Docker Registry
Support for Docker Registries
TrueFoundry supports various docker registries to be integration with the platform. These are used to store images that are built while deploying to TrueFoundry. The following table provides information on required permissions, authentication credentials required and also the list of validations performed by TrueFoundry.
| Feature | ECR | Google Artifact Registry | Google Container Registry | DockerHub |
|---|---|---|---|---|
| Registry URL | <registryId>.dkr.ecr.<region>.amazonaws.com | <location>-docker.pkg.dev/<projectId> | <location>.gcr.io/<projectId> | registry.hub.docker.com or docker.io/<namespace> |
| Authentication | AWS Access Id + Secret Key or Assumed Role ARN | keyfile.json for service account | keyfile.json | username + password |
| Permissions Required | AmazonEC2ContainerRegistryFullAccess | roles/iam.serviceAccountTokenCreatorroles/artifactregistry.admin | roles/storage.legacyBucketWriter | |
| Validations By TrueFoundry | ||||
| check if registry url is valid |  | | | - |
| check if registry credentials are valid | | | | |
| check if an image is valid | | | - | we can check until the repo, but cannot validate the tag |
| delete repo with application deletion | | | - | - |
Add Docker Image Registry to TrueFoundry
Storing Docker images of services that are built for model deployment and inference will require setup of a default Docker image registry. We support commonly used docker registries like Dockerhub, ECR, AzureCR out of the box. We also support most docker registries that uses the standard username password flows.
Docker Registries are used in two ways:
- you can use Docker registry to save images built during deployment of code or repository
- you can deploy any images from the repository to one of your connected workspaces
To connect a new registry, one needs to follow the following steps:
- Navigate to the
Integrationssection of your TrueFoundry dashboard, and go to theDocker Registrysection. - Click on the
Connect Registrybutton at the top right corner.
- Now add the name of the registry you want to connect. Select the registry type.
- Now add the credentials for these registries. The format expected by registry url and permissions required for the credentials for each type of registry can be checked by clicking on the information next to the field.
Docker Hub Registry
AWS ECR Registry
Google Container Registry
- Once added, the registry will show up in the list of registries.
- On the registry you want to use as default, choose the
Set defaultoption from the menu. In case you do not specify any docker registry while deploying an application, the default one will be used for storing the image.
Default Registries
Cluster Default
You can specify the default registry per cluster. To do this, go to Integrations > Clusters and click on Edit for the cluster you want to add default registry for.
Edit Cluster Form to add default registry
In the form, choose the default registry for the cluster. When no registry is specified for a deployment, the cluster default will be automatically used to store the built image.
Choose a default registry for the cluster from the form
Tenant Default
If you do not choose a registry for your deployment and there is no default cluster registry, the tenant default will be used. All tenants must have a default registry. If you only have one registry added, it will automatically be the tenant default and will be used for all builds.
Updated 2 days ago