Google 云:Artifact Registry 与 Container Registry

Google Cloud: Artifact Registry vs Container Registry

这两款产品有什么区别?

工件注册表 - https://cloud.google.com/artifact-registry/
容器注册表 - https://cloud.google.com/container-registry/

Artifact Registry 包括 Container Registry 的所有功能(存储容器映像)以及特定语言工件存储库的新功能。

来自https://cloud.google.com/artifact-registry/docs/transition/transition-from-gcr

Artifact Registry is the evolution of Container Registry. As a fully-managed service with support for both container images and non-container artifacts, Artifact Registry extends the capabilities of Container Registry.

https://cloud.google.com/blog/products/application-development/understanding-artifact-registry-vs-container-registry 起,主要改进是:

  • "A unified control plane for container, OS and language repositories" - AR is for storing language and OS packages as well
  • "A more granular permission model with Cloud IAM" - permissions can be per-repository
  • "Repositories in the region of your choice" - can choose individual regions for repositories instead of multi-regions
  • "A pricing model that respects your region" - higher costs for storage, but potentially lower (or no) costs for network egress
  • "Part of a secure supply chain" - works directly with other Google Cloud 'secure supply chain' products

Artifact Registry 只是 Container Registry 的改进版本。支持容器镜像之外的构建工件格式,包括流行语言和 Debian 相关包。

截至撰写本文时,只有 Docker 图像和 Helm 图表支持是 GA。 (您必须 sign up through this form to access the pre-GA functionality for Java (Maven/Gradle), Node (npm), Python (PEP 503)和 Debian (APT) 软件包。)

Container Registry 仍将继续工作,不会很快消失。您仍然可以在同一个项目中使用这两种服务。

主要区别如下:

  1. Artifact Registry 支持每个项目有多个存储库。存储库是独立且独特的资源,您需要在推送图像之前创建一个。使用此功能,您将能够为存储库提供名称、描述和特定权限,以便您可以正确管理谁可以访问您的图像。
  2. Artifact Registry 有自己的 IAM permissions 来访问您的存储库。
  3. Artifact Registry 使用 pkg.dev 下的新主机,而不是 gcr.io
  4. Container Registry 只是多区域的,但 Artifact Registry supports multi regional or regional 个存储库。
  5. Artifact Registry 有自己的定价。用户需要为存储和网络出口付费。