Pq

Project Quay on Ubuntu 24.04 LTS

Azure Developer Tools

Project Quay, the open source container image registry that powers Quay.io, giving your team private image repositories with fine grained access control and a per instance admin credential.

Base
Hardened build
minimal ports, security patches applied at build time
Access
Unique credentials
generated on first boot, readable only by root
Verified
Boots working
services pass a health gate before release
Support
24/7, 365 days
by email and live chat, 24 hour response SLA

Overview

Project Quay is the upstream open source community project of Red Hat Quay: a container native image registry for building, storing and distributing container images. It provides private repositories with fine grained access control across users, organizations, teams and robot accounts, a standards compliant OCI and Docker v2 registry API, tag lifecycle management with expiration, auto pruning and immutable tags, and a complete REST API for automation. It is the same codebase that powers the public Quay.io service.

This image runs the full upstream service topology natively as system services: the web, registry and security scanning application servers, the complete set of background workers for garbage collection, notifications, quota management and auto pruning, with PostgreSQL and Redis alongside. Registry storage lives on the instance disk under a single well known path, and large image pushes work out of the box. It suits teams that want a private registry under their own control: platform engineering groups hosting internal images, CI/CD pipelines that need a fast nearby push target, and organizations that prefer their build artifacts never leave their own network.

Why the cloudimg image

cloudimg delivers Project Quay fully installed behind an nginx reverse proxy, so a working registry answers the moment the instance boots. The image is secure by default and carries no usable login: no administrator account and no shared secret ship in the image. On the first boot of every instance a two stage service generates fresh secret keys and a fresh database password, initialises the database empty, then creates a unique administrator account plus a scoped API access token and writes them to a file only the root user can read. Anonymous access and open self registration are disabled, the database and cache listen only on loopback, the base is fully patched with unattended security upgrades enabled, and every deployment is paired with a step by step deploy guide and backed by 24/7 cloudimg support.

Common uses

  • Private container image hosting for teams
  • CI/CD push and pull target
  • Image lifecycle management with tag expiration and auto pruning

See it running

Real screenshots taken while testing this image against its deployment guide.

Project Quay on Ubuntu 24.04 LTS screenshot 1 Project Quay on Ubuntu 24.04 LTS screenshot 2 Project Quay on Ubuntu 24.04 LTS screenshot 3 Project Quay on Ubuntu 24.04 LTS screenshot 4