

  • Can I rename a namespace?

  • Why don't I have authorization to create a namespace?

  • How do I list image names?

  • How do you list public images?

  • What tools can I use to build and push images?

  • Do images in the trash count toward my quota?

  • How do I find the image digest?

  • How do I use digests to work with images?

  • Why can't I push the image into {{site.data.keyword.registryshort}}?

  • How do I list images that are more than a year old?

  • How do you use access control?

  • How can I share access to an image?

  • Do I have any untagged images?

  • Do I need untagged images?

  • What are eligible images?

  • What regions are available?

  • How do I get the docker pull command to return the most recent version?

  • Why do my pods fail with an ImagePullBackOff error?

  • Why am I getting an exceeded quota error?

• FAQ for Vulnerability Advisor

  • How do I manage vulnerabilities?

  • How much does Vulnerability Advisor cost?

  • Can images from other registries be scanned by Vulnerability Advisor?

  • How is a Vulnerability Advisor scan triggered?

  • Why doesn't my image scan in Vulnerability Advisor v4?

  • Why doesn't a new image scan in Vulnerability Advisor?

  • How often are the security notices updated in Vulnerability Advisor?

  • Which version of a package is installed in my image?

    • Alpine package manager commands

    • Debian and Ubuntu package manager commands

    • {{site.data.keyword.redhat_notm}} and CentOS package manager commands

  • Does Vulnerability Advisor have versions?

Getting help and support

{: #sitemap_getting_help_and_support}

Getting help and support

• Providing support case details