
Ask HN: What third-party Docker registry do you use? Why? - hiphipjorge
I&#x27;ve been exploring some of the different Docker registries and can&#x27;t really settle on what&#x27;s better and why. They all seem pretty similar.<p>Do you have any good&#x2F;bad experiences why any particular registry? Any features you&#x27;ve seen in one of these that turned out to be particularly useful? Which payment model seems better: repository or storage? Anything else I should consider when picking one?<p>Seems to me like the options are: Docker Hub, Quay, ECR, and Google Container Registry. Any other important ones out there?
======
ThatMightBePaul
Sup Jorge! You named the big ones. There are a bunch of others, as well. IMO,
try to get your comparison down to just two. That's a reasonable set to dive
deep on.

For a lighter overview, I think the big features are: team workflow, security,
and CI/CD pipeline.

Team workflow is just how easy it is to get going / share with your team. IMO,
ECR or GCR will have a natural edge here if you're already on their cloud.
Tagging is important too, but I think everyone supports that.

Security is both the details of transport (SSL, etc), and whether your
containers are getting scanned. Quay.io and Docker Hub both do security
scanning for private repos. Quay has a slight edge in that public repos also
get scanned thanks to Clair. I believe GCR and ECR lag behind here.

CI/CD pipeline is important because your registry becomes a big chunk of your
build. This is what's going to really take time to investigate and dig into.
You want to make sure it's easy to add hooks to git or w/e, and troubleshoot
build issues (good logging, auditing, etc).

Full disclosure I work at CoreOS and with the Quay folks. That said, I also
think they're constantly probing into cool frontiers. I think Clair changed
registry security. The team's also started doing cool stuff for k8s users [1].

Lastly, I'm not totally sure on this last bit, but I think Docker Hub has a
slight usability edge if you're on Docker EE (swarm).

Summarizing: I think big cloud vendors will naturally always lag a little
behind. They'll make up for it with convenience if you're already on their
cloud. Registries whose main purpose is to be a registry (like Quay) will
naturally innovate a little faster.

[1] [https://coreos.com/blog/quay-application-registry-for-
kubern...](https://coreos.com/blog/quay-application-registry-for-
kubernetes.html)

~~~
hiphipjorge
Awesome answers. Honestly, Quay seems like the way to go right now.

