A container registry is a repository, or collection of repositories, used to store and access container images. They serve as a place to store and share container images between developer systems, continuous integration servers, and deployment environments.
Examples of popular container registries include:
- Dockerhub
- Github Container Registry (ghcr.io.)
- Gitlab Container Registry
- Google Container Registry (gcr.io)
- Amazon Elastic Container Registry (ECR)
- Azure Container Registry (ACR)
- jFrog Container Registry
- Nexus
- Harbor
While you can pull many public images from registries without authenticating, in order to push images to a registry, or pull a private image, you will need to authentic
Docker can login directly to some registries with basic authentication (username/password) or call out to separate programs known as credential helpers. For example, to authenticate to the Google Container Registry, docker uses the gcloud command line utility from GCP (https://cloud.google.com/container-registry/docs/advanced-authentication#gcloud-helper).
If available, Docker can also store the credentials in a secure store (macOS keychain, Windows Credential Manager) to help protect those credentials.
