Seqera Enterprise Containers in Recognized Container Registry
acknowledged
M
Maroon Jaguar
When deploying Seqera Enterprise in kubernetes, the images come from
cr.seqera.io
. Currently, if deploying to AWS EKS, it would be great to create a pull through cache for the Seqera Platform images. This avoids making Kubernetes pull directly from Seqera's proprietary container registry every time a pod is launched. It also avoids pulling over the public internet.You can setup an ECR repository as a pull through cache. This allows customers to setup their credentials in the AWS account once (via AWS Secrets Manager) and now all images will be cached in the local ECR repository. AWS ECR only support pull through cache:
Amazon ECR currently supports creating pull through cache rules for the following upstream registries:
- Amazon ECR Public, Kubernetes container image registry, and Quay (doesn't require authentication)
- Docker Hub, Microsoft Azure Container Registry, GitHub Container Registry, and GitLab Container Registry (requires authentication with AWS Secrets Manager secret)
- Amazon ECR (requires authentication with AWS IAM role)
It would be great if Seqera could also use a recognized container registry to host their images to allow common registry integrations.
M
Maroon Jaguar
It would be great for the Seqera Platform Enterprise deployment/installation documentation to reflect that recommendation! It's currently written in a way which instructs users to consume the containers directly from Seqera's container registry.
Rob Newman
Hi Maroon Jaguar. Thank you for your feature request!
The current recommendation is that Enterprise users copy the relevant images to their own registry and to not directly consume images from Seqera's container registry. We may change to your proposed model in the future, but as of today this is not currently in our roadmap.
I'll leave this feature request in an acknowledged state to determine how many of our other Enterprise users are interested in the feature, and we appreciate your thoughtful proposal.
Rob Newman
acknowledged