Harbor is an enterprise-grade container registry with security scanning and access control.
What You Get for Free
- OCI-compatible registry — Docker images, Helm charts, OCI artifacts
- Vulnerability scanning — Trivy integration, scan images on push
- RBAC — projects, users, roles, robot accounts
- Replication — sync images between registries (pull/push)
- Quotas — per-project storage limits
- Immutable tags — prevent image overwriting
- Proxy cache — cache Docker Hub images locally
- Audit logs — who pushed/pulled what, when
- OIDC/LDAP — enterprise SSO integration
- CNCF Graduated — production-ready, used by major companies
Quick Start
# Download offline installer
wget https://github.com/goharbor/harbor/releases/download/v2.11.0/harbor-offline-installer-v2.11.0.tgz
tar xzf harbor-offline-installer-v2.11.0.tgz
cd harbor
# Configure
cp harbor.yml.tmpl harbor.yml
# Edit harbor.yml: set hostname, HTTPS certs
# Install
./install.sh --with-trivy
Why Teams Choose It
Docker Hub rate limits pulls (100/6hrs anonymous). ECR/GCR charge for storage:
- Harbor is free — unlimited storage, unlimited pulls
- Security scanning — every image scanned automatically
- RBAC — control who can push to production images
- CNCF backed — same trust level as Kubernetes itself
A company hit Docker Hub rate limits during a deployment, causing a production outage. They deployed Harbor, configured it as a Docker Hub proxy cache — pull limits eliminated, plus every image now gets scanned for CVEs before deployment.
Need Custom Data Solutions?
I build production-grade scrapers and data pipelines for startups, agencies, and research teams.
Browse 88+ ready-made scrapers on Apify → — Reddit, HN, LinkedIn, Google, Amazon, and more.
Custom project? Email me: spinov001@gmail.com — fast turnaround, fair pricing.
Top comments (0)