Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image Distribution 6 High Availability of Registry Agenda 1 Container Image Basics 2 Project Harbor Harbor Introduction 3 Consistency of Images 4 Security 5 Image Distribution 6 High Availability of Registry Lifecycle of Containers and Images 5 Images Containers Stop Start Restart Run Commit control and other image management Registry - Key Component to Manage Images Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image Distribution 6

Harbor 3 Image Consistency 4 Image Security 5 Image Distribution 6 Registry Robustness / High Availability 4 Agenda 1 Containers 101 2 Introduction to Harbor 3 Image Consistency 4 Image Security Security 5 Image Distribution 6 Registry Robustness / High Availability 5 6 Images Containers Stop Start Restart Run Commit Dockerfile Build tag tar archive Save Load Push Registry Images Pull of Containers and Images Agenda 1 Containers 101 2 Introduction to Harbor 3 Image Consistency 4 Image Security 5 Image Distribution 6 Registry Robustness / High Availability 8 • Created by VMware

management & access control • RBAC: admin, developer, guest • AD/LDAP integration • Policy based image replication • Web UI ( 中文 and English) • Audit and logs • Restful API for integration • Lightweight instance Image Replication between Registry Instances 16 Project Images Policy Image Project Images Initial replication Image Incremental replication (including image deletion) Image Replication Replication Use Case(1) • Image distribution for large cluster • Load balancing 17 Master – Slave Docker Client push Docker host Docker host pull Docker host Docker host Docker host Docker

PROD DEV SVT Verify Registry Registry Registry Registry UT Build Commit Environment image image image image Image Management through Pipeline Distributions Multiple teams Multiple roles Availability ������ Helm Chart�� Helm Chart�� ������������� Harbor�� API Routing Core Service (API/Auth/GUI) Image Registry Trusted Content Vulnerability Scanning Job Service Admin Service Harbor components VMware, Inc. Replication Policy DISTRIBUTION ���� • �������� • ������� • ������� • ���� ���� Image Replication • ���� • ���� • ���� • ����� • ������ ���� Initial Replication Incremental ���

PROD DEV SVT Verify Registry Registry Registry Registry UT Build Commit Environment image image image image Image Management through Pipeline Distributions Multiple teams Multiple roles Availability ������ Helm Chart�� Helm Chart�� ������������� Harbor�� API Routing Core Service (API/Auth/GUI) Image Registry Trusted Content Vulnerability Scanning Job Service Admin Service Harbor components VMware, Inc. Replication Policy DISTRIBUTION ���� • �������� • ������� • ������� • ���� ���� Image Replication • ���� • ���� • ���� • ����� • ������ ���� Initial Replication Incremental ���

Users and Partners (selected) x x Main Features 6 Web Portal • Based on open source Clarity • Image operation full capabilities • Batch operations Restful API • Complete API for integration • Swagger user experiences with image management Multi Deployments • Docker Compose • BOSH/Pivotal Tile • Helm Chart Label • Label in project and system scopes • Mark labels to image and chart Harbor Architecture Architecture API Routing API Routing Core Service (API/Auth/GUI) Image Registry Trusted Content Vulnerability Scanning Job Service Admin Service Harbor components 3rd party components SQL

设置漏洞级别阈值；超过阈值的镜像 无法下载 • 设置内容信任 镜像复制 22 Project Images Policy Image Project Images 初始复制 Image 增量复制 (含镜像删除复制) 复制策略管理 用二进制格式确保镜像一致性 24 Dev Registry CI Git

c、支持 、支持LDAP： ：Harbor的用户授权可以使用已经存在 的用户授权可以使用已经存在LDAP用户 用户 d、镜像删除 、镜像删除 & 垃圾回收： 垃圾回收：Image可以被删除并且回收 可以被删除并且回收Image占用的空间，绝大部分的用户操作 占用的空间，绝大部分的用户操作API， ， 方便 方便 用户对系统进行扩展 用户对系统进行扩展 e、用户 、用户UI：用户可以轻松的浏览、搜索镜像仓库以及对项目进行管理