From a58dd560bfcdf85340393c2402179340cc215db6 Mon Sep 17 00:00:00 2001 From: Amber Alston Date: Tue, 17 Jun 2025 16:36:23 -0600 Subject: [PATCH 1/5] Clarify who gets access and what we recommend --- docs/vendor/private-images-replicated.mdx | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/vendor/private-images-replicated.mdx b/docs/vendor/private-images-replicated.mdx index 79bf3c6c50..bad8252317 100644 --- a/docs/vendor/private-images-replicated.mdx +++ b/docs/vendor/private-images-replicated.mdx @@ -4,6 +4,10 @@ import TeamTokenNote from "../partials/vendor-api/_team-token-note.mdx" This topic describes how to push images to the Replicated private registry. +:::note +The ability to push additional images to the Replicated Registry is restricted to KOTS managed installations. Regardless of intended application installation method, Replicated recommends leveraging the [Replicated Proxy Registry](/vendor/private-images-about) instead for private/public image distribution. The Replicated Proxy Registry is a globally distributed and highly performant way to grant license controlled pull-through access to application images. +::: + ## Overview For applications installed with KOTS, you can host private images on the Replicated registry. Hosting your images on the Replicated registry is useful if you do not already have your images in an existing private registry. It is also useful for testing purposes. From 021d6ca16eb3f1c233ff9d0b973e48e7446beb00 Mon Sep 17 00:00:00 2001 From: Amber Alston Date: Tue, 17 Jun 2025 16:41:15 -0600 Subject: [PATCH 2/5] wording tweak --- docs/vendor/private-images-replicated.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/vendor/private-images-replicated.mdx b/docs/vendor/private-images-replicated.mdx index bad8252317..272bf4f9a1 100644 --- a/docs/vendor/private-images-replicated.mdx +++ b/docs/vendor/private-images-replicated.mdx @@ -5,7 +5,7 @@ import TeamTokenNote from "../partials/vendor-api/_team-token-note.mdx" This topic describes how to push images to the Replicated private registry. :::note -The ability to push additional images to the Replicated Registry is restricted to KOTS managed installations. Regardless of intended application installation method, Replicated recommends leveraging the [Replicated Proxy Registry](/vendor/private-images-about) instead for private/public image distribution. The Replicated Proxy Registry is a globally distributed and highly performant way to grant license controlled pull-through access to application images. +The ability to push additional images to the Replicated Registry is restricted to KOTS managed installations. Regardless of intended application installation method, Replicated recommends leveraging the [Replicated Proxy Registry](/vendor/private-images-about) instead for private/public image distribution. The Replicated Proxy Registry provides a globally distributed and highly performant method to grant license controlled pull-through access to application images. ::: ## Overview From ea4a2ea6ce43c827cd89ca299f231a6d5dadcfa4 Mon Sep 17 00:00:00 2001 From: Amber Alston Date: Tue, 17 Jun 2025 16:48:07 -0600 Subject: [PATCH 3/5] page title change the old title "Use the Replicated Registry for KOTS Installations" sounded too much like we were telling you to use it, which conflicted with the advice note below --- docs/vendor/private-images-replicated.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/vendor/private-images-replicated.mdx b/docs/vendor/private-images-replicated.mdx index 272bf4f9a1..234a48ca6e 100644 --- a/docs/vendor/private-images-replicated.mdx +++ b/docs/vendor/private-images-replicated.mdx @@ -1,8 +1,8 @@ import TeamTokenNote from "../partials/vendor-api/_team-token-note.mdx" -# Use the Replicated Registry for KOTS Installations +# Replicated Registry Option for KOTS Installations -This topic describes how to push images to the Replicated private registry. +This topic describes how to optionally push images to the Replicated private registry. :::note The ability to push additional images to the Replicated Registry is restricted to KOTS managed installations. Regardless of intended application installation method, Replicated recommends leveraging the [Replicated Proxy Registry](/vendor/private-images-about) instead for private/public image distribution. The Replicated Proxy Registry provides a globally distributed and highly performant method to grant license controlled pull-through access to application images. From 3f8db21f5a36c35eadf1f85df7956193bcf31954 Mon Sep 17 00:00:00 2001 From: Paige Calvert Date: Tue, 17 Jun 2025 17:13:53 -0600 Subject: [PATCH 4/5] Update private-images-replicated.mdx --- docs/vendor/private-images-replicated.mdx | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/vendor/private-images-replicated.mdx b/docs/vendor/private-images-replicated.mdx index 234a48ca6e..77da34b24e 100644 --- a/docs/vendor/private-images-replicated.mdx +++ b/docs/vendor/private-images-replicated.mdx @@ -1,16 +1,14 @@ import TeamTokenNote from "../partials/vendor-api/_team-token-note.mdx" -# Replicated Registry Option for KOTS Installations +# About the Replicated Registry Option for KOTS Installations -This topic describes how to optionally push images to the Replicated private registry. - -:::note -The ability to push additional images to the Replicated Registry is restricted to KOTS managed installations. Regardless of intended application installation method, Replicated recommends leveraging the [Replicated Proxy Registry](/vendor/private-images-about) instead for private/public image distribution. The Replicated Proxy Registry provides a globally distributed and highly performant method to grant license controlled pull-through access to application images. -::: +This topic describes how to push images to the Replicated registry. The information in this topic applies only to installations managed with Replicated KOTS. ## Overview -For applications installed with KOTS, you can host private images on the Replicated registry. Hosting your images on the Replicated registry is useful if you do not already have your images in an existing private registry. It is also useful for testing purposes. +For applications installed with KOTS, you can optionally host private images on the Replicated registry. Hosting your images on the Replicated registry can be useful for testing purposes. + +For all production releases, Replicated recommends using the Replicated proxy registry for both private and public image distribution, rather than hosting images on the Replicated registry. The proxy registry provides a globally-distributed and highly-performant method to grant pull-through access to application images. For more information, see [About the Replicated Proxy Registry](/vendor/private-images-about). Images pushed to the Replicated registry are displayed on the **Images** page in the Vendor Portal: @@ -30,6 +28,8 @@ The Replicated registry has the following limitations: * You might encounter a timeout error when pushing images with layers close to or exceeding 2GB in size, such as: "received unexpected HTTP status: 524." To work around this, reduce the size of the image layers and push the image again. If the 524 error persists, continue decreasing the layer sizes until the push is successful. +* The ability to push images to the Replicated registry is available only for KOTS-managed installations. Pushing images to the Replicated registry is not supported for Helm installations. + ## Push Images to the Replicated Registry This procedure describes how to tag and push images to the Replicated registry. For more information about building, tagging, and pushing Docker images, see the From 6a669e242922730c21407fc0226d36749e9b7b12 Mon Sep 17 00:00:00 2001 From: Paige Calvert Date: Tue, 17 Jun 2025 17:15:43 -0600 Subject: [PATCH 5/5] update xref --- docs/vendor/packaging-private-registry-security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/vendor/packaging-private-registry-security.md b/docs/vendor/packaging-private-registry-security.md index 09849d2b09..3f70438ccc 100644 --- a/docs/vendor/packaging-private-registry-security.md +++ b/docs/vendor/packaging-private-registry-security.md @@ -1,6 +1,6 @@ # Replicated Registry Security -This document lists the security measures and processes in place to ensure that images pushed to the Replicated registry remain private. For more information about pushing images to the Replicated registry, see [Using the Replicated Registry for KOTS Installations](private-images-replicated). +This document lists the security measures and processes in place to ensure that images pushed to the Replicated registry remain private. For more information about pushing images to the Replicated registry, see [About the Replicated Registry Option for KOTS Installations](private-images-replicated). ## Single Tenant Isolation