Introducing Red Hat Quay

Embracing container orchestration has many implications for an enterprises’ technology stack. An image registry becomes a critical component of the deployment pipeline. Red Hat Quay is a mature enterprise-centric container image registry which has a rich history of meeting the needs of cloud native technologists.

When Red Hat acquired CoreOS earlier this year, we were looking to amplify our leadership in enterprise container-based solutions. CoreOS at the time had two primary products, Tectonic and Quay. Quay was added directly into Red Hat’s portfolio of products and renamed Red Hat Quay.

The creators of Quay: Jake Moshenko is on the left and Joey Schorr is on the right.

In 2013 Quay was the first enterprise hosted registry. Offering innovative capabilities such as image rollback and zero-downtime garbage collection, it gained traction for its excellent developer experience and highly responsive support. Quay was acquired in 2014 by CoreOS to bolster its mission to secure the internet through automated operations. Shortly after the CoreOS acquisition, the on-premise offering of Quay was released.

Quay Enterprise was the first on-premise registry, delivering highly available geographically replicated deployments. Baked into Quay Enterprise were integrations with multiple authentication and authorization systems, permitting fine grained access control of repositories. Additional critical security features, such as team and organization mapping, CLI password encryption, and meticulous event logging set Quay apart from other registries. Clair, a leading open source container image vulnerability scanner was developed and optimized for Quay Enterprise. This feature-set led Quay Enterprise to be adopted by organizations like Qualcomm, NASA, and Autodesk.

Complete control over who can access your containers, track changes, and automatically scan for vulnerabilities.

In January 2018, CoreOS was acquired by Red Hat, and Quay joined the Red Hat portfolio of products. With the acquisition came a wealth of additional resources for the development and support of Quay. Quay Enterprise has become Red Hat Quay, and is available in tandem with Red Hat OpenShift. In upcoming releases, the two will have increasingly tighter integrations, so it is an ideal choice for prospective and current OpenShift customers. OpenShift is currently packaged with a basic image registry. By adding Red Hat Quay to their deployments, OpenShift customers can take advantage of advanced capabilities such as geographic replication, image rollback, and event logging.

Build and deploy containers automatically in response to git pushes: GitHub, BitBucket, Gitlab, and others. Secured with a robot account, and an easy-to-audit history.

 

Comparison of Red Hat Registries
September 2018

Default OpenShift Registry Red Hat Quay Quay.io (hosted)
Hosted X, OpenShift Online & Dedicated X
Basic Registry Features (Push/Pull/Sync/Prune) X X X
Role-Based Access Control X X X
Vulnerability Scanning X, only for images with Red Hat Enterprise Linux X X
Build triggers X X X
High availability X, OpenShift Dedicated X X
Image rollback X X
Activity logging X X
Robot accounts X X
Automatic layer squashing X X
Geographic Replication X Data replication via global cdn
Torrent Distribution X X
Multiple authentication
providers supported (LDAP,
OAuth/OIDC, Keystone, etc.)
X
Prometheus support X

 

Organizations like Cisco have seen the benefits of using Quay and OpenShift together. Check out their talk at the 2018 OpenShift Commons Gathering about their experience using Red Hat Quay and OpenShift.

Red Hat Quay can be used separately or in conjunction with OpenShift. It is compatible with any container environments or orchestration platforms. Quay.io will continue to be available as a hosted offering, meeting the needs of smaller teams and those who do not need a registry behind their own firewall.

For more information, download the Quay datasheet.

Categories
News, Red Hat Quay Registry
Tags
,