Container Registry

Thalassa Container Registry provides a secure, high-availability registry for container images built for integration with Kubernetes and CI/CD pipelines. The registry is OCI-compliant and compatible with popular container tooling.

Core Concepts

Concept	Description
Namespaces	Organise container images by team, application, or environment. Each namespace provides isolated storage and access control.
Repositories	Store related container images within a namespace. Each repository can contain multiple tags and versions.
Images	OCI-compatible container images that can be pushed, pulled, and managed through standard Docker and Podman clients.
Tags	Version identifiers for images within a repository. Tags enable versioning and deployment management.

Key Features

Thalassa Container Registry is fully compliant with Open Container Initiative (OCI) standards. It supports a wide range of tools, including Docker, Podman, and BuildKit. Fine-grained access control for your images (push/pull) is available through IAM roles and service accounts, so you can easily manage permissions for teams and individual images.
Image retention is configurable, allowing you to set rules based on tags, timestamps, and other criteria.
For integration with CI/CD pipelines, the registry supports workload identity federation. You can use OIDC-based authentication with popular platforms such as GitLab CI and GitHub Actions.

Documentation

Getting Started

Create your first namespace and push images

Retention Policies

Configure image lifecycle and retention rules

Quick Start

Create a Namespace: Set up a namespace in the Thalassa Cloud console
Authenticate: Log in using Docker or Podman
Push Images: Tag and push your first container image
Deploy: Use images in Kubernetes or other container platforms

Get started →

Service Integrations

Thalassa Container Registry integrates with other platform services:

Kubernetes: Pull images directly into Kubernetes clusters
CI/CD Platforms: Push images from GitHub Actions, GitLab CI, and other pipelines
IAM: Centralized access control through Thalassa Cloud IAM

References

Identity and Access Management — Configure access control
Service Accounts — Create service accounts for automation
Workload Identity Federation — OIDC-based authentication for CI/CD
Kubernetes Documentation — Deploy images to Kubernetes clusters