Harbor

Harbor provides a self‑hosted, open‑source registry for container images and Helm charts, extending Docker Distribution with security‑focused features. It stores artifacts, applies role‑based access control through project‑level permissions, and integrates with LDAP/AD and OpenID Connect for enterprise authentication. The system can sign images and continuously scan them for vulnerabilities, enforcing policies that block insecure artifacts from being deployed.

The platform supports policy‑driven replication of images and charts between multiple registry instances, enabling load‑balancing, high availability, and multi‑datacenter deployments in hybrid or multi‑cloud environments. Replication jobs automatically retry on failure and can be filtered by repository, tag, or label. An extensible API and web UI allow administrators to manage users, projects, and audit activity across the registry.

Harbor runs on any Kubernetes cluster or Docker‑enabled host and is a CNCF Graduated project, offering compliance, performance, and interoperability for cloud‑native compute platforms such as Kubernetes and Docker.