Embracing container orchestration has many implications for an enterprises’ technology stack. An image registry becomes a critical component of the deployment pipeline. Red Hat Quay is a mature enterprise-centric container image registry which has a rich history of meeting the needs of cloud native technologists.
When Red Hat acquired CoreOS earlier this year, we were looking to amplify our leadership in enterprise container-based solutions. CoreOS at the time had two primary products, Tectonic and Quay. Quay was added directly into Red Hat’s portfolio of products and renamed Red Hat Quay.
In 2013 Quay was the first enterprise hosted registry. Offering innovative capabilities such as image rollback and zero-downtime garbage collection, it gained traction for its excellent developer experience and highly responsive support. Quay was acquired in 2014 by CoreOS to bolster its mission to secure the internet through automated operations. Shortly after the CoreOS acquisition, the on-premise offering of Quay was released.
Quay Enterprise was the first on-premise registry, delivering highly available geographically replicated deployments. Baked into Quay Enterprise were integrations with multiple authentication and authorization systems, permitting fine grained access control of repositories. Additional critical security features, such as team and organization mapping, CLI password encryption, and meticulous event logging set Quay apart from other registries. Clair, a leading open source container image vulnerability scanner was developed and optimized for Quay Enterprise. This feature-set led Quay Enterprise to be adopted by organizations like Qualcomm, NASA, and Autodesk.
In January 2018, CoreOS was acquired by Red Hat, and Quay joined the Red Hat portfolio of products. With the acquisition came a wealth of additional resources for the development and support of Quay. Quay Enterprise has become Red Hat Quay, and is available in tandem with Red Hat OpenShift. In upcoming releases, the two will have increasingly tighter integrations, so it is an ideal choice for prospective and current OpenShift customers. OpenShift is currently packaged with a basic image registry. By adding Red Hat Quay to their deployments, OpenShift customers can take advantage of advanced capabilities such as geographic replication, image rollback, and event logging.
Comparison of Red Hat Registries
|Default OpenShift Registry||Red Hat Quay||Quay.io (hosted)|
|Hosted||X, OpenShift Online & Dedicated||X|
|Basic Registry Features (Push/Pull/Sync/Prune)||X||X||X|
|Role-Based Access Control||X||X||X|
|Vulnerability Scanning||X, only for images with Red Hat Enterprise Linux||X||X|
|High availability||X, OpenShift Dedicated||X||X|
|Automatic layer squashing||X||X|
|Geographic Replication||X||Data replication via global cdn|
providers supported (LDAP,
OAuth/OIDC, Keystone, etc.)
Organizations like Cisco have seen the benefits of using Quay and OpenShift together. Check out their talk at the 2018 OpenShift Commons Gathering about their experience using Red Hat Quay and OpenShift.
Red Hat Quay can be used separately or in conjunction with OpenShift. It is compatible with any container environments or orchestration platforms. Quay.io will continue to be available as a hosted offering, meeting the needs of smaller teams and those who do not need a registry behind their own firewall.
For more information, download the Quay datasheet.