> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipecat.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Container Registry Overview

> Deploy Pipecat Cloud agents from private container registries

<Tip>
  Don't need your own registry? [Cloud
  builds](/pipecat-cloud/guides/cloud-builds) let you deploy directly
  from source with `pipecat cloud deploy` — no registry setup required.
</Tip>

When deploying agents to Pipecat Cloud, you can use images from both public and private container registries. While public images work out of the box, private images from any registry (including Docker Hub) require authentication setup.

## Public vs Private Images

**Public images** from any registry, including Docker Hub, work with Pipecat Cloud without additional configuration. However, **we strongly recommend using private images** for better data privacy and security when deploying production agents.

For **Docker Hub specifically**, even when using public images, we recommend setting up image pull secrets due to Docker Hub's low rate limits for unauthenticated pulls. See our [Docker Hub guide](./docker-hub) for setup instructions.

## Private Registry Setup

For **private images** from any registry (including private Docker Hub repositories), you'll need to configure image pull secrets for authentication.

Choose your registry provider below for detailed setup instructions:

<CardGroup cols={3}>
  <Card title="Docker Hub" icon="docker" href="./docker-hub">
    Setup guide for Docker Hub, including access tokens and the build-push
    command.
  </Card>

  <Card title="Google Cloud Artifact Registry" icon="google" href="./gcp-artifact-registry">
    Complete setup guide for GCP Artifact Registry, including service account
    configuration and authentication.
  </Card>

  <Card title="Amazon ECR" icon="aws" href="./aws-ecr">
    Detailed AWS ECR integration with automatic token refresh setup for
    continuous deployment.
  </Card>
</CardGroup>

## General Process

All private registry integrations follow a similar pattern:

1. **Authenticate Docker** with your registry locally
2. **Create image credentials** in Pipecat Cloud using the CLI
3. **Reference credentials** in your deployment configuration
4. **Deploy your agent** using the private image

```bash theme={null}
# Create image pull secret
pipecat cloud secrets image-pull-secret my-registry-creds https://your-registry-url
```

Then configure your `pcc-deploy.toml` file:

```toml theme={null}
agent_name = "my-agent"
image = "your-registry-url/my-agent:tag"
image_credentials = "my-registry-creds"
secret_set = "my-secrets"

[scaling]
    min_agents = 0
```

Finally, deploy:

```bash theme={null}
pipecat cloud deploy
```

## Need Another Registry?

If you're using a different container registry (Azure Container Registry, GitHub Container Registry, Harbor, etc.), the general process above applies. The main differences are typically in the authentication method and registry URL format.

For assistance with other registry providers, please reach out on our [Discord community](https://discord.gg/pipecat).