Harbor Registry
Enterprise-class container registry with security scanning.
Overview
Harbor is an open-source, cloud-native container registry platform that extends Docker Distribution with enterprise-grade security, compliance, and management features. Originally developed by VMware and now a CNCF graduated project, Harbor provides vulnerability scanning, content signing, role-based access control, and image replication capabilities that make it essential for organizations requiring secure container image management. While the full Harbor installation requires downloading the official installer from GitHub releases, this configuration demonstrates a simplified registry setup that can serve as a foundation before upgrading to the complete Harbor platform.
This stack provides a basic Docker registry service that stores and distributes container images locally, operating on port 5000 with persistent volume storage for image data. The simple registry serves as an entry point to understanding container registry concepts before implementing Harbor's advanced security and management features. The configuration establishes the groundwork for teams who need private image storage and plan to enhance their setup with Harbor's vulnerability scanning, RBAC policies, and audit logging.
Enterprise development teams, DevOps engineers managing multiple container environments, and organizations with strict compliance requirements will benefit most from this approach. Security-conscious teams who need to scan images for vulnerabilities, implement granular access controls, and maintain audit trails for container deployments should consider upgrading to the full Harbor installation after testing with this basic registry setup.
Key Features
- Private container image storage with Docker Distribution v2 API compatibility
- Persistent volume storage ensuring image data survives container restarts
- Foundation for Harbor's vulnerability scanning and security policy enforcement
- Local registry eliminating dependency on external services like Docker Hub
- Preparation for Harbor's role-based access control and multi-tenancy features
- Base setup for implementing Harbor's image replication across multiple registries
- Support for Docker's content trust and image signing workflows
- Ready for integration with Harbor's webhook notifications and audit logging
Common Use Cases
- 1Development teams needing private image storage before implementing full Harbor security features
- 2Organizations testing container registry workflows prior to production Harbor deployment
- 3CI/CD pipelines requiring local image caching and distribution during build processes
- 4Air-gapped environments where external registry access is restricted or prohibited
- 5Proof-of-concept deployments evaluating Harbor's enterprise registry capabilities
- 6DevOps teams establishing registry infrastructure before adding vulnerability scanning requirements
- 7Companies preparing for compliance audits that will require Harbor's detailed access logging
Prerequisites
- Minimum 2GB RAM available for registry operations and future Harbor upgrade
- Docker and Docker Compose installed with registry push/pull capabilities
- Port 5000 available and accessible for registry API and image operations
- Sufficient disk space for container image storage (recommend 20GB+ for testing)
- Understanding of Docker image tagging and push/pull workflows
- Familiarity with Harbor installation process for future platform upgrade
For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms
docker-compose.yml
docker-compose.yml
1# Harbor requires its own installer2# Download from https://github.com/goharbor/harbor/releases3# This is a simplified example4services: 5 registry: 6 image: registry:27 container_name: registry8 restart: unless-stopped9 volumes: 10 - registry_data:/var/lib/registry11 ports: 12 - "5000:5000"1314volumes: 15 registry_data: .env Template
.env
1# For full Harbor, download and run installerUsage Notes
- 1Docs: https://goharbor.io/docs/
- 2Full Harbor: download installer from GitHub releases
- 3Simple registry shown here at localhost:5000
- 4Push: docker tag myimage localhost:5000/myimage && docker push localhost:5000/myimage
- 5Harbor adds: vulnerability scanning, RBAC, replication
- 6For full Harbor, run: ./install.sh after configuring harbor.yml
Quick Start
terminal
1# 1. Create the compose file2cat > docker-compose.yml << 'EOF'3# Harbor requires its own installer4# Download from https://github.com/goharbor/harbor/releases5# This is a simplified example6services:7 registry:8 image: registry:29 container_name: registry10 restart: unless-stopped11 volumes:12 - registry_data:/var/lib/registry13 ports:14 - "5000:5000"1516volumes:17 registry_data:18EOF1920# 2. Create the .env file21cat > .env << 'EOF'22# For full Harbor, download and run installer23EOF2425# 3. Start the services26docker compose up -d2728# 4. View logs29docker compose logs -fOne-Liner
Run this command to download and set up the recipe in one step:
terminal
1curl -fsSL https://docker.recipes/api/recipes/harbor-registry/run | bashTroubleshooting
- Push operation fails with 'connection refused': Ensure registry container is running and port 5000 is accessible
- Images disappear after container restart: Verify registry_data volume is properly mounted and persistent
- Cannot pull images with 'repository not found': Check image was tagged with localhost:5000/ prefix before pushing
- Registry returns 404 for existing images: Confirm volume permissions allow registry user to write image data
- Harbor installer fails after registry testing: Stop simple registry container before running Harbor's install.sh script
- Docker daemon cannot connect to registry: Add localhost:5000 to Docker's insecure-registries configuration
Community Notes
Loading...
Loading notes...
Download Recipe Kit
Get all files in a ready-to-deploy package
Includes docker-compose.yml, .env template, README, and license
Ad Space
Shortcuts: C CopyF FavoriteD Download