JFrog as a Docker Registry

JFrog Container Registry is a repository manager, allowing you to build, store, and manage Docker images for all types of container deployments. It is available as a self-hosted (Freemium) or SaaS solution powered by Artifactory and with an Easy to Use UI with an Advanced Image Layer View and images search capabilities.
JFrog Container Registry allows you to set up a secure private Dedicated Docker Registry in minutes to manage all your Docker images. It places no limitations and lets you set up any number of Docker registries and provides the following features.
Hybrid and multi-cloud environments
Local, remote and virtual repositories
Multiple container registries: Useful for separating teams/projects and for promoting images from one environment to the next (Development, Staging, and Production).
Advanced Container Registry functionality:
1) Artifact and build management
2) Security: Fine-grained permission control and LDAP support
3) Metadata manipulation
4) Dedicated developer tools: REST API, AQL (Artifactory Query Language) and JFrog CLI
5) Cloud dedicated features: SaaS-based Maintenance-free
6) On-Prem advanced S3 Object Storage on Amazon, Google, and Microsoft Azure

It only takes a few minutes to set up your own Docker registry in Artifactory to manage all your Docker images. You can exercise fine-grain access control on the Docker registries you create, to manage secure private repositories.
To create a Docker registry, just create a new repository in Artifactory and specify it as a Docker package type, along with a repository key by which it will be addressed. When the Docker repository is created, it can be accessed using the native Docker APIs or the Docker client to push, tag, and pull images.

All repositories in Artifactory can be as open or as restricted as you need them to be. You establish what user groups can and cannot access certain repositories by setting permission targets that specify what actions can be performed by those users.
To create a public Docker repository, an instance of Artifactory that can be addressed widely on the network can host a Docker repository with unrestricted permissions. But if you need to, you can limit usage, such as allowing only certain groups to push and tag Docker images while permitting anyone to pull any of the images for inclusion or deployment.

A remote Docker repository in Artifactory serves as a caching proxy for a registry managed at a remote URL such as on Docker Hub. A remote repository can even proxy a Docker repository managed at a remote site by another instance of Artifactory.
A remote Docker repository in Artifactory helps assure consistent and reliable access to an external registry through a fast, local cache, offering a safeguard against resource or connectivity outages.
Because a remote repository is a proxy of another registry, you cannot push Docker images directly to it. Instead, you must push your Docker image to the Docker registry at the remote URL. You can then pull that Docker image, and any others hosted by that registry, through the remote Docker repository in Artifactory.

A private Docker registry catalogues a collection of Docker repositories, while limiting access. Each repository holds container images that can be distributed to a Docker engine. Docker registries can be accessed through the Docker client, or through the Docker Registry HTTP API, to push images to, or distribute images from the repositories in its collection.

A private Docker registry in Artifactory securely shares collections of Docker repositories within your organization, limiting use to those with permissions. When installed on-premises in your data center, Artifactory can maintain your Docker trusted registry on your own server, behind your organization’s firewall along with all of the sensitive data you need to protect for security or regulatory compliance.
Define multiple Docker registries in Artifactory, as many as you wish, to manage each project in its own registry. Each registry may have its own authentication credentials, so you can control fine-grained access to your Docker images and enforce isolation of applications between groups in your organization.

Artifactory supports the relevant calls of the Docker Registry HTTP API, so you can manage all your Docker images in Artifactory transparently with the Docker client. Just invoke Docker from the command line as you would any other Docker registry service to add images to a repository or pull images for distribution to a Docker engine.
In any private Docker registry in Artifactory, you can mix whatever types of Docker repository held by Artifactory that you choose. So you can include Docker repositories of the containers you built yourself, as well as Docker repositories in Artifactory that proxy from remote Docker resources such as Docker Hub.

Docker containers provide a way to encapsulate an application or microservice for portability and control. By isolating an application and its dependencies from the underlying operating system and other apps, they can run efficiently with fewer sources than VMs.
With Artifactory, you can host an unlimited number of local Docker repositories while controlling access across users and teams. With native support for the full set of Docker APIs you can deploy your containers directly from Artifactory to runtime environments using the Docker client or through an orchestration tool like Kubernetes. And you can use multiple Docker repositories to promote immutable containers through your software development and testing pipeline, all the way into production.
You can also proxy external Docker repositories in remote repositories in Artifactory for consistent, reliable access to sources like Docker Hub through caching of downloaded images. And you can combine these with local repositories into a virtual repository to access everything you need through a single URL.