Security and cloud infrastructure availability concerns have been in the news of late with the recent Log4j vulnerabilities and outages at some of the world’s largest public cloud providers. The security and integrity of your container-based images has never been more important.
Many have taken to Kubernetes to assist in the deployment and management of their container-based workloads, and are leveraging some form of a container registry to work in tandem to ease development and day-to-day operations. However, what happens when relying on a public cloud container registry if access to the cloud goes down? How are you able to be certain that the public registry has been updated in a timely manner with all current known vulnerabilities that may affect the images you are pulling from the registry? As Edward Ionel, Head of Developer Relations for Mirantis, highlights in his recent blog, there are many attributes to consider when making a decision on which public or private container registry to use in your infrastructure.
Mirantis Secure Registry (formerly Docker Trusted Registry) can easily be integrated into your environment to provide the core of an effective secure software supply chain. Until now, this enterprise-class capability has been limited to use with Mirantis’ Kubernetes solutions.
Now with the introduction of Mirantis Secure Registry 3.0, users of any Kubernetes distribution can benefit from its advanced security features. Mirantis Secure Registry no longer requires deployment on dedicated nodes — rather, it now runs alongside your apps in any standard distribution of Kubernetes 1.20 or above, simply through the use of standard Helm techniques. As a result, the Mirantis Secure Registry user has greater flexibility as many resources are administered by the orchestrator, rather than the registry itself.
Mirantis Secure Registry 3.0 continues to deliver on all the great enterprise-case features that make up the core of your Secure Software Supply Chain — features including:
- Access Control
- Image Scanning
- Image Signing
- Caching & Mirroring
- Image Lifecycle Management
- Policy-based Image Promotion
And now, these benefits are also available to users leveraging any Kubernetes distribution — providing you with more choice and more flexibility.
Existing users of earlier versions of Mirantis Secure Registry will need to reinstall the application to take advantage of the new version. To learn more about how to deploy Mirantis Secure Registry on any K8s distribution, refer to this blog by Avinash Desireddy, Senior Solutions Architect at Mirantis.
For more information on the latest changes for Mirantis Secure Registry 3.0, please refer to the product release notes, and we welcome you to give Mirantis Secure Registry a try at www.mirantis.com/trymsr.