Harbor + Kubernetes = Self-Hosted Container Registry

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • Mergify - Updating dependencies is time-consuming.
  • SonarQube - Static code analysis for 29 languages.
  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    Besides making it possible to host your Docker registry yourself, Harbor also comes with a variety of other nice features, many of them related to improving security. With your images hosted in Harbor, you can set up vulnerability scanning to make sure that you are aware of all the vulnerabilities present in your images. This is accomplished via open-source projects Trivy and Clair. You can use the severity levels to decide what images are allowed to be used, for example, restricting any images containing severe vulnerabilities. On top of that, Harbor also provides support for general supply chain security, signing images, and much more.

  • clair

    Vulnerability Static Analysis for Containers [Moved to: https://github.com/quay/clair] (by coreos)

    Besides making it possible to host your Docker registry yourself, Harbor also comes with a variety of other nice features, many of them related to improving security. With your images hosted in Harbor, you can set up vulnerability scanning to make sure that you are aware of all the vulnerabilities present in your images. This is accomplished via open-source projects Trivy and Clair. You can use the severity levels to decide what images are allowed to be used, for example, restricting any images containing severe vulnerabilities. On top of that, Harbor also provides support for general supply chain security, signing images, and much more.

  • InfluxDB

    Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

  • kubernetes

    Production-Grade Container Scheduling and Management

    Harbor is the solution if you want to self-host a container registry for Docker images. It was developed initially inside of VMware but has since been adopted by CNCF. Today, it lives as an open-source tool, aiming to give users as many features as possible while still being free. In this tutorial, you’ll be shown how to get it up and running inside of Kubernetes.

  • helm

    The Kubernetes Package Manager

    Helm 3 for installing Harbor

  • Harbor

    An open source trusted cloud native registry project that stores, signs, and scans content.

    Harbor is the solution if you want to self-host a container registry for Docker images. It was developed initially inside of VMware but has since been adopted by CNCF. Today, it lives as an open-source tool, aiming to give users as many features as possible while still being free. In this tutorial, you’ll be shown how to get it up and running inside of Kubernetes.

  • Mergify

    Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts