Getting Started with VMware Harbor Registry
This topic describes VMware Harbor Registry, an enterprise-class image registry server that stores and distributes container images for Pivotal Container Service (PKS).
Harbor allows you to store and manage container images for your PKS deployment. Deploying an image registry alongside PKS improves image transfer speed.
As an enterprise private registry, Harbor also offers enhanced performance and improved security. By configuring Harbor with PKS, you can apply enterprise features to your image registry, such as security, identity, and management.
You can install Harbor alongside PKS on vSphere, Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.
To install Harbor, do the following:
- Install PKS. See the Installing PKS topic for your cloud provider.
- Install Harbor. See Installing and Configuring VMware Harbor Registry.
Before you can push images to Harbor, you must do the following:
- Configure authentication and role-based access control (RBAC) for Harbor. See Role Based Access Control (RBAC) in the Harbor User Guide on GitHub.
- Create a Harbor project that contains all repositories for your app. See Managing projects in the Harbor User Guide on GitHub.
After you configure Harbor, you can do the following:
- Push or pull Docker images to your Harbor project using the Docker command-line interface (CLI). See Pulling and pushing images using Docker client in the Harbor User Guide on GitHub.
- Manage Helm charts in your Harbor project using either the Harbor portal or the Helm CLI. See Manage Helm Charts in the Harbor User Guide on GitHub.
- Install Clair to enable vulnerability scanning for images stored in Harbor. See Step 8: Configure Container Vulnerability Scanning Using Clair in Installing and Configuring VMware Harbor Registry.
For more information about managing images in Harbor, see the User Guide in the Harbor repository on GitHub.
As a Harbor administrator, you can manage the following in the Harbor portal:
- Authentication: Select either local user authentication or configure LDAP/Active Directory integration. If you select local user authentication, you can enable or disable user self-registration.
- Users and roles: Manage privileges for Harbor users.
- Email settings: Configure a mail server for user password resets.
- Project creation: Specify which users can create projects.
- Registry permissions: Manage permissions for image registry access.
- Endpoints: Add and remove image registry endpoints.
- Replication policies: Add and remove rules for replication jobs.
For more information about managing Harbor as an administrator, see Administrator options in the Harbor User Guide on GitHub.
Please send any feedback you have to firstname.lastname@example.org.