Harbor VS for-linux

cat << EOF wget \ https://github.com/goharbor/harbor/releases/download/v2.9.4/\ harbor-offline-installer-v2.9.4.tgz EOF

Now that you know a little more about Cosign, Notary, and DCT, we will take it one step further by using one of these tools: Cosign. For this example, we will use the simple Docker registry:2 reference image to run a simple registry. In a real-world scenario, a managed registry such as Harbor, Amazon ECR, Docker Hub, etc.

Have a look at harbor, you can also use it to follow the same methods for helm charts etc.

Or for something more advanced https://goharbor.io/

Look at https://goharbor.io/

You can host your own image repo if your feeling feisty. Harbor is a graduated project from the CNCF and they are also working on a new implementation called Dragonfly. https://goharbor.io/

Does anybody know whether there could be something like an open/libre container registry?

Maybe the cloud native foundation or the linux foundation could provide something like this to prevent vendor lock-ins?

I was coincidentially trying out harbor again over the last days, and it seems nice as a managed or self-hosted alternative. [1] after some discussions we probably gonna go with that, because we want to prevent another potential lock-in with sonarpoint's nexus.

Does anybody have similar migration plans?

[1] https://goharbor.io

2) Harbor instance registry

Software Version Description Docker Engine Version 20.10.10-ce+ or higher For installation instructions, see https://docs.docker.com/engine/installation/ Docker Compose docker-compose (v1.18.0+) or docker compose v2 (docker-compose-plugin) For installation instructions, see https://docs.docker.com/compose/install/ OpenSSL Latest is preferred Used to generate certificate and keys for Harbor

Install the Docker CLI.

Reading the GitHub issue about this is somewhat entertaining: https://github.com/docker/for-linux/issues/690

People are getting hacked a lot because of this, and docker doesn't seem to care all that much.

Docker: A tool for building, running, and managing Docker containers

possibly useful: https://github.com/docker/for-linux/issues/690 (Docker bypasses ufw firewall rules)

Sure - I work in an environment where I have to be on the VPN to access Snowflake. I also have to use Windows. The easiest dev environment for that is to install WSL2 and do the development in Ubuntu therein. However, the way that WSL2 manages Ubuntu is through some Windows host processes instead of the daemons that typically are used when you run Ubuntu. You can search around and find various reports about this - it manifests as "Cannot connect to the docker daemon." Here is one example from a quick search. On Windows, the way that you can easily get around that, if your org supports it, is to run Docker Desktop for Windows, which then manages that daemon process. That's all fine and good, but WSL has issues with routing traffic through VPNs for some reason. Again, here is a quick example of the type of things you'll find when you Google about this problem.

For a more universal configuration, setting the ip option in Docker's daemon.json file should tell Docker to only bind to that IP address. It does sound like there may be some bugs with this setting though, so your mileage may vary.

One workaround I've found is: https://github.com/docker/for-linux/issues/1437

Thank you. Your link is probably solution, it looks similar to the post I found before on github (and I was afraid to use it).