I work with Docker containers about 2.5 years, but only today I need a private registry for my private containers. At work we use Openshift's internal registry, also we have a public registry which opened for all people. I was completely sure that there are many solutions which satisfy my requirements:
- Multiple tenants/projects/namespaces
- Access sepration by roles
- Convenient representation and management
- Standalone product (without containers management, like Portainer or Shipyard)
But I was wrong.
It was my first choice, because I worked with Atomic Host and I had many positive impressions before. But after installation under Centos 7 I couldn't create projects, completely. Also I caught unpleasant behaviour during reinstallation. I decided to use Atomic Host (it was funny, but my old installation of Atomic Host couldn't upgrade itself, and ended with SELinux error. I installed a fresh version.) instead of Centos (the same installations steps, 1-1) and in the end I got the working product, almost. There wasn't possible to add user to specific group and others small errors. I stopped and decided to return to Atomic Registry later.
It's a product from Suse (it's suspicious). Guys forgot about containers (installation from RPM packages for Suse distros) and put all components on a host system. Apache, Docker registry, MariaDB - all these components work on the host. But I installed it, I solved some problems with permissions in "/srv/Portus", I raked links to certificates and ... left this product.
It was at the end of my list, because it's VMWare's product, but as a result of my "investigation" - this product works as expected without any problems. All components spread across containers and I welcome this method of distributions. Logs of operations, a replication between two and more Harbors, it works through one port (web management, Docker registry) - these features become a nice surprise. I stayed with Harbor.