Container Registries

Instances can pull from any OCI-compliant container registry. Public images (like nginx from Docker Hub) work out of the box. For private images, you can use Harbor (Unisrv's built-in registry) or bring your own.

Harbor — built-in registry

Every Unisrv account includes a private, tenant-isolated container registry at harbor.unisrv.io. It's a standard Docker registry — you interact with it using the Docker CLI you already have.

Login

Authenticate with Docker using your Unisrv auth token as the password:

unisrv auth token | docker login harbor.unisrv.io --username unisrv --password-stdin

The username is always unisrv — all identity comes from the token.

Push and pull

From here it's just normal Docker:

docker tag my-app harbor.unisrv.io/my-app:latest
docker push harbor.unisrv.io/my-app:latest

Your images are fully isolated per account — repository names are yours alone.

Deploy from Harbor

Unisrv pulls from Harbor automatically, no registry login needed:

unisrv rollout my-service harbor.unisrv.io/my-app:latest -p 8080

External registries

For images hosted elsewhere, store credentials so Unisrv can pull on your behalf:

unisrv registry login <registry> -u <username>
# Prompts for password/token

Credentials are stored locally and sent to the node when pulling images from that registry.

GitHub Container Registry (GHCR)

GHCR is included with every GitHub organization and is a solid choice for private images.

unisrv registry login ghcr.io -u <github_username>
# Paste a GitHub personal access token (needs read:packages scope)

Your images will be at ghcr.io/<org>/<image>:<tag>.

Other registries

Any OCI-compliant registry works — Docker Hub, AWS ECR, Google Artifact Registry, your own self-hosted registry. Just point registry login at the right host.

# Docker Hub
unisrv registry login docker.io -u <username>

# AWS ECR
unisrv registry login <account_id>.dkr.ecr.<region>.amazonaws.com -u AWS

Listing configured registries

unisrv registry list