home VS Harbor

From a server perspective, you make all user writable space noexec but that’s not very practical for desktop. I also configure a firewall with inbound and outbound rules, but that’s a bit more advanced than configuring fstab for new users. Although, I’m an admin I don’t like posting in admin subreddits.

github_wait_actions.sh

Reading the man page will blow your mind. You can make a bash e-book for easier reading outside of the terminal like a tablet.

Jenkins infrastructure relies on AWS features. It's uptime is maintained by an autoscaling group. The active half (say blue) sets desired capacity of green to 1 and follows up by setting its own ASG to desired capacity 0. AWS takes over from that point. Green waits for the volume to become available and if the volume is blue it takes a snapshot and waits for the snapshot to complete. After the snapshot completes it updates the AWS tag of the data volume from blue to green. Then, it hands off to this attach volume script. The script attaches, mounts the volume and sets up /etc/fstab in case of a reboot. After the storage is available then systemctl start jenkins.service is called.

Hmm, I'm using EBS as well. I use a script on the autoscaling EC2 instance which attaches EBS before starting Nexus.

On boot, EBS store is auto mounted and pulls secrets from secrets manager.

Functions take compound commands. People treat bash like other programming languages but it is more powerful at specific things. Functions can take more than {} which is unlike other programming languages.

cat << EOF wget \ https://github.com/goharbor/harbor/releases/download/v2.9.4/\ harbor-offline-installer-v2.9.4.tgz EOF

Now that you know a little more about Cosign, Notary, and DCT, we will take it one step further by using one of these tools: Cosign. For this example, we will use the simple Docker registry:2 reference image to run a simple registry. In a real-world scenario, a managed registry such as Harbor, Amazon ECR, Docker Hub, etc.

Have a look at harbor, you can also use it to follow the same methods for helm charts etc.

Or for something more advanced https://goharbor.io/

Look at https://goharbor.io/

You can host your own image repo if your feeling feisty. Harbor is a graduated project from the CNCF and they are also working on a new implementation called Dragonfly. https://goharbor.io/

Does anybody know whether there could be something like an open/libre container registry?

Maybe the cloud native foundation or the linux foundation could provide something like this to prevent vendor lock-ins?

I was coincidentially trying out harbor again over the last days, and it seems nice as a managed or self-hosted alternative. [1] after some discussions we probably gonna go with that, because we want to prevent another potential lock-in with sonarpoint's nexus.

Does anybody have similar migration plans?

[1] https://goharbor.io

2) Harbor instance registry