Skip to content
Klutch.sh Docs

Deploying ZOT OCI Registry

Introduction

ZOT is a production-ready, vendor-neutral OCI-native container image registry. It implements the OCI Distribution Specification for storing and distributing container images and artifacts. ZOT is designed to be lightweight, secure, and enterprise-ready.

Key highlights of ZOT:

  • OCI Native: Full OCI Distribution Specification compliance
  • Lightweight: Single binary with minimal resource requirements
  • Security: Built-in vulnerability scanning and signature verification
  • Deduplication: Content-addressable storage reduces disk usage
  • Replication: Sync images between registries
  • Web UI: Optional web interface for browsing images
  • Authentication: LDAP, OAuth2, and htpasswd support
  • Metrics: Prometheus metrics for monitoring

This guide walks through deploying ZOT on Klutch.sh using Docker.

Why Deploy ZOT on Klutch.sh

Deploying ZOT on Klutch.sh provides several advantages:

Private Registry: Host container images without third-party services.

Standards Compliant: Works with all OCI-compatible tools.

HTTPS by Default: Secure image pulls and pushes with automatic SSL.

Persistent Storage: Your images persist with Klutch.sh volumes.

Prerequisites

Before deploying ZOT on Klutch.sh, ensure you have:

Deploying ZOT on Klutch.sh

    Create Your Repository

    Create a new GitHub repository with a Dockerfile and config:

    FROM ghcr.io/project-zot/zot-linux-amd64:latest
    

    COPY config.json /etc/zot/config.json
    

    VOLUME ["/var/lib/registry"]
    

    EXPOSE 5000
    

    CMD ["serve", "/etc/zot/config.json"]

    Create a config.json file:

    {
      "distSpecVersion": "1.1.0",
      "storage": {
        "rootDirectory": "/var/lib/registry"
      },
      "http": {
        "address": "0.0.0.0",
        "port": "5000"
      },
      "log": {
        "level": "info"
      }
    }

    Push to GitHub

    Push your Dockerfile and config to your GitHub repository.

    Create a New Project on Klutch.sh

    Navigate to the Klutch.sh dashboard and create a new project.

    Create a New App

    Within your project, create a new app and connect your GitHub repository.

    Configure HTTP Traffic

    Set the traffic type to HTTP with port 5000.

    Attach Persistent Volume

    Add a persistent volume mounted at /var/lib/registry for your container images.

    Deploy Your Application

    Click Deploy to build and launch ZOT.

    Configure Docker to Use Your Registry

    Add your registry to Docker’s configuration:

    Terminal window
    docker login your-app.klutch.sh
    docker tag myimage:latest your-app.klutch.sh/myimage:latest
    docker push your-app.klutch.sh/myimage:latest

Additional Resources

Conclusion

ZOT on Klutch.sh provides a standards-compliant container registry that you control completely. Store and distribute container images privately with enterprise features like vulnerability scanning and image replication.