openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-07 09:46:53 +01:00
Code Issues Releases Activity
Files
b861fb8d1fe02da170cbb977e5f74d9d1d76384c
openshift-docs/modules/security-registries-quay.adoc
Steven Smith 0422516547 Updates Quay links to most recent version of Quay
2023-12-01 14:42:42 -05:00

47 lines
2.8 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * security/container_security/security-registries.adoc
[id="security-registries-quay_{context}"]
= Storing containers using Red Hat Quay
link:https://access.redhat.com/products/red-hat-quay[Red Hat Quay] is an
enterprise-quality container registry product from Red Hat.
Development for Red Hat Quay is done through the upstream
link:https://docs.projectquay.io/welcome.html[Project Quay].
Red Hat Quay is available to deploy on-premise or through the hosted
version of Red Hat Quay at link:https://quay.io[Quay.io].
Security-related features of Red Hat Quay include:
* *Time machine*: Allows images with older tags to expire after a set
period of time or based on a user-selected expiration time.
* *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#repo-mirroring-in-red-hat-quay[Repository mirroring]*: Lets you mirror
other registries for security reasons, such hosting a public repository
on Red Hat Quay behind a company firewall, or for performance reasons, to
keep registries closer to where they are used.
* *Action log storage*: Save Red Hat Quay logging output to link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/manage_red_hat_quay/index#proc_manage-log-storage[Elasticsearch storage or Splunk] to allow for later search and analysis.
* *link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html/vulnerability_reporting_with_clair_on_red_hat_quay/index[Clair]*: Scan images against a variety of Linux
vulnerability databases, based on the origins of each container image.
* *Internal authentication*: Use the default local database to handle RBAC
authentication to Red Hat Quay or choose from LDAP, Keystone (OpenStack),
JWT Custom Authentication, or External Application Token authentication.
* *External authorization (OAuth)*: Allow authorization to Red Hat Quay
from GitHub, GitHub Enterprise, or Google Authentication.
* *Access settings*: Generate tokens to allow access to Red Hat Quay
from docker, rkt, anonymous access, user-created accounts, encrypted
client passwords, or prefix username autocompletion.
Ongoing integration of Red Hat Quay with {product-title} continues,
with several {product-title} Operators of particular interest.
The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#quay-bridge-operator[Quay Bridge Operator]
lets you replace the internal {product-registry} with Red Hat Quay.
The link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/red_hat_quay_operator_features/index#container-security-operator-setup[{rhq-cso}]
lets you check vulnerabilities of images running in {product-title} that were
pulled from Red Hat Quay registries.
View Git Blame Copy Permalink