Harbor works alongside with Kubernetes and Helm to manage your container images securely
Welcome to the incubation club. Harbor is the first CNCF incubating project that got its start in China! What can you do with the cloud native registry? Harbor works alongside with Kubernetes and Helm to manage your container images securely.
Something new is on the horizon. Moving on up from sandbox status, the CNCF now welcomes Harbor into the incubation stage. The Technical Oversight Committee (TOC) voted and now admits Harbor into the club. This cloud native registry manages and serves container images in a secure manner. It stores, signs, and scans content.
No stranger to incubation, the Cloud Native Computing Foundation supports over a dozen projects. The big shots, Kubernetes and Prometheus, both graduated in 2018. Other well-known projects under the CNCF wing include Linkerd, Helm, containerd, and Rook.
Fun fact: Harbor is the first CNCF incubating project created in China!
Containers with Harbor
Harbor began its voyage as an internal project in China and was later opened sourced in 2016. Earlier in 2018 it entered the sandbox stage, and now just a few months later it is incubating. The numbers don’t lie with over 20,000 downloads and more than 1,000 users.
According to GitHub: “Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control and activity auditing.”
Further key features include:
- Multi-tenant content signing and validation
- Cloud native registry
- LDAP/AP group support for user authentication
- Security analysis and frequent vulnerability scanning
- Image deletion and garbage collection
- Image replication between instances
- Migrate multiple databases to a PostgreSQL database
- Identity integration and role-based access controls via ‘projects’
- Image authenticity ensured
- Graphical UI and user portal
- API driven. RESTful APIs for admin operations.
- Chinese and English support
Furthermore, the latest version includes Helm chart management. Its addition of Helm reflects Helm’s importance in Kubernetes orchestration. (It’s just a bonus coincidence that Helm is also a CNCF incubating project!) The Helm tool manages Kubernetes charts and streamlines Kubernetes applications. Helm charts work well with container images, so it is a match made in heaven.
Join the crew!
Ready to join Harbor on its journey? Follow these steps on GitHub to get started (including an online and offline installer for easier deployment).
The extensive user guide covers topics for users as well as system administrators.
For a hands on approach, experience the live demo. Or, watch the video demos – covering topics including how to manage Helm charts, replicate images, and vulnerability scanning. For extra help, the docs page also direct users looking for help on how to configure HTTSP for Harbor, deploy Harbor on Kubernetes, or how to upgrade and data migrate.
What’s on the roadmap for future releases? Harbor’s team plans to add quotas, replication, clustering, BitTorrent backed storage, one-click upgrade and much more.
Harbor welcomes community contributions and feedback, so if this project is up your alley feel free to help it along. So far, over 100 people have contributed. If you follow them onTwitter, you can stay updated on when Harbor hosts its bi-weekly community conference calls. Join and discuss their release plans and other topics of interest.
Who knows? Maybe one day we will see Harbor in a graduation cap alongside Kubernetes and Prometheus.