ocicdn

A free, global pull-through cache for the public OCI registries, built on Cloudflare Workers and R2.

usage

Each upstream registry is a subdomain. Pick the one that matches the image you want:

docker pull docker.ocicdn.net/library/alpine:3.20          # Docker Hub
docker pull ghcr.ocicdn.net/sigstore/cosign:v2             # GitHub Container Registry
docker pull quay.ocicdn.net/prometheus/prometheus:latest   # Quay.io
docker pull k8s.ocicdn.net/pause:3.9                       # registry.k8s.io
docker pull gcr.ocicdn.net/distroless/base:latest          # Google Container Registry
docker pull mcr.ocicdn.net/dotnet/runtime:9.0              # Microsoft Container Registry

Works with docker, podman, containerd, CRI-O, skopeo, buildkit, and anything that speaks the OCI distribution spec. No account, no setup.

why it's fast

6 R2 regionsWNAM, ENAM, WEUR, EEUR, APAC, OC. Routed by cf.continent. Africa → WEUR, South America → WNAM.

Edge cache tierHot blobs live in CF colos, <5 ms from the client. Under 512 MB per object — CF's limit.

Tee‑on‑missA single upstream pull fills client, regional R2, central R2, and edge — all in parallel.

Content‑addressed dedupsha256 keys. Ten customers pulling the same base layer share one byte on disk.

Herd‑lock1000 nodes cold‑missing the same blob? One Hub fetch, 999 wait for the fill.

Planet‑scaleCloudflare's 300+ colo anycast. Zero ops, no capacity planning.

can you trust this proxy?

Yes — because you don't have to. OCI clients verify the full content tree after every pull. If you pin by digest, your runtime guarantees byte-for-byte identity:

docker pull docker.ocicdn.net/library/alpine@sha256:77726ef6b57ddf65bb551896826ec38bc3e53f75cdde31354fbffb4f25238ebd

We physically cannot substitute content — the pull would fail its own integrity check. For additional assurance:

The proxy is byte-for-byte passthrough. We return Hub's Docker-Content-Digest header verbatim. Every response body's sha256 matches.
Source is open. Read the code that fetches from Hub and streams the bytes through: github.com/isorun/ocicdn.
Sigstore / cosign signatures pass through unchanged. cosign verify <image> works identically through us as direct from Hub.
Our upstream Hub token scope is public read-only. We can't push forged images back to Hub, ever.

limits

Pull-only. No push. No private repos.
Public images only — we don't proxy auth-gated content.
Rate-limited per IP to keep the service fair.