Solutions
Audit & Optimization Platform Design Automation Team Structure
Documentation Blog
Get Started
Container Registry 2020

Harbor 2.0: OCI Artifacts and Enhanced Security

K8s Guru
2 min read
#harbor #container-registry #security #kubernetes #oci #vulnerability-scanning
Harbor 2.0: OCI Artifacts and Enhanced Security

Table of Contents

Introduction

In real-world Kubernetes platforms, the “container registry” quickly becomes more than a place to push images. It turns into a choke point for security, supply-chain hygiene, and availability — especially once you run multiple clusters, multiple environments, or operate in regulated networks.

Harbor 2.0, released on April 15, 2020, leaned into that reality. With support for OCI (Open Container Initiative) artifacts, stronger security primitives, and improved replication, Harbor moves closer to being a centralized system for managing and governing the artifacts your clusters depend on.

Why this matters in practice

  • Fewer “mystery deploys”: consistent scanning and access controls make it easier to explain what was deployed and who/what pushed it.
  • One home for cloud-native artifacts: OCI artifact support reduces the sprawl of “charts over here, images over there”.
  • Better multi-cluster operations: replication isn’t just “nice-to-have” — it’s how you keep clusters working during registry outages, connectivity issues, or regional constraints.

OCI Artifact Support

  • OCI compatibility enables storing and managing OCI artifacts beyond container images.
  • Helm charts support allows managing Helm charts alongside container images.
  • Artifact management provides unified storage for different types of cloud-native artifacts.
  • Registry API enhancements improve compatibility with OCI distribution specification.

Security Enhancements

  1. Vulnerability scanning improvements provide more accurate and comprehensive security assessments with Trivy integration.
  2. Robot accounts enable programmatic access with fine-grained permissions for CI/CD pipelines.
  3. Image signing enhancements improve verification of image authenticity and integrity.
  4. Access control improvements provide better RBAC and policy enforcement.
  5. Secret management integration enables secure credential storage and rotation.

Replication Improvements

  • Multi-registry support enables replication across multiple Harbor instances and cloud registries.
  • Performance optimizations reduce replication latency and improve throughput.
  • Filtering capabilities allow selective replication based on tags, labels, and namespaces.
  • Scheduling support enables scheduled replication for backup and disaster recovery.

Getting Started

helm repo add harbor https://helm.goharbor.io
helm install harbor harbor/harbor

Configure OCI artifact support:

apiVersion: v1
kind: ConfigMap
metadata:
  name: harbor-config
data:
  registry:
    storage:
      oci: "true"

Summary

AspectDetails
Release DateApril 15, 2020
Headline FeaturesOCI artifact support, enhanced security, improved replication
Why it MattersProvides enterprise-grade container registry with comprehensive artifact management

Harbor 2.0 continues to evolve as the standard for enterprise container registries, providing teams with secure, compliant artifact management for Kubernetes deployments.