> Integration > Docker Registry

JFrog +

JFrog offers an end-to-end solution covering the full lifecycle of your Docker registry allowing you to manage development, vulnerability analysis, artifact flow control and distribution.

The JFrog Platform provides you with unlimited, high-performant access to Docker Hub and to Docker Official Images to simplify cloud-native application development, without Docker Hub image-pull limits. * Available to SaaS cloud JFrog Platform subscribers, including free subscription offered on AWS, GCP & Azure.

start for free

WHAT AN ARTIFACTORY DOCKER REGISTRY MEANS TO YOU

Multiple secure, highly available Docker registries

Take Docker to Production with Confidence

Full Automation with REST API and JFrog CLI

JFROG
ARTIFACTORY

Enterprise Ready

Optimize Builds

Universal Solution

Multiple secure, highly available Docker registries

Artifactory lets you create any number of Docker registries per instance. Use a local repository as a private Docker registry to share Docker images across your organization with fine-grained access control. Proxy and cache remote Docker registries with remote repositories, and aggregate local and remote Docker registries under a single virtual Docker registry to access all your images from a single URL.

Take Docker to Production with Confidence

Set up a fully automated Docker promotion pipeline. Only promote a Docker image to the next level if it passes the required quality gates at each stage so you can be sure that any image that ends up in production systems or is downloaded by end users has been tried, tested and fully approved through an automated process with Artifactory’s REST API.

Full Automation with REST API and JFrog CLI

Artifactory exposes an extensive REST API that provides access to its features anywhere in the development cycle effectively letting you automate any action you could do through the UI. JFrog CLI is a compact and smart client that greatly simplifies and optimizes automation scripts making them more efficient, more readable and easier to maintain across all JFrog products. Between them, the REST API and JFrog CLI facilitate fully automated and optimized software delivery.

Enterprise Ready

Artifactory brings enterprise artifact management to Docker. A secure Docker registry or multiple registries in a clustered Artifactory High Availability installation provide unmatched stability and reliability accommodating any number of users, build servers and interactions. Through cloud-based providers, Artifactory offers massively scalable storage that can accommodate terabyte-laden repositories. Advanced replication options support any network topology over multiple, geographically distant sites facilitating disaster recovery with instant failover to a DR site anywhere in the world.

Optimize Builds

Using Artifactory as your Docker Repository instead of Private Repositories on Docker Hub removes any issues related to networking or internet connectivity. When all of your Docker images are accessed through local repositories in Artifactory, connectivity is never a problem, not for developers nor CI servers.

Universal Solution

No company lives by Docker alone. The Docker images you develop will become the runtime containers for the software that implements your business logic. As a universal repository manager, Artifactory supports all major package formats and provides the same fully-featured artifact management with exhaustive metadata for any development technology. Artifactory is also tightly integrated with all major build tools and CI servers and comfortably sits at the heart of any development ecosystem.

THE JFROG DIFFERENCE

							Artifactory
Fully Hybrid	Limited	Limited	Limited	Limited
Helm Repository
Generic Repository
Remote Repositories				Limited	Limited	Limited
Virtual Repositories
Rich Metadata		Limited		Limited	Limited

FAQ

How does JFrog Container Registry work with Docker?

JFrog Container Registry is a repository manager, allowing you to build, store, and manage Docker images for all types of container deployments. It is available as a self-hosted (Freemium) or SaaS solution powered by Artifactory and with an Easy to Use UI with an Advanced Image Layer View and images search capabilities.
JFrog Container Registry allows you to set up a secure private Dedicated Docker Registry in minutes to manage all your Docker images. It places no limitations and lets you set up any number of Docker registries and provides the following features.
Hybrid and multi-cloud environments
Local, remote and virtual repositories
Multiple container registries: Useful for separating teams/projects and for promoting images from one environment to the next (Development, Staging, and Production).
Advanced Container Registry functionality:
1) Artifact and build management
2) Security: Fine-grained permission control and LDAP support
3) Metadata manipulation
4) Dedicated developer tools: REST API, AQL (Artifactory Query Language) and JFrog CLI
5) Cloud dedicated features: SaaS-based Maintenance-free
6) On-Prem advanced S3 Object Storage on Amazon, Google, and Microsoft Azure

How to set up a Docker registry?

It only takes a few minutes to set up your own Docker registry in Artifactory to manage all your Docker images. You can exercise fine-grain access control on the Docker registries you create, to manage secure private repositories.
To create a Docker registry, just create a new repository in Artifactory and specify it as a Docker package type, along with a repository key by which it will be addressed. When the Docker repository is created, it can be accessed using the native Docker APIs or the Docker client to push, tag, and pull images.

How to create a Docker public repository?

All repositories in Artifactory can be as open or as restricted as you need them to be. You establish what user groups can and cannot access certain repositories by setting permission targets that specify what actions can be performed by those users.
To create a public Docker repository, an instance of Artifactory that can be addressed widely on the network can host a Docker repository with unrestricted permissions. But if you need to, you can limit usage, such as allowing only certain groups to push and tag Docker images while permitting anyone to pull any of the images for inclusion or deployment.

How to push a Docker image to a remote repository?

A remote Docker repository in Artifactory serves as a caching proxy for a registry managed at a remote URL such as on Docker Hub. A remote repository can even proxy a Docker repository managed at a remote site by another instance of Artifactory.
A remote Docker repository in Artifactory helps assure consistent and reliable access to an external registry through a fast, local cache, offering a safeguard against resource or connectivity outages.
Because a remote repository is a proxy of another registry, you cannot push Docker images directly to it. Instead, you must push your Docker image to the Docker registry at the remote URL. You can then pull that Docker image, and any others hosted by that registry, through the remote Docker repository in Artifactory.

What is a Private Docker Registry?

A private Docker registry catalogues a collection of Docker repositories, while limiting access. Each repository holds container images that can be distributed to a Docker engine. Docker registries can be accessed through the Docker client, or through the Docker Registry HTTP API, to push images to, or distribute images from the repositories in its collection.

How does Artifactory provide security and permission access to your Docker registry?

A private Docker registry in Artifactory securely shares collections of Docker repositories within your organization, limiting use to those with permissions. When installed on-premises in your data center, Artifactory can maintain your Docker trusted registry on your own server, behind your organization’s firewall along with all of the sensitive data you need to protect for security or regulatory compliance.
Define multiple Docker registries in Artifactory, as many as you wish, to manage each project in its own registry. Each registry may have its own authentication credentials, so you can control fine-grained access to your Docker images and enforce isolation of applications between groups in your organization.

Is Artifactory fully compatible with Docker?

Artifactory supports the relevant calls of the Docker Registry HTTP API, so you can manage all your Docker images in Artifactory transparently with the Docker client. Just invoke Docker from the command line as you would any other Docker registry service to add images to a repository or pull images for distribution to a Docker engine.
In any private Docker registry in Artifactory, you can mix whatever types of Docker repository held by Artifactory that you choose. So you can include Docker repositories of the containers you built yourself, as well as Docker repositories in Artifactory that proxy from remote Docker resources such as Docker Hub.

How to implement Docker at a company?

Docker containers provide a way to encapsulate an application or microservice for portability and control. By isolating an application and its dependencies from the underlying operating system and other apps, they can run efficiently with fewer sources than VMs.
With Artifactory, you can host an unlimited number of local Docker repositories while controlling access across users and teams. With native support for the full set of Docker APIs you can deploy your containers directly from Artifactory to runtime environments using the Docker client or through an orchestration tool like Kubernetes. And you can use multiple Docker repositories to promote immutable containers through your software development and testing pipeline, all the way into production.
You can also proxy external Docker repositories in remote repositories in Artifactory for consistent, reliable access to sources like Docker Hub through caching of downloaded images. And you can combine these with local repositories into a virtual repository to access everything you need through a single URL.