Google Cloud in April created a blog post about a new part of the Artifact regsitry called Remote Repositories

In todays installment, we will look at what they are, why you'd use one, and how to integrate it with your daily workflow.

What is Artifact Registry

Artifact Registry is the better version of Google Container Registry ( which is a place for storing your OCI images. Artifact Registry has more features over the now deprecated Google Container Registry

They are, but not limited to:

  • Storing Helm charts
  • Storing APT packages
  • Storing go and python packages
  • Remote repos (this blog post covers this)
  • Maven
  • KubeFlow Pipelines
  • Global storage or Regional
  • Security Scanning of images

Unlike the old Google Container Registry, Artifact Registry has a nicer naming schema, making it easier to tell where the images are coming from

What is a remote Repository

Google defines this as A repository that acts as a caching proxy for External public artifact repository - which in this case, is currently only Dockehub.

In human readable terms, this special repository allows you to have cached images in your google account, that are then delivered at line speed (internal traffic) to GKE clusters, cloud run or anything else. You can also use them on your laptop

How to create one

You are able to create a virtual Repository through the UI by navigating to the Artifact Registry and clicking + CREATE REPOSITORY

Select Remote

Alternativly, if you prefer terraform

resource "google_artifact_registry_repository" "containers" {
  location      = var.region
  repository_id = "breadnet-cache"
  description   = "breadNET Public Image cache"
  format        = "DOCKER"
  mode          = "REMOTE_REPOSITORY"
  project       = var.project
  remote_repository_config {
    description = "docker hub"
    docker_repository {
      public_repository = "DOCKER_HUB"

How to actually use it

Once you have the repository created, you will need to authenticate your local podman (or docker) to the Artifact Registry.

Click on the repository, then click Setup Instructions where a tab will appear with a command similar to the below

gcloud auth configure-docker

Once this is run, you are able to pull images.

Official images

podman pull

User created images

podman pull

If we have a docker file like the below, we would simply append to the image name, and it will use the cache


LABEL org.opencontainers.image.title="Kubectl"
LABEL org.opencontainers.image.description="A Docker image for Kubectl"
LABEL org.opencontainers.image.authors="Bradley Stannard <[email protected]>"

RUN apk add curl

RUN curl -LO "$(curl -L -s"

RUN rm -rf /var/cache/apk/*

RUN install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

RUN rm /kubectl

ENTRYPOINT ["kubectl"]

As always, if you have any questions please reach out to me!