Harbor is an open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted.
Harbor, a CNCF Graduated project, delivers compliance, performance, and interoperability to help you consistently and securely manage artifacts across cloud native compute platforms like Kubernetes and Docker.
Overview of Harbor
VMware created Harbor in 2014. Harbor was shared with the community through an open-source license in 2016 and donated to the CNCF in 2018.
Harbor is integrated into VMware products: vSphere Integrated Containers, VMware Enterprise PKS, and vSphere with Kubernetes.
The embedded Harbor for vSphere with Kubernetes includes the following features:
- Identity integration and role-based access control (RBAC)
- Graphical user interface
- Auditing of operations
- Management with labels
Originating from VMware, Harbor is an open-source project that extends the Docker registry source code to provide an enterprise-class registry server. Harbor provides additional flexibility and security to Docker registries so that enterprises can create a repository for Docker images for use within their infrastructure.
In July 2018, Harbor was accepted into the Cloud Native Computing Foundation (CNCF) sandbox as the first container registry. It was accepted into the CNCF Incubator in November 2018.
Embedded Harbor for vSphere with Kubernetes is not as fully featured as standalone Harbor.
Embedded Harbor on vSphere with Kubernetes provides the following features:
- Integrated User Account and Authentication (UAA): Harbor can share UAA authentication with vCenter Server using vCenter Single Sign-On.
- Role-based access control (RBAC): Users and repositories are organized into projects. Users can have master or guest permissions depending on the permission of the namespace.
- Graphical user portal: Users can easily browse, search repositories, and manage projects.
- Auditing: All operations to repositories are tracked.
- Management with labels: Harbor provides labels at the project level.
Harbor is a component of vSphere with Kubernetes. Harbor provides an enterprise-class registry service.
Harbor is deployed in a dedicated system namespace on the Supervisor Cluster and is composed of several vSphere Pods.
The standard Harbor installation process involves the following stages:
- Make sure that your target host meets the Harbor Installation Prerequisites.
- Download the Harbor Installer
- Configure HTTPS Access to Harbor
- Configure the Harbor YML File
- Configure Enabling Internal TLS
- Run the Installer Script
Intro to Harbor