Transitioning from Container Registry

Artifact Registry is the evolution of Container Registry. As a fully-managed service with support for both container images and non-container artifacts, Artifact Registry will eventually replace Container Registry.

If you currently use Container Registry, use the information on this page to prepare for the transition to Artifact Registry.

To start setting up Artifact Registry, see the setup guide.

Overview

The transition from Container Registry to Artifact Registry includes multiple stages.

Beta

Get familiar with Artifact Registry and start transitioning your automation. Create new Docker repositories for your containers and start integrating your automation with them.

Some product features will be added over the beta period to provide equivalency with Container Registry functionality. See the feature availability section for more information.

General availability

Artifact Registry will provide the same container management features as Container Registry.

If you need to perform a more gradual transition to Artifact Registry, you will have an option to create Docker repositories that are backwards-compatible with some Container Registry features, but are also limited in their support for Artifact Registry features.

Both services will co-exist for a minimum of 6 months after Artifact Registry becomes generally available. This period provides time for you to transition your containers and your automation to Artifact Registry. Eventually Artifact Registry will replace Container Registry.

Backwards compatibility and co-existence

You can use both Artifact Registry and Container Registry in the same project. When you view a list of repositories with gcloud or Cloud Console, Artifact Registry also lists Container Registry repositories in the same project.

At general availability, Artifact Registry will provide an option to create backwards-compatible repositories. A backwards-compatible repository is a Artifact Registry Docker repository that provides support for some Container Registry features, including:

  • Using gcloud container images
  • Referencing the repository with a *.pkg.dev or *.gcr.io hostname.

Using a backwards-compatible repository reduces impact to your existing automation and can help you transition to Artifact Registry more gradually. However, backwards-compatible repositories will not support some Artifact Registry features. For example, backwards-compatible repositories must be located in a multi-region rather than a region.

In addition, some settings applied to Container Registry have changed in Artifact Registry. You will still need to perform some reconfiguration for backwards-compatible repositories. For example, Artifact Registry has its own Cloud Identity and Access Management roles for access control instead of relying on Cloud Storage roles.

New and changed features

This section summarizes improvements and changes to container management in Artifact Registry.

Supported formats

Artifact Registry supports multiple artifact formats, including container images, Java packages and Node.js modules.

If you have a question about support for another artifact format, use one of the support options to ask about it.

Regional repositories

You can create repositories in the same multi-regions as Container Registry (Asia, Europe, United States), or create them in a specific region. As an example, the closest multi-region for Australia is Asia. With regional support, you can create a repository in the Sydney data center.

Multiple repositories

You can create multiple repositories in the same location within a single project. See Organizing your repositories for more information.

Product-specific access controls

In Container Registry, you control access using Cloud IAM roles for Cloud Storage. Artifact Registry has its own roles for access control.

In addition, you can set permissions on each Artifact Registry repository so that you have more control over access to different repositories that are used in different contexts.

Service accounts for common Google Cloud integrations are configured to work with Artifact Registry repositories in the same project by default.

Authentication

Artifact Registry supports the same authentication methods as Container Registry.

If you use the Docker credential helper, version 2.0.0 or newer is required. Docker client versions prior to v18.03 are no longer supported.

Repository hostname

To push to and pull from Artifact Registry Docker repositories, you must use a *-docker.pkg.dev hostname. For details on the name format, see Repository and artifact names.

When Artifact Registry becomes generally available, Artifact Registry will provide an option to create backwards-compatible repositories that you can reference with both *-docker.pkg.dev and *.gcr.io hostnames.

Using Google Cloud Console

You can view a list of your Artifact Registry and Container Registry repositories in the Artifact Registry section of Cloud Console.

If you click a Container Registry repository, you are directed to the list of images in the Container Registry section of the Cloud Console.

Using gcloud and API commands

When Artifact Registry becomes generally available, Artifact Registry will provide an option to create backwards-compatible repositories that support gcloud container images commands. For a comparison of Container Registry and Artifact Registry gcloud commands, see the gcloud command comparison.

Artifact Registry also includes an API for managing repositories and artifacts in all formats.

Repository creation

Container Registry automatically creates a repository in a multi-region if you have not pushed an image there before. In Artifact Registry, you must create the target repository before pushing images to it.

Feature availability

Java and Node.js package management is in alpha and is only available to users who are in the alpha group. To apply for the alpha, complete the signup form.

The following Container Registry features are not currently available in the Artifact Registry beta release. This page will be updated for changes in feature availability.

Refer to this page and the release notes for any feature updates during the beta period.

  • Customer Managed Encryption Keys
  • Container Analysis and vulnerability scanning
  • Integration with Binary Authorization
  • Google-provided containers are still hosted on gcr.io. Examples of hosted containers include:

Pricing

For Container Registry, you are billed for Cloud Storage usage, including storage and network egress. Artifact Registry has its own pricing and you are charged for storage and network egress. For details see Pricing.