VMware Harbor Registry

VMware Harbor Registry is an enterprise-class registry server that stores and distributes container images. Harbor allows you to store and manage images for use with Pivotal Container Service (PKS).


Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity, and management. As an enterprise private registry, Harbor offers enhanced performance and security. Deploying a registry alongside the PKS environment improves image transfer efficiency.

Key Features

Harbor includes the following key features:

  • Replicate projects: Harbor supports images replication to replicate repositories from one Harbor instance to another.
  • Manage role by LDAP group: Harbor administrators can import an LDAP/AD group to Harbor and assign project roles to it.
  • Manage Labels: Harbor provides labels to isolate image resources globally or at the project level.
  • Manage Helm Charts: Harbor provides management of Helm charts isolated by projects and controlled by RBAC.
  • Integrated UAA Authentication: Harbor can share UAA authentication with PAS and PKS.
  • Role-Based Access Control: Users and repositories are organized into projects. Users can have different permissions for the images in different projects.
  • Policy-Based Image Replication: Images can be synchronized between multiple registry instances with auto-retry on errors, offering support for load balancing, high availability, multi-datacenter, hybrid, and multi-cloud scenarios.
  • Vulnerability Scanning: Harbor uses Clair to scan images regularly and warn users of vulnerabilities.
  • LDAP/Active Directory (AD) Support: Harbor integrates with enterprise LDAP/AD systems for user authentication and management.
  • Image Deletion and Garbage Collection: Images can be deleted and their space can be recycled.
  • Notary: Image authenticity can be ensured by using Docker Notary.
  • Graphical User Portal: Users can easily browse, search repositories, and manage projects.
  • Auditing: All the operations to the repositories are tracked.
  • RESTful API: RESTful APIs for most administrative operations, easy to integrate with external systems.

Versions and Compatibility

The following tables provide version and compatibility information for VMware Harbor Registry.

Element Details
Tile version v1.6.0
Release date September 27, 2018
Software component version v1.6.0
Compatible Ops Manager version(s) v2.1.x & v2.2.x
Compatible Pivotal Container Service (PKS) version(s) v1.1.x & v1.2.x
Compatible Pivotal Application Service (PAS) version(s) v2.1.x and v2.2.x
IaaS support vSphere, AWS, & GCP
IPsec support? No
Element Details
Tile version v1.5.2
Release date July 23, 2018
Software component version v1.5.2
Compatible Ops Manager version(s) v2.0.x and v2.1.x
Compatible Pivotal Container Service (PKS) version(s) v1.1.x
Compatible Pivotal Application Service (PAS) version(s) v2.0.x and v2.1.x
IaaS support vSphere and GCP
IPsec support? No


There are no special requirements for deploying VMware Harbor Registry.


  • You can configure the authentication source only once. You cannot change between UAA, LDAP, or local authentication after the initial deployment.
  • Email addresses must be unique. Two users cannot have the same email address.
  • Use the Google Chrome browser for the best results. There are known issues with some Firefox browser versions in this release.


If you have a feature request, questions, or information about a bug, contact Pivotal Cloud Foundry Feedback or send an email to Harbor.


Harbor is available under the following VMware EULA.

Create a pull request or raise an issue on the source for this page in GitHub