6f335bdb1a
This change involves using non-root user to run the process of the docker images. Also made update in Dockerfile to make the containers support "read-only" and introduce "HEALTHCHECK". Note the "read-only" options are not enabled in docker-compose, to cover the very corner case when user wants to update the container filesystem manually. Remove read only option from docker-compose template by default |
||
---|---|---|
.github | ||
contrib | ||
docs | ||
make | ||
src | ||
tests | ||
tools | ||
.drone.yml | ||
.drone.yml.sig | ||
.gitignore | ||
.gitmessage | ||
.travis.yml | ||
AUTHORS | ||
CHANGELOG.md | ||
CONTRIBUTING.md | ||
LICENSE | ||
Makefile | ||
NOTICE | ||
partners.md | ||
README.md | ||
ROADMAP.md | ||
VERSION |
Harbor
Note: The master
branch may be in an unstable or even broken state during development.
Please use releases instead of the master
branch in order to get stable binaries.
Project Harbor is an enterprise-class registry server that stores and distributes Docker images. Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security. Having a registry closer to the build and run environment improves the image transfer efficiency. Harbor supports the setup of multiple registries and has images replicated between them. In addition, Harbor offers advanced security features, such as user management, access control and activity auditing.
Features
- Role based access control: Users and repositories are organized via 'projects' and a user can have different permission for images under a project.
- Policy based image replication: Images can be replicated (synchronized) between multiple registry instances, with auto-retry on errors. Great for load balancing, high availability, multi-datacenter, hybrid and multi-cloud scenarios.
- Vulnerability Scanning: Harbor scans images regularly and warns users of vulnerabilities.
- LDAP/AD support: Harbor integrates with existing enterprise LDAP/AD for user authentication and management.
- Image deletion & garbage collection: Images can be deleted and their space can be recycled.
- Notary: Image authenticity can be ensured.
- Graphical user portal: User can easily browse, search repositories and manage projects.
- Auditing: All the operations to the repositories are tracked.
- RESTful API: RESTful APIs for most administrative operations, easy to integrate with external systems.
- Easy deployment: Provide both an online and offline installer.
Install & Run
System requirements:
On a Linux host: docker 1.10.0+ and docker-compose 1.6.0+ .
Download binaries of Harbor release and follow Installation & Configuration Guide to install Harbor.
Refer to User Guide for more details on how to use Harbor.
Community
Slack: Join Harbor's community for discussion and ask questions: VMware {code}, Channel: #harbor.
Email: harbor@vmware.com .
More info on partners and users.
Contribution
We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our FAQ. Contact us for any questions: harbor@vmware.com .
Demos
- Content Trust ( youtube , Tencent Video )
- Role Based Access Control ( youtube , Tencent Video )
- Vulnerability Scanning ( youtube , Tencent Video )
- Image Replication ( youtube , Tencent Video )
- VMworld 2017 ( youtube )
License
Harbor is available under the Apache 2 license.
This project uses open source components which have additional licensing terms. The official docker images and licensing terms for these open source components can be found at the following locations:
- Photon OS 1.0: docker image, license
- MySQL 5.6: docker image, license
Commercial Support
If you need commercial support of Harbor, please contact us for more information: harbor@vmware.com .