Project Quay is a security-focused and scalable private registry platform for managing content across globally distributed data center and cloud environments. It provides a single and resilient content repository for delivering containerized software to development and production across OpenShift Container Platform and Kubernetes clusters. Project Quay is a distributed and highly available container image registry for your enterprise.

Project Quay can be used for storing, building, and distributing container images and other OCI artifacts. It offers an intuitive web interface that allows users to quickly upload and manage their container images. Administrators can create private repositories, ensuring sensitive or proprietary code remains secure within their organization. Additionally, access controls and team collaboration can be managed, which enables seamless sharing of container images among designated team members.

Project Quay addresses container security concerns through its image scanner, Clair. When enabled, the service automatically scans container images for known vulnerabilities and security issues, providing developers with valuable insights into potential risks and suggesting remediation steps.

Project Quay excels in automation, and supports integration with popular Continuous Integration/Continuous Deployment (CI/CD) tools and platforms, enabling seamless automation of the container build and deployment processes. As a result, developers can streamline their workflows, significantly reducing manual intervention and improving overall development efficiency.

Project Quay caters to the needs of both large and small-scale deployments. Its high availability support ensures that organizations can rely on it for mission-critical applications. The platform can handle significant container image traffic and offers efficient replication and distribution mechanisms to deliver container images to various geographical locations.

Project Quay features

Project Quay is regularly released with new features and software updates. The following features are available for Project Quay deployments, however the list is not exhaustive:

  • High availability

  • Geo-replication

  • Repository mirroring

  • Docker v2, schema 2 (multi-arch) support

  • Continuous integration

  • Security scanning with Clair

  • Custom log rotation

  • Zero downtime garbage collection

  • 24/7 support

Users should check the Project Quay Release Notes for the latest feature information.

Project Quay support

Project Quay provides support for the following:

  • Multiple authentication and access methods

  • Multiple storage backends

  • Custom certificates for Quay, Clair, and storage backend containers

  • Application registries

  • Different container image types

Architecture

Project Quay includes several core components, both internal and external.

For a fuller architectural breakdown, see the Project Quay architecture guide.

Internal components

Project Quay includes the following internal components:

  • Quay (container registry). Runs the Quay container as a service, consisting of several components in the pod.

  • Clair. Scans container images for vulnerabilities and suggests fixes.

External components

Project Quay includes the following external components:

  • Database. Used by Project Quay as its primary metadata storage. Note that this is not for image storage.

  • Redis (key-value store). Stores live builder logs and the Project Quay tutorial. Also includes the locking mechanism that is required for garbage collection.

  • Cloud storage. For supported deployments, one of the following storage types must be used:

    • Public cloud storage. In public cloud environments, you should use the cloud provider’s object storage, such as Amazon Web Services’s Amazon S3 or Google Cloud’s Google Cloud Storage.

    • Private cloud storage. In private clouds, an S3 or Swift compliant Object Store is needed, such as Ceph RADOS, or OpenStack Swift.

Warning

Do not use "Locally mounted directory" Storage Engine for any production configurations. Mounted NFS volumes are not supported. Local storage is meant for Project Quay test-only installations.