VMware Harbor Registry

VMware Harbor Registry is an enterprise-class registry server that stores and distributes container images. Harbor allows you to store and manage images for use with VMware Tanzu Kubernetes Grid Integrated Edition (TKGI).

Note: This documentation supports the Harbor v1.9.x, v1.10.x, and v2.0.x releases.

Overview

Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity, and management. As an enterprise private registry, Harbor offers enhanced performance and security. Deploying a registry alongside the TKGI environment improves image management efficiency.

Key Features

Harbor includes the following key features:

  • Replicate projects: Harbor supports images replication to replicate repositories from one Harbor instance to another.
  • Manage role by LDAP group: Harbor administrators can import an LDAP/AD group to Harbor and assign project roles to it.
  • Manage Labels: Harbor provides labels to isolate image resources globally or at the project level.
  • Manage Helm Charts: Harbor provides management of Helm charts isolated by projects and controlled by RBAC.
  • Integrated UAA Authentication: Harbor can share UAA authentication with VMware Tanzu Application Service for VMs (TAS for VMs) and TKGI.
  • Role-Based Access Control: Users and repositories are organized into projects. Users can have different permissions for the images in different projects.
  • Policy-Based Image Replication: Images can be synchronized between multiple registry instances with auto-retry on errors, offering support for load balancing, high availability, multi-datacenter, hybrid, and multi-cloud scenarios.
  • Vulnerability Scanning: Harbor uses Clair to scan images regularly and warn users of vulnerabilities.
  • LDAP/Active Directory (AD) Support: Harbor integrates with enterprise LDAP/AD systems for user authentication and management.
  • Image Deletion and Garbage Collection: Images can be deleted and their space can be recycled.
  • Notary: Image authenticity can be ensured by using Docker Notary.
  • Graphical User Portal: Users can easily browse, search repositories, and manage projects.
  • Auditing: All the operations to the repositories are tracked.
  • RESTful API: RESTful APIs for most administrative operations, easy to integrate with external systems.

Releases

Refer to the release notes information on Harbor Registry releases, including versions, compatibility, features, requirements, known issues, and limitations.

Feedback

If you have a feature request, questions, or information about a bug send an email to Harbor.

License

Harbor is available under the following VMware EULA.