Harbor incubation proposal #163
Conversation
Signed-off-by: clouderati <35942204+clouderati@users.noreply.github.com>
|
RFC @cncf/toc |
|
Here's an incubation presentation from the Harbor community: https://docs.google.com/presentation/d/1aBQnE96kKatc1_t3E97lJBwiWvL-3GTitojuv-nWMuo/edit?usp=sharing |
|
+1 Congrats on the solid production adoption, release cadence and on growing your contributor and maintainer base. Looking forward to extending core maintainers beyond VMWare, publishing the results of your security reviews, and progressing towards graduation. |
|
+1 |
|
@quinton-hoole-2 @kenowens12 Did sufficient technical diligence occur when Harbor entered the Sandbox, or should that be done now? |
|
I looked at it closely at the time of entering the Sandbox (I actually
suggested that they enter at incubation level, but they elected not to),
and also more recently.
I have some questions around SPOF handling that I'm busy getting resolved,
but I don't think that those are incubation blockers.
Q
…On Mon, Nov 5, 2018 at 6:39 PM Brian Grant ***@***.***> wrote:
@quinton-hoole-2 <https://github.com/quinton-hoole-2> @kenowens12
<https://github.com/kenowens12> Did sufficient technical diligence occur
when Harbor entered the Sandbox, or should that be done now?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#163 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ApoAeK6iZgNUhxlEZAD1jknvh8rhG9vRks5usPZVgaJpZM4XaHVL>
.
--
Quinton Hoole
quinton@hoole.biz
|
|
+1 |
|
First let me just say I think Harbor works great and I absolutely am happy that it exists as an open source project. I don't know of another open source container registry that has as many features or checks as many boxes as Harbor. I also have never done any development on the product so I have no clue what the code is like. I hope this feedback helps the product improve and I by no means mean this as an attack on the developers of Harbor. What I have done is run multiple instances of Harbor in development environments (both directly on a VM and in containers) as well as used it as an end user in a production environment (provisioned in a PKS environment). I have experience with running the docker-registry and using Quay, gcr, ecr, and Gitlab's container registry. My only objection with Harbor is its inclusion as a promoted CNCF project. My opinion is the CNCF should only be promoting projects that promote workflows, development practices, and operational overhead that encourage certain ways of working for building and maintaining software and infrastructure. From my experience Harbor does not live up to my perceived standards for CNCF projects. Just for clarification, Harbor isn't the only project I feel this way about. It just happens to be the topic at hand. My main complaints come from my limited use of Harbor as an operator and user. The basic install has you download the .tar file, extract it, edit the harbor.cfg, and then run an I had to repeat this process multiple times to get my harbor.cfg file with all the right settings for my environment and in some cases I gave up because the manual steps (e.g. TLS) seemed way to manual even though they are (or should be) required for a default installation. The installation on Kubernetes was a similar experience with an optional manual import of container images onto k8s worker nodes, a As for being a user of Harbor there are some bugs we've found and some oddities that wouldn't exclude my vote to make it a CNCF incubation project but I have not yet done my due diligence to make sure issues exist for those problems or missing features I would like to see. The only issue that maybe stood out is user accounts and the ability to automate Harbor with API keys/sessions. My team could not find a way to create a robot account for API access and automation purposes. We had to create standard user accounts which was a step backward from our experience with Quay. This also doesn't promote the workflows I think should be a top priority for CNCF projects. I have no idea about install base and usage of Harbor outside of the ADOPTERS.md but I don't think that should be a selling point for some projects when it's bundled with other software (e.g. PKS) or inside very large organizations which likely run one of everything. My personal experience has show that big organizations will run Docker Enterprise, Quay, docker registry, harbor, and probably a few in house built tools. Having adoption at one is no longer a selling point to me. Again, I'm very glad Harbor exists. I'm thrilled that it's an open source option! I just have reservations about making it a promoted CNCF project because of my experience and personal convictions about what should be included as a project under the CNCF. |
|
+1 non-binding |
|
+1 non-binding Our company has deployed harbor in the prod environment, the number of kubernetes nodes is 200+, the number of applications is 400+, the number of the image is 4000+, and the cluster size is growing rapidly. Harbor is a very important part of our CICD process. We call the harbor API to implement full lifecycle management of the image. Harbor provides HA mode, with shared storage, shared Postgres database and SLB, we can ensure the availability of Image pull/push service. |
|
+1 non-binding |
|
+1 non-binding Harbor facilitates the workflow of CI/CD process in our company. |
|
+1 non-binding
moooofly <notifications@github.com> 于2018年11月9日周五 上午11:47写道:
…
- non-binding
Harbor facilitates the workflow of CI/CD process in our company.
|
|
+1 |
|
+1 binding TOC votes (6/9): |
|
+1 nb |
Harbor incubation review for Technical Oversight Committee.