Container Registry
1 open source tools compared. Sorted by stars — scroll down for our analysis.
| Tool | Stars | Velocity | Language | License | Score |
|---|---|---|---|---|---|
 Harbor Trusted cloud native container registry | 27.8k | +66/wk | Go | Apache License 2.0 | 79 |
Our Analysis
If you run containers and need a place to store your Docker images that isn't Docker Hub — with vulnerability scanning, access control, image signing, and replication — Harbor is an enterprise-grade container registry you host yourself. Harbor does what Docker Hub does, but on your infrastructure. Push images, pull images, scan them for CVEs (Trivy integration), sign them (Cosign/Notary), replicate them across registries, and control who can access what with RBAC. It's a CNCF graduated project used by serious Kubernetes operations. 28k stars, growing at 66/week. This is production infrastructure, not a toy. Completely free. Apache 2.0 license. No paid tier. Small teams running Kubernetes in production who need image security (vulnerability scanning, access control) should seriously consider Harbor. The alternative is trusting Docker Hub or paying for a cloud registry. The catch: Harbor is not lightweight. It runs PostgreSQL, Redis, and several microservices. Minimum recommended is 4 GB RAM and 2 CPUs. Setup is doable with Docker Compose or Helm, but maintaining it — backups, upgrades, storage management — is real ops work.