Feb 24, 2024
5 Min read

Getting started with 8gears container registry - a Harbor-based container registry as a service

In this tutorial, we will set up a container registry with 8gears container registry which is a Harbor-based container registry as a service.

Prerequisites

You need a computer with Docker and Git installed to complete this tutorial.

What is Harbor

Harbor is an open-source registry for securely storing cloud-native artifacts - binary objects used in the cloud-native software development life cycle.

Container images are a well-known type of artifact. The lesser-known types are Helm charts and Cloud Native Application Bundles (CNAB).

Note: Harbor supports OCI format artifacts. Helm project added OCI support in Helm 3 and made OCI the default format from Helm 3.8.0. To use Harbor as your Helm chart repository, you must use a Helm version newer than 3.8.0.

A Harbor registry plays an important role in both the CI and CD stages in a CICD pipeline. Harbor stores the container images built in the CI stage and makes those images available to Kubernetes clusters in the CD stage.

Harbor supports both LDAP and OIDC Provider authentication. With the role-based access control features in Harbor, you can define robust access control policies for your container images to allow or restrict access to members across multiple teams.

Self-hosting Harbor

You can have a private container registry in your on-premise cloud or the public cloud by setting up Harbor yourself. A self-hosted Harbor instance is not going to cost you anything other than the cloud infrastructure it consumes. But it will cost you time and effort to install Harbor and maintain - upgrade, apply security fixes, install bug fixes, backup, restore, etc.

A container registry is a vital piece in your CICD pipeline. Deployment frequency which is a key metric in DevOps, depends on the capability of your container registry to serve container images to your production Kubernetes clusters at scale. You cannot allow a poorly performing container registry to impact your DevOps metrics.

Harbor as a service

You can avoid the hassle of self-hosting and ensure your Harbor registry is always available and up to date by using Harbor registry as a service from 8gears container registry. The team at 8gears container registry includes the core contributors to the Harbor project. So they are technically competent to give you the best service.

8gears container registry offers a free tier to help you get started easily.

How to set up 8gears container registry

Let’s set up a container registry with the 8gears container registry free tier.

Sign up

Go to 8gears container registry.

Container registry sign up page.

Click on Pricing and click on SIGN UP in the free tier.

Sign in using your GitHub account or sign up with your email address.

After signing in you will get the Projects page with a list of projects.

Harbor UI home page.

In the 8gears container registry free tier you get one private project with your username. If you cannot see your private project, use the drop-down at the top right to filter the private projects.

Click on the project name. We do not have any repositories yet.

Harbor project page

Create robot account

To push an image to our registry with docker we need a robot account.

On the project page, click on the Robot accounts tab and click on the NEW ROBOT ACCOUNT button.

Harbor robot account tab

Type in dev as the username and select Never for the expiration time. Then click on ADD.

Harbor robot account username

On the next screen, copy the secret or export to a file and save it in a secure location. We’ll use it to log in to our container registry from the docker CLI.

Build and push image

Let’s build and push an image to our new container registry.

Clone repository.

git clone https://github.com/indikaimk/my-flask-app

Build container image.

docker build -t c8n.io/indikaimk/my-flask-app .

Note that we are using -t flag to tag the image c8n.io/<project-name>/my-flask-app so docker can find our repository to push. Make sure to use your project name in the container registry.

Login to the container registry. The username will be of the format robot_<project_name>+dev. Make sure to replace project_name with your project name.

docker login -u robot_indikaimk+dev c8n.io

Push container image.

docker push c8n.io/indikaimk/my-flask-app

Once the image upload is completed go to the repositories tab in the project to check the new container image.

Project repository with one image.

Upgrading to a paid plan

We have used the 8gears container registry free tier in this tutorial. We get a multi-tenant Harbor-based container registry in this free tier. It’s suitable for individuals and small teams.

8gears container registry offers a dedicated managed Harbor-based registry as a service for large teams. In this tier, you get the full set of Harbor’s user management and access control features.

Also, 8gears container registry offers a customized service where they will deploy and manage a Harbor registry on your preferred cloud infrastructure. If you want your container registry to be in the same private network with your other cloud infrastructure this option is for you.

Wrapping up

Harbor is an open-source container registry. It’s a CNCF graduated project and is actively developed and maintained.

Since it’s open-source software you can use the Harbor registry free of charge by self-hosting.

If self-hosting is too much of a hassle, 8gears container registry offers a Harbor-based container registry as a service. DockerHub is a popular container registry service from Docker. In an upcoming article, we will do a detailed comparison of DockerHub and Harbor to help you choose the best container registry for your use case.