How-To Integrate Private Registry with Model Library v1.3

Suggest edits

Integrate Private Registry with Model Library

Prerequisite: Access to the Hybrid Manager UI with AI Factory enabled. See /edb-postgres-ai/1.3/hybrid-manager/ai-factory/.

This guide explains how to integrate your organization's private container registry with the AI Factory Model Library.

Once integrated, your custom-built or internally-approved model images will appear in the Model Library console, ready to deploy into Model Serving.

Who should use this guide?

  • AI platform admins responsible for container registry governance.
  • DevOps engineers managing private registries for AI images.
  • Developers needing to deploy private AI models through AI Factory.

What this enables

  • You can register private registries with Hybrid Manager (HM).
  • HM can discover AI model images in your registry.
  • These images will be available in the Model Library for deployment to Model Serving.
  • You can control visibility and usage of private model images across your AI Factory workloads.

Estimated time to complete

10–15 minutes per registry configuration.

Prerequisites

Before you begin:

  • You must have admin access to your private container registry (AWS ECR, GCP GCR, Azure ACR, Harbor, or similar).
  • You must have admin access to HM (to configure registry integration).
  • You must know the required credentials (username/password or token) for your registry.
  • Your registry must expose a compatible Docker Registry API v2 endpoint.

Supported registry types

  • AWS Elastic Container Registry (ECR)
  • Google Container Registry (GCR) / Artifact Registry
  • Azure Container Registry (ACR)
  • Harbor
  • Generic registries supporting Docker Registry API v2

Integration Steps

1. Prepare registry credentials

  • For public registries → no authentication required.

  • For private registries → prepare one of:

    • Username/password pair
    • Personal access token
    • Robot account credentials (Harbor)

Confirm you can perform a docker pull of your model images locally using these credentials.

2. Register your registry in HM

  • In the console, go to:

AI Factory > Model Library > Manage Repositories > Add Registry

You will see a dialog prompting for:

FieldDescription
Registry URLThe full registry hostname (e.g., myregistry.company.com)
Registry TypeSelect from supported registry types
Username(Optional) Username for authentication
Password/Token(Optional) Password or token for authentication
Registry Name (Label)Friendly name displayed in Model Library console
  • Fill in the required fields.
  • Click Add Registry.

3. Verify registry integration

After adding:

  • HM will attempt to connect to the registry and validate credentials.
  • If successful, your registry will appear in the Manage Repositories list.
  • HM will begin periodic sync of repository tags from this registry.

4. Define Repository Rules

To control which repositories/tags are discovered:

5. Validate image availability

After sync completes:

  • Go to AI Factory > Model Library.
  • Select the Registry scope or Repository filter.
  • Confirm your private model images appear with correct tags.

You can now deploy these images via the normal Deploy to Model Serving flow.

Tips & Best Practices

  • Use robot accounts or token-based auth when possible to avoid exposing personal credentials.
  • Limit discovery scope via Repository Rules — avoid syncing the entire registry.
  • Tag images clearly with version info to aid selection in Model Library.
  • For multi-tenant environments, segment registry visibility carefully.

Troubleshooting

Registry connection failed

  • Check Registry URL (must not include https://, just the hostname).
  • Validate credentials by testing docker login manually.
  • Ensure Registry API v2 is enabled.

Images not appearing

  • Check that Repository Rules allow the relevant repository.
  • Verify image has a valid tag.
  • Confirm periodic sync has completed.

Authentication errors

  • For AWS ECR → ensure IAM permissions allow ecr:GetAuthorizationToken.
  • For Azure ACR → ensure token has acrPull role.
  • For GCR → use a service account with Artifact Registry access.

Summary

  • You can integrate private registries with Model Library.
  • Your private model images become available to deploy via Model Serving.
  • You can govern visibility via Repository Rules.
  • Model Library unifies both public and private image sources for your AI workloads.

Related Links

↑ Up

AI Factory Models

Next →

How-To Define Repository Rules for Model Library