Help Center/ SoftWare Repository for Container/ User Guide (Enterprise Edition)/ Image Management/ Pulling an Image Artifact to a Local Host
Updated on 2025-09-28 GMT+08:00
View PDF

Pulling an Image Artifact to a Local Host

Scenarios

To use an image stored in a repository, you need to pull (or download) it from the repository first. Then, you can use the image to deploy containerized applications in CCE or CCI.

Images are either public or private. If the namespace is public, all images in the namespace are public. If the namespace is private, all images in the namespace are private. Public and private images are different in the following aspects:

  • Public images can be downloaded without log into Docker.
  • Private images can be downloaded only after you log in to Docker and are granted the download permission (the corresponding action is swr:repository:downloadArtifact).

You can use Docker or containerd to pull images from SWR.

Prerequisites

  • Your network is normal.
  • You have prepared a container engine client, which can be used within the network access range defined in Access Control.

Constraints

If a Docker container engine client is used to pull images, the Docker version is 18.06 or later.

Procedure

You can refer to the following operations to pull image using a Docker or containerd container engine client.

Docker

  1. Obtain and copy the temporary access credential.

    Temporary access credentials are valid for 24 hours after they are generated. Long-term credentials do not expire and can be used permanently.

  2. Log in to the server where Docker is installed as user root and run the command obtained in 1.

  3. Log in to the SWR console.
  4. In the navigation pane, choose Enterprise Edition. On the Repositories page, click the name of the target repository to go to the repository details page.
  5. In the navigation pane, choose Image Repositories. Click the image name to go to the image details page.
  6. In the Artifacts area on the right, click next to Docker command in the Pull Command column to copy the command.

    The command is only valid for 24 hours after it is generated. To obtain a pull command that will remain valid for a long term, see Access Credentials.

  7. Run the pull command copied in 6 on the server where Docker is installed as user root.

    You can also replace the "at" sign (@) in the pull command copied in 6 with a colon (:) and replace the digest of the image artifact with the image tag.

  8. Run the docker images command to check whether the image is successfully pulled.

containerd

  1. Log in to the SWR console.
  2. In the navigation pane, choose Enterprise Edition. On the Repositories page, click the name of the target repository to go to the repository details page.
  3. In the navigation pane, choose Image Repositories. Click the image name to go to the image details page.
  4. In the Artifacts area on the right, click Generate command next to containerd command in the Pull Command column. In the displayed dialog box, copy the command.
  5. Log in to the server running containerd as user root.
  6. Run the command copied in 4.

    The command is only valid for 24 hours after it is generated. To obtain a pull command that will remain valid for a long term, see Access Credentials.

  7. Verify that the image has been pulled.

Parent topic: Image Management