Getting started with 8gears container registry - a Harbor-based container registry as a service
In this tutorial, we will set up a container registry with 8gears container registry which is a Harbor-based container registry as a service.
Prerequisites
You need a computer with Docker and Git installed to complete this tutorial.
What is Harbor
Harbor is an open-source registry for securely storing cloud-native artifacts - binary objects used in the cloud-native software development life cycle.
Container images are a well-known type of artifact. The lesser-known types are Helm charts and Cloud Native Application Bundles (CNAB).
A Harbor registry plays an important role in both the CI and CD stages in a CICD pipeline. Harbor stores the container images built in the CI stage and makes those images available to Kubernetes clusters in the CD stage.
Harbor supports both LDAP and OIDC Provider authentication. With the role-based access control features in Harbor, you can define robust access control policies for your container images to allow or restrict access to members across multiple teams.
Self-hosting Harbor
You can have a private container registry in your on-premise cloud or the public cloud by setting up Harbor yourself. A self-hosted Harbor instance is not going to cost you anything other than the cloud infrastructure it consumes. But it will cost you time and effort to install Harbor and maintain - upgrade, apply security fixes, install bug fixes, backup, restore, etc.
A container registry is a vital piece in your CICD pipeline. Deployment frequency which is a key metric in DevOps, depends on the capability of your container registry to serve container images to your production Kubernetes clusters at scale. You cannot allow a poorly performing container registry to impact your DevOps metrics.
Harbor as a service
You can avoid the hassle of self-hosting and ensure your Harbor registry is always available and up to date by using Harbor registry as a service from 8gears container registry. The team at 8gears container registry includes the core contributors to the Harbor project. So they are technically competent to give you the best service.
8gears container registry offers a free tier to help you get started easily.
How to set up 8gears container registry
Let’s set up a container registry with the 8gears container registry free tier.
Sign up
Go to 8gears container registry.
Click on Pricing
and click on SIGN UP
in the free tier.
Sign in using your GitHub account or sign up with your email address.
After signing in you will get the Projects page with a list of projects.
In the 8gears container registry free tier you get one private project with your username. If you cannot see your private project, use the drop-down at the top right to filter the private projects.
Click on the project name. We do not have any repositories yet.
Create robot account
To push an image to our registry with docker
we need a robot account.
On the project page, click on the Robot accounts
tab and click on the NEW ROBOT ACCOUNT
button.
Type in dev
as the username and select Never
for the expiration time. Then click on ADD
.
On the next screen, copy the secret or export to a file and save it in a secure location. We’ll use it to log in to our container registry from the docker
CLI.
Build and push image
Let’s build and push an image to our new container registry.
Clone repository.
git clone https://github.com/indikaimk/my-flask-app
Build container image.
docker build -t c8n.io/indikaimk/my-flask-app .
Note that we are using -t
flag to tag the image c8n.io/<project-name>/my-flask-app
so docker can find our repository to push. Make sure to use your project name in the container registry.
Login to the container registry. The username will be of the format robot_<project_name>+dev
. Make sure to replace project_name
with your project name.
docker login -u robot_indikaimk+dev c8n.io
Push container image.
docker push c8n.io/indikaimk/my-flask-app
Once the image upload is completed go to the repositories tab in the project to check the new container image.
Upgrading to a paid plan
We have used the 8gears container registry free tier in this tutorial. We get a multi-tenant Harbor-based container registry in this free tier. It’s suitable for individuals and small teams.
8gears container registry offers a dedicated managed Harbor-based registry as a service for large teams. In this tier, you get the full set of Harbor’s user management and access control features.
Also, 8gears container registry offers a customized service where they will deploy and manage a Harbor registry on your preferred cloud infrastructure. If you want your container registry to be in the same private network with your other cloud infrastructure this option is for you.
Wrapping up
Harbor is an open-source container registry. It’s a CNCF graduated project and is actively developed and maintained.
Since it’s open-source software you can use the Harbor registry free of charge by self-hosting.
If self-hosting is too much of a hassle, 8gears container registry offers a Harbor-based container registry as a service. DockerHub is a popular container registry service from Docker. In an upcoming article, we will do a detailed comparison of DockerHub and Harbor to help you choose the best container registry for your use case.