Container Registry

Thalassa Cloud Container Registry

Thalassa Cloud provides a private OCI-compatible container registry for storing and distributing container images. You organise images into namespaces (per cloud region), and repositories are created automatically when you push an image.

The registry supports standard Docker and containerd workflows — docker push, docker pull, crane, and Kubernetes imagePullSecrets.

Availability

The container registry is available when the containerRegistry feature gate is enabled on your organisation. Contact your account team if it is not yet enabled for you.

Namespaces and repositories are managed through the console or the API at /v1/container-registries.

Storage is metered. Registry usage is billed based on the total stored size across your namespaces (gigabyte-hours). Namespace and repository management through the API is not separately metered.

What you can do with Container Registry

Capability	Description
Store images by namespace	Regional namespaces isolate images per team, application, or environment
Push and pull with standard tooling	Docker, containerd, crane, and Kubernetes `imagePullSecrets`
Auto-create repositories	Repositories appear on first push — no manual provisioning
Control visibility	Per-namespace public or private pull access
Retention policies	Automatic cleanup of old tags and artifacts to control storage
Organisation or project scope	Shared platform images or team-specific namespaces

Core concepts

Concept	Description
Registry endpoint	Regional hostname (for example `registry.nl-01.thalassa.cloud`) — one backend per cloud region
Namespace	Your isolated image namespace in a region (for example `acme-platform`)
Repository	An image name inside a namespace (for example `api-server`); created on first push
Tag	A mutable label pointing at an image manifest (for example `v1.2.0`, `latest`)
Artifact	An immutable manifest identified by digest (`sha256:…`); a tag references one artifact
Configuration	Per-namespace settings: visibility (public or private) and optional retention policy

See Concepts for image address format, scoping, and architecture.

Documentation

Guides

Step-by-step tutorials for common workflows

Getting started

Create a namespace, authenticate, and push your first image

Namespace configuration

Visibility settings and retention policies

Kubernetes

Pull images with imagePullSecrets

CI/CD

Access credentials and scopes for build and deploy pipelines

Reference

Concepts

Namespaces, repositories, tags, artifacts, and architecture

Repositories

List, inspect, and delete repositories and artifacts

Access control

IAM resources, built-in policies, and push/pull permissions

Billing

Storage metering and data transfer

Limits and behaviour

Naming rules, regions, and API paths

Registry workflow overview

Create namespace → Authenticate → Tag and push image
        │
        ├─ Repository created automatically on first push
        │
        ├─ Optional: Configure visibility or retention policy
        │
        └─ Pull from Kubernetes, CI/CD, or local Docker client

See Getting started for the full workflow.