- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Quick Start
- Operation Guide
- Purchasing Instances
- Creating an Enterprise Edition Instance
- Access Configuration
- Manage Image Repository
- Image Distribution
- Image Security
- Synchronization and Replication
- Configuring Image Tag Retention
- Image Cleanup
- DevOps
- OCI Artifacts Management
- Operation Guide for TCR Individual
- Terminating/Returning Instances
- Best Practices
- TCR Personal migration
- Using the Delivery Assembly Line to Implement Container DevOps
- TKE Clusters Use the TCR Addon to Enable Secret-free Pulling of Container Images via Private Network
- Synchronizing Images to TCR Enterprise Edition from External Harbor
- TKE Serverless Clusters Pull TCR Container Images
- Image Data Synchronization and Replication Between Multiple Platforms in Hybrid Cloud
- Nearby Access Through Image Synchronization Between Multiple Global Regions
- Using Custom Domain Name and CCN to Implement Cross-Region Private Network Access
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Instance Management APIs
- DescribeInstances
- DescribeInstanceStatus
- CreateInstanceToken
- CreateInstance
- ModifyInstanceToken
- DescribeInstanceToken
- DeleteInstanceToken
- DeleteInstance
- RenewInstance
- CheckInstanceName
- CheckInstance
- ModifyInstance
- DescribeRegions
- DescribeInstanceCustomizedDomain
- DescribeImageAccelerateService
- DeleteInstanceCustomizedDomain
- DeleteImageAccelerateService
- CreateInstanceCustomizedDomain
- CreateImageAccelerationService
- Namespace APIs
- Image Repository APIs
- Custom Account APIs
- Trigger APIs
- Instance Synchronization APIs
- Access Control APIs
- Helm Chart APIs
- Tag Retention APIs
- Data Types
- Error Codes
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Quick Start
- Operation Guide
- Purchasing Instances
- Creating an Enterprise Edition Instance
- Access Configuration
- Manage Image Repository
- Image Distribution
- Image Security
- Synchronization and Replication
- Configuring Image Tag Retention
- Image Cleanup
- DevOps
- OCI Artifacts Management
- Operation Guide for TCR Individual
- Terminating/Returning Instances
- Best Practices
- TCR Personal migration
- Using the Delivery Assembly Line to Implement Container DevOps
- TKE Clusters Use the TCR Addon to Enable Secret-free Pulling of Container Images via Private Network
- Synchronizing Images to TCR Enterprise Edition from External Harbor
- TKE Serverless Clusters Pull TCR Container Images
- Image Data Synchronization and Replication Between Multiple Platforms in Hybrid Cloud
- Nearby Access Through Image Synchronization Between Multiple Global Regions
- Using Custom Domain Name and CCN to Implement Cross-Region Private Network Access
- API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Instance Management APIs
- DescribeInstances
- DescribeInstanceStatus
- CreateInstanceToken
- CreateInstance
- ModifyInstanceToken
- DescribeInstanceToken
- DeleteInstanceToken
- DeleteInstance
- RenewInstance
- CheckInstanceName
- CheckInstance
- ModifyInstance
- DescribeRegions
- DescribeInstanceCustomizedDomain
- DescribeImageAccelerateService
- DeleteInstanceCustomizedDomain
- DeleteImageAccelerateService
- CreateInstanceCustomizedDomain
- CreateImageAccelerationService
- Namespace APIs
- Image Repository APIs
- Custom Account APIs
- Trigger APIs
- Instance Synchronization APIs
- Access Control APIs
- Helm Chart APIs
- Tag Retention APIs
- Data Types
- Error Codes
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
Instance
Why can’t I use an instance name to create an instance?
An instance name cannot be used to create an instance for the following reasons:
An instance name must be 5 to 50 characters in length. It supports only lowercase letters, digits, and hyphens (-) and cannot start or end with a hyphen. The instance can be created only if the instance name meets the requirements.
The name of an instance determines the access domain name of the instance. Therefore, an instance name is globally unique in Tencent Container Registry (TCR). When you create an instance, the name of the instance cannot be identical with an existing instance name of the current user or other users.
Some instance names are reserved or shielded and cannot be used to create instances.
What should I do if I fail to log in to the instance?
To log in to the instance, you should run the
docker login command in the access client and enter the username and password.
Follow the instructions below:1. Check whether the token is correct. You can obtain a temporary token to test the instance login by choosing Instance > Access TCR Instance in the TCR console. .
2. Check whether the access credential is valid. A temporary access credential is valid for 1 hour. For more information, see Obtaining an Instance Access Credential.
3. Check whether the instance allows traffic from the network of Cloud Virtual Machine (CVM). For more information, see Network Access Control Overview.
Image
How does the TKE cluster implement the secret-free pulling of images?
We recommend the TKE user to use the TCR add-on to implement the secret-free pulling of images. For more information, see TKE Clusters Use the TCR Addon to Enable Secret-free Pulling of Container Images via Private Network.
You can set the access level of the namespace where the image is located to public, and all image repositories and Helm charts in this namespace will become public. As "Anonymous Access" is enabled for instance by default, any clients that pass access control can get the images and charts directly without logging in. We recommend that you only set the basic image repository.
What is the solution for the prompt "unauthorized: authentication required" when an image is pushed or pulled?
When the Docker client is used to push and pull images, the client must have the credential for accessing registry instances. To solve the problem, refer to the following steps:
1. Make sure that the correct access credential is used to run the
docker login command on the server and the access credential of the instance has been stored on the Docker client. For more information, see Pushing and Pulling an Image.2. If the
docker login command has been run on the server and login is successful, check whether the temporary password used for login last time is still within the validity period.
By default, the instance access credential obtained by the console is only valid within 24 hours to guarantee data security of enterprise-class instances. Beyond the period, a new credential must be generated.Can I delete an image version?
Yes. When you delete a specified image version, the image versions with the same content (namely the same SHA256) will also be deleted.
Access Permission
How do I restrict user to access the specified namespace/image repository?
In TCR, you can configure the resource access permission for the sub-account through CAM. For more information, see Example of Authorization Solution of TCR Enterprise or Example of Authorization Solution of TCR Individual.
Network Control
How is the network traffic billed?
Using the public network to upload and download the cloud-native applications such as container images and Helm charts will generate public network traffic fees in COS. We recommend you to use the private network access because it will not incur traffic fees, and the access speed is better than public network access.
Notes
Using the instance synchronization feature for cross-regional synchronization of container images and Helm charts will not generate COS public network traffic fees.
How do I determine if I am accessing via a private network or public network?
By default, the private network is used for VPC and the public network is used for non-VPC. For more information, see How do I determine if I am accessing COS over a private network?.
DevSecOps
Why is the account of CODING DevOps locked?
It may be that the password was entered incorrectly five times, or the admin locks it. Please contact your admin.
How do I specify the Dockerfile path and building directory when building an image by using source code?
If you do not enter a path, the system uses the following default values:
Default Dockerfile path: Dockerfile under the root directory of the code repository.
Default building directory: the root directory of the code repository.
To specify a path, enter a relative path with the project path as the root path.
Synchronization and Replication
How do I implement image acceleration?
Currently, TCR supports accelerated pull of images outside the Chinese mainland, P2P, and loading container images on demand.
What are the differences between instance synchronization and replication?
Object
The instance synchronization works on two independent instances.
The instance replication works on an instance that acts as the primary instance and can create sub-instances in another region.
Effect
The instance synchronization feature allows you to customize synchronization rules and synchronize data as needed.
In instance replication, data is fully replicated and the application images used by multi-regional services are managed uniformly.
Underlying implementation
Based on COS cross-region synchronization capability, the instance replication supports real-time streaming synchronization of image data and is faster than instance synchronization.
The instance replication feature is only available for the premium instance and the cross-border replication is not supported.
Other
Why does the size of the image displayed on the cluster node and in the repository differ?
The image is compressed and stored in the image repository. The image size on the cluster node shall prevail.
What features are not supported in the international version?
Currently, the CODING DevOps related features and some new features are not supported in the international version.
Yes
No
Was this page helpful?