DevOps Dictionary

Container Registry is a service that stores, versions, and distributes container images, the packaged application filesystem plus metadata that runtimes like Docker and orchestrators like Kubernetes pull to run workloads. It solves the problem of reliably moving the exact same build artifact from CI to every environment while controlling who can publish and deploy it. At a high level, build pipelines push images to the registry using human-friendly tags and immutable digests (content-based identifiers), and deployment systems pull those images on demand; registries commonly provide authentication and authorization, retention and cleanup policies, and automated scanning to detect known vulnerabilities.

With a Container Registry, releases are repeatable and auditable because every node fetches the same image; without it, teams often rebuild or share images ad hoc, increasing drift between environments, broken rollouts, and supply chain risk. This gap exists because images are large binary artifacts that need consistent addressing, caching, and access control across many machines and clusters.