The scope of this task is to set up a harbor registry for test if it can deliver what we are looking for as a Docker registry.
On paper it has potential, following a list of requirements that seems to be fulfilled and/or missing.
- [X] Multitenacy builtin (https://github.com/goharbor/harbor/blob/master/docs/user_guide.md#managing-user)
- [X] LDAP integration (https://github.com/goharbor/harbor/blob/master/docs/user_guide.md#managing-role-by-ldap-group)
- [ ] HA ready, multiple instances of harbor can be used for pulling and pushing.
- [X] Swift backend for storage
- [X] Garbage collection of images
- [X] Has support for cross-instance replication (multi-dc too), useful for setting up public/private registry
- [X] Has support for read-only builtin (we could also separate the public and private instances this way)
- [X] Can integrate with notary for image verification.
- [X] Can integrate with Clair for image security static analysis.
- [ ] Exposes metrics over prometheus format.
In order to set the testing harbor instance, the following needs to be done:
- [ ] package harbor (it seems that the default installation is over docker-compose)
- [ ] set up a new instance for docker-registry-harbor
- [ ] make some performance/ stress test.
- [ ] expose metrics from the registry, harbor does not expose any internal metric so we might need something else to get metrics.
- Number of pulls from given image.
- Size of image
- Number of pushes per second
- Number of API requests
- 5XX from registry API