Harbour is, by all definitions, a superior docker registry for our needs:
- It has multitenancy builtin
- Can (quite easily) integrate with LDAP
- Is thought to work in multiple instances
- Has native support for Swift including removal of old images and TLS if supported https://docs.docker.com/registry/storage-drivers/swift/
- Has support for cross-instance replication (multi-dc too)
- Has support for read-only builtin (we could also separate the public and private instances this way)
- Can use clair to scan images for vulnerabilities
- Has an api that is richer than the original docker one, with client libraries in python
I think we should start testing it out ASAP, before migrating our registry becomes too complex.