A container registry is simply a public or private area for the storage, and serving, of pre-built containers. There are many options for a registry that can be used, and all the major cloud vendors have a hosted version of registries that can be made private for a specific organization. In addition, there are many public hosted registries, such as the Docker Hub registry, that holds publicly available pre-built container files that have lots of common configurations ready to use. Depending on the needs of an organization, any of these would work. However, once the learning phase is completed, it's recommended that hosted private registries are always used. In addition to being much more secure for private container images, if hosted in the cloud environment, this also provides close proximity to the orchestration service for a faster deployment pipeline.

Registries play a critical role in the CI/CD pipelines that will be used for deployment of applications. We have a simple pipeline where the developer checks code into the repository of choice (in this case, a GIT repository). That push triggers a build using Jenkins, which will build the container, test the newly formed container using predefined scripts, and push that container to the registry service. Once in the registry, the orchestration tool will trigger a pull from the registry that will take the new container and perform an update or deploy. There are a few ways to achieve the final deployment: either a rolling update for zero downtime or a new deployment following the configuration requirements.