I deal with multiple user groups that each have custom docker software containers that must be kept private due to licensing and security concerns, but users of a particular group need to authenticate and retrieve docker images to run on cloud servers of various kinds.
What (if any) is the best working solution for willing groups to consolidate hosting and role based authenticated access control yet provide an easy docker pull for users?
For context, in the past in different environments I have used Docker Enterprise DTR, public Docker Hub, Gitlab registry, Amazon ECR, an sftp server with docker save and singularity tarballs, and custom temporary solutions self hosting an open source docker registry behind an nginx proxy with access controls in a private cloud. Some of these solutions either had high cost, poor experience, or did not fit the above scenario such as being burdensome for migration, backups, or maintaining multiple private group access roles for changing user lists.