Important: MSR 2.9.x reaches End of Life (EOL) on 2026-DEC-01. Mirantis strongly recommends upgrading to the latest supported version to continue receiving updates, fixes, and support.

Manage images

• Create a repository
  • Image names in MSR
  • Multi-architecture images
• Review repository information
• Pull and push images
  • Pull an image
  • Push an image
    • Windows image limitations
• Delete images
• Scan images for vulnerabilities
  • Security scan process
    • Scanning process
    • Binary scan
    • Layers excluded from scanning
  • Scan images
    • Security scan on push
    • Manual scanning
    • Change the scanning mode
  • Review security scan results
    • Scan summaries
    • Detailed report
    • What to do next
  • Override a vulnerability
  • Scanner reporting
    • Export a scanner report
    • Submit a scanner report
• Prevent tags from being overwritten
  • Make tags immutable
• Sign images with Docker Content Trust
  • Initial local setup
    • Enable DCT
    • Configure CA certificates
  • Sign images that MKE can trust
  • Add a delegation
  • Delete trust data
  • Delete signed images
  • Using Docker Content Trust with a Remote MKE Cluster
    • Prerequisites
    • Registering MSR with a remote Mirantis Kubernetes Engine
    • Signing an image in MSR
    • Enforce Signed Image Tags on the Remote MKE
    • Troubleshooting
      • Example Errors
        • Image or trust data does not exist
        • Image did not meet required signing policy
        • MSR URL must be a registered trusted registry