Author: Nourhane Bziouech (nourhane.bziouech@de.ibm.com)
Now, starting with Red Hat® Quay 3.10, Red Hat Quay is available on IBM® Z® and IBM® LinuxONE.
So, why are clients interested in Red Hat Quay?
Having a reliable container registry is key to the success for the deployment of any workload in a containerized world. It is needed from the moment it is decided to rely on containers for your production environment, setup your container orchestration environment … until going to production. The container registry assists you to store and deploy all your images.
Two questions come thereafter: How to choose the container registry that ensures success, and, Can the registry play another role as well?
Red Hat Quay
Red Hat Quay is a mature enterprise-centric container image registry. It enables you to build, organize, distribute, and deploy containers easily. It comes in two installation variants: as a standalone registry or managed by an operator on top of the Red Hat OpenShift® Container Platform, both variants are now supported on IBM Z and IBM® LinuxONE.
What else does Red Hat Quay offer for IBM Z and IBM® LinuxONE clients
Red Hat Quay is rich in features which allow the users to rely on it for securely storing and deploying images and more on IBM Z and IBM® LinuxONE.
Red Hat Quay focuses on security when managing your container images, and it does that by providing features like scanning your container images for vulnerabilities and reporting back any known issues and the severity of the vulnerabilities. Also, in the context of a secure environment, Red Hat Quay provides a robust access control for a multi-tenant setup. That makes it easier to trace back and isolate any malicious activity. And all of that while storing your container images on premises on IBM Z and IBM® LinuxONE with full data sovereignty.
Added to the multi-tenancy feature that Red Hat Quay offers, you can also rely on that same local private registry as well for bringing up multi-cluster setup when installing several Red Hat OpenShift clusters on IBM Z and IBM® LinuxONE.
When considering security aspects, the security compliance plays a significant role for the IBM Z and IBM® LinuxONE users. Red Hat Quay on IBM Z and IBM® LinuxONE is FIPS compliant, this helps to have an overall environment that is more compliant to the regulatory requirements.
Furthermore, Red Hat Quay takes the traditional purpose of a container registry to another level. You can do your pushes and pulls from the Red Hat Quay registry, but also you can automate the entire process of building the images and you can rely on Red Hat Quay’s great integration with git repositories to easily update your code and automatically get new container images built on and for the IBM Z and IBM® LinuxONE architecture.
Red Hat Quay also makes it easier for you to manage the storage required for your images. With its scalability feature, you can grow as you go in term of adding storage when needed. When deployed within Red Hat OpenShift, you can also rely on the monitoring feature to understand the storage consumption and receive alerts when it is time to grow the storage.
Red Hat Quay and Red Hat OpenShift Platform use cases
One major use case of Red Hat Quay on IBM Z and IBM® LinuxONE is the setup of a Red Hat OpenShift cluster in an air-gapped environment. Red Hat Quay takes away the burden of setting up manually a private registry locally or relying on a container registry that store your data off-premises.
A reliable container registry is needed for storing the container images required for an installation of Red Hat OpenShift cluster offline and keeping that cluster updated. Red Hat Quay as standalone fits well for this role and enables you to have that cluster installation in a disconnected environment.
Another use case on IBM Z and IBM® LinuxONE is the integration of the container registry with your cloud native CI/CD on the Red Hat OpenShift platform. You can integrate Red Hat Quay into your CI/CD pipelines implemented via Red Hat OpenShift Pipelines and rely on Red Hat Quay’s repository webhook calls to trigger Tekton pipelines for continuously building your container images and deploying them into the same environment.
With its rich security features and great fit into a cloud native CI/CD setup, Red Hat Quay on IBM Z and IBM® LinuxONE provides all the necessary for a DevSecOps deployment model.
The availability of Red Hat Quay on IBM Z and IBM® LinuxONE marks a pivotal advancement, as we aim to assist our clients in providing more capabilities, leveraging existing skills, and empowering them to overcome organizational silos.
For more information, see the Red Hat Quay 3.10 release notes and the Red Hat Quay 3.10 launch blog.