Product Overview¶
Warning
In correlation with the end of life (EOL) date for MSR 3.0.x, Mirantis stopped maintaining this documentation version as of 2024-APR-20. The latest MSR product documentation is available here.
Mirantis Secure Registry (MSR) is a solution that enables enterprises to store and manage their container images on-premises or in their virtual private clouds. With the advent of MSR 3.0.0, the software can run alongside your other apps in any standard Kubernetes 1.20 and above distribution, simply through the use of standard Helm techniques. As a result, the MSR user has far greater flexibility as many resources are administered by the orchestrator rather than the registry itself. And while MSR 3.0.0 is not integrated with Mirantis Kubernetes Engine (MKE) as has been the case with previous versions, it runs just as well on MKE as on any supported Kubernetes distribution.
The security that is built into MSR enables you to verify and trust the provenance and content of your applications and ensure secure separation of concerns. Using MSR, you meet security and regulatory compliance requirements. In addition, the automated operations and integration with CI/CD speed up application testing and delivery. The most common use cases for MSR include:
- Helm charts repositories
Deploying applications to Kubernetes can be complex. Setting up a single application can involve creating multiple interdependent Kubernetes resources, such as pods, services, deployments, and replica sets. Each of these requires manual creation of a detailed YAML manifest file as well. This is a lot of work and time invested. With Helm charts (packages that consist of a few YAML configuration files and some templates that are rendered into Kubernetes manifest files) you can save time and install the software you need with all the dependencies, upgrade, and configure it.
- Automated development
Easily create an automated workflow where you push a commit that triggers a build on a CI provider, which pushes a new image into your registry. Then, the registry fires off a webhook and triggers deployment on a staging environment, or notifies other systems that a new image is available.
- Secure and vulnerability-free images
When an industry requires applications to comply with certain security standards to meet regulatory compliances, your applications are as secure as the images that run those applications. To ensure that your images are secure and do not have any vulnerabilities, track your images using a binary image scanner to detect components in images and identify associated CVEs. In addition, you may also run image enforcement policies to prevent vulnerable or inappropriate images from being pulled and deployed from your registry.