Step‑by‑Step Guide to Deploying an Enterprise‑Grade Harbor Private Registry
This article explains why enterprises need a private Docker registry, introduces the open‑source Harbor project, outlines its architecture and hardware/software requirements, and provides detailed installation, configuration, and usage instructions—including Docker, Docker‑Compose, and Harbor setup commands—to get a secure, CNCF‑certified container image repository up and running.
Although Docker Hub offers public image storage, many enterprises require a private, secure, and efficient registry; Harbor, an open‑source CNCF project, fulfills this need by providing role‑based access control, image scanning, replication, and multi‑tenant support.
Harbor’s architecture consists of core services (UI, token, webhook) plus auxiliary components such as Job Service, Log Collector, Nginx proxy, Docker Registry v2, and PostgreSQL, all deployed as Docker containers that can be managed with Docker‑Compose.
Recommended hardware: 4 CPU, 8 GB RAM, 160 GB disk; software: Docker ≥ 17.06.0‑ce, Docker‑Compose ≥ 1.18.0, OpenSSL latest version.
Installation steps:
1. Install Docker (omitted). 2. Install Docker‑Compose:
sudo curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose<br/>sudo chmod +x /usr/local/bin/docker-compose3. Verify Docker‑Compose: docker-compose version 4. Download and extract Harbor:
wget https://github.com/vmware/harbor/releases/download/v1.10.12/harbor-online-installer-v1.10.12.tgz<br/>tar -zxvf harbor-online-installer-v1.10.12.tgz5. Edit harbor.yml to set hostname, ports, certificates, admin password, database password, and data volume.
6. Run the installer: sh install.sh 7. Verify containers are healthy with: docker-compose ps After the services are up, access the web UI to create a private project, tag a local image, log in, and push it to Harbor:
Tag image: docker tag nginx:1.20 harbor.alex.com/mytest/nginx:1.20 Login:
docker login harbor.alex.com<br/>Username: admin<br/>Password: ******If using a self‑signed certificate, trust the CA:
cp ca.crt /etc/pki/ca-trust/source/anchors<br/>update-ca-trust extract<br/>systemctl restart dockerPush image: docker push harbor.alex.com/mytest/nginx:1.20 Following these steps enables a fully functional, secure Harbor registry that can be used by teams of any size to store and manage container images.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
DevOps Operations Practice
We share professional insights on cloud-native, DevOps & operations, Kubernetes, observability & monitoring, and Linux systems.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.