Quotas and limits

This page describes quotas and limits for Container Registry.

For more information about quotas, see Working with quotas.

Request limits

Any request sent to a Container Registry host in the gcr.io domain has a 2 hour timeout limit.

There is a fixed quota limit on requests to Container Registry hosts. This limit is per client IP address.

  • 50,000 HTTP requests every 10 minutes
  • 1,000,000 HTTP requests per day

To avoid exceeding these limits, you can:

  • Increase the number of IP addresses that connect to Container Registry.
  • Add retries that introduce a delay. For example, you can use exponential backoff.

If you require more flexibility, consider using Artifact Registry to manage your containers instead of Container Registry. Requests limits are at the project level, and by default there is no per-user request limit. You can also request a quota increase for Artifact Registry. For more information, see the Quotas and limits documentation for Artifact Registry.

Cloud Storage quotas and limits

Container Registry uses Cloud Storage for each registry's underlying storage. Cloud Storage Quotas & Limits apply to each registry.

Cloud KMS quotas and Container Registry

When you use CMEK in Container Registry, your projects can consume Cloud KMS cryptographic requests quotas. For example, CMEK-encrypted storage buckets can consume these quotas for each upload or download. Encryption and decryption operations using CMEK keys affect Cloud KMS quotas only if you use hardware (Cloud HSM) or external (Cloud EKM) keys. Confirm that you have enough quota to enable application-layer secrets encryption for your applications and workflows. For more information, see Cloud KMS quotas.

Artifact Analysis quotas

See Artifact Analysis quotas and limits for information on scanning usage policies.