Overview
Cloudfleet Container Registry (CFCR) is a Cloudfleet-managed registry that enables you to store, share, and manage container images. CFCR leverages Cloudfleet’s highly available infrastructure, so you do not have to worry about scaling or operational overhead. The registry is included with your Cloudfleet organization and requires no additional provisioning.
Preview: CFCR is currently in preview. There are no charges during the preview period. See pricing for the pricing that is going to be applied after general availability.
CFCR is an Open Container Initiative-compliant registry. As a result, you can store container images that conform to Open Container Initiative specifications in CFCR, including Docker images using the Docker Image Manifest V2 Schema 2 format. You can also store manifest lists (sometimes known as multi-architecture images) to support multiple architectures such as ARM64 and AMD64. Helm charts can be stored as OCI artifacts, allowing you to manage both container images and Helm charts in a single registry.
You can push and pull images using the standard Docker CLI and Docker Registry HTTP API V2. The Cloudfleet CLI integrates with Docker as a credential helper, providing seamless authentication without manual token management. For CI/CD pipelines, API tokens provide programmatic access using the same credentials that work with other Cloudfleet services.
CFKE clusters authenticate to CFCR automatically. When you deploy workloads to CFKE, you do not need to create image pull secrets, configure service accounts, or manage credentials. Your deployments reference images by their CFCR URL and pull successfully.
Organization isolation
Each Cloudfleet organization has a completely isolated registry namespace. Authentication scopes credentials to your organization, authorization validates that requested images belong to your namespace, and storage keeps your data separate from other organizations. Users and tokens from one organization cannot access images in another organization’s registry.
Access control
CFCR uses the same role-based access control as other Cloudfleet services. Administrators can push and pull images. Users have pull-only access. When you invite a team member or create an API token, the role you assign determines their registry permissions. CFKE clusters have implicit pull access.
For details on managing users and roles, see User management. For information on creating API tokens, see API tokens.
Registry URL
Your container registry is accessible at a URL that includes your organization ID and region:
{organization-id}.{region}.registry.cloudfleet.dev
The organization ID is the UUID that identifies your Cloudfleet organization. You can find it in the Cloudfleet console or by running cloudfleet organizations list. Available regions are europe, northamerica, and apac. The europe region is served entirely on EU-based infrastructure. Choose a region based on where your workloads run for lower latency, or based on data residency requirements.
Images follow standard Docker naming conventions:
12345678-6651-4e5d-9c04-079f6532989b.europe.registry.cloudfleet.dev/myapp:v1.2.3
12345678-6651-4e5d-9c04-079f6532989b.europe.registry.cloudfleet.dev/backend/api:latest
Next steps
To understand key terminology such as repositories, images, tags, and digests, see Concepts.
To begin using CFCR, see the getting started guide. For authentication options, see Authentication. For CI/CD configuration examples, see CI/CD integration.
Concepts →