Today Red Hat is introducing the open sourcing of Project Quay, the upstream project representing the code that powers Red Hat Quay and Quay.io. Newly open sourced, as per Red Hat’s open source commitment, Project Quay represents the culmination of years of work around the Quay container registry since 2013 by CoreOS, and now Red Hat.
Quay was the first private hosted registry on the market, having been launched in late 2013. It grew in users and interest with its focus on developer experience and highly responsive support, and capabilities such as image rollback and zero-downtime garbage collection. Quay was acquired in 2014 by CoreOS to bolster its mission to secure the internet through automated operations, and shortly after the CoreOS acquisition, the on-premise offering of Quay was released. This product is now known as Red Hat Quay.
The Quay team also created and integrated the Clair open source container security scanning project since 2015, and today includes Red Hat and community maintainers and users.
Starting today, with Quay and Clair code bases now open source as Project Quay, we believe together the projects will benefit the cloud-native community to lower the barrier to innovation around containers, helping to make containers more secure and accessible. Open source is a core part of what Red Hat believes in, and we are proud to reach this moment of getting the project ready for the open community. As we’ve noted before, open source software energizes developers. Teams working in parallel can outproduce the large development hierarchies of the last generation. We believe working upstream with open source communities is an important innovation strategy.
What’s in Project Quay
The release of Project Quay today represents the open sourcing of the Quay application’s code base, including the necessary tooling to build, deploy and run a completely open source Quay distribution.
Quay and Clair have always been closely aligned as projects. Clair enables the container security scanning feature in Red Hat Quay, which helps users identify known vulnerabilities in their container registries. Clair was created in the open source community in an effort to improve security through open work amongst vendors and users alike. With increased security needs in mind, Clair is also directly built into Project Quay.
Project Quay contains a collection of open source software licensed under Apache 2.0 and other open source licenses. It follows an open source governance model, with a maintainer committee.
For Red Hat Quay and Quay.io users
With an open community, Red Hat Quay and Quay.io users can benefit from being able to work together on the upstream code.
Moving forward, Quay.io and Red Hat Quay will build off of the work done in Project Quay, with Quay.io being built off of and deployed from the upstream project. Red Hat Quay will, in turn, continue to be managed, built and released by Red Hat as per our release process.
Join The Community
We welcome and encourage Quay and Quay.io end users and all interested parties to participate and join Project Quay. Your feedback and use cases are essential to informing and driving the road map. Come meet the engineering and community leads during the Project Quay Office Hours at KubeCon NA.