I build my images for private & professional projects in Gitlab CI and I use the provided free registry.
The biggest downside to my set up is that I can't say I have enterprise-level security. Getting it nailed down properly requires the use of tools like TUF/Notary[0] & signed-image aware container repositories like Harbor[1] and a deployment gate mechanism like Portieris[2]. That's a lot of complexity to tack on.
Just a note -- Docker already runs containerd underneath via a shim[3]
If you're relying on docker-specific features then by all means it makes sense to continue using docker but if you're just looking for a thing to quietly run your containers (or power your kubernetes cluster), containerd should probably be that thing. It's all of the building and none of the extra stuff that docker the company is trying to do/become.
The biggest downside to my set up is that I can't say I have enterprise-level security. Getting it nailed down properly requires the use of tools like TUF/Notary[0] & signed-image aware container repositories like Harbor[1] and a deployment gate mechanism like Portieris[2]. That's a lot of complexity to tack on.
Just a note -- Docker already runs containerd underneath via a shim[3]
If you're relying on docker-specific features then by all means it makes sense to continue using docker but if you're just looking for a thing to quietly run your containers (or power your kubernetes cluster), containerd should probably be that thing. It's all of the building and none of the extra stuff that docker the company is trying to do/become.
[0]: https://github.com/theupdateframework/notary
[1]: https://github.com/goharbor/harbor
[2]: https://github.com/IBM/portieris
[3]: https://groups.google.com/forum/#!topic/docker-dev/zaZFlvIx1...