Mirantis named a Challenger in 2024 Gartner® Magic Quadrant™ for Container Management  |  Learn More

< BLOG HOME

Mirantis Moves to CNCF Harbor for Mirantis Secure Registry (MSR)

image

Mirantis Secure Registry began life back in 2015 as Docker Trusted Registry. For many years, it was state of the art – anchoring container development as part of the Docker Enterprise ecosystem and (post acquisition by Mirantis in 2019) as the secure enterprise registry for Mirantis Container Runtime, and Mirantis Kubernetes Engine.

Now we’re excited to announce a major step forward for Mirantis Secure Registry (MSR) as we transition the upstream open source core of MSR to CNCF Harbor, an open source project that now leads the on-premises enterprise container registry sector. This move represents a reinvestment in community-driven open source, and aligns MSR with a robust and thriving upstream ecosystem. By leveraging Harbor, we’re empowering MSR customers with new, powerful capabilities. By contributing to Harbor, we hope Mirantis expertise will, in turn, benefit the broad community of CNCF Harbor users.

Easy Upgrades, Extensibility, Analytics

At the heart of this decision is our commitment to providing customers with the tools they need for greater control and security in their containerized environments, and greater freedom of choice, with less toil. An obvious and immediate benefit: CNCF Harbor enables in-place upgrades instead of (comparatively laborious) migrations, saving labor, speeding the upgrade process, and making it much easier for users to stay current.

Harbor’s scanner portability architecture, meanwhile, lets users integrate any security scanner they prefer-- an option previously unavailable in MSR. This offers users greater flexibility in constructing secure software supply chains, lets users comply with regulatory standards and with their organizations’ internal standards, and enables customizing the scanning function to meet demanding use-case requirements..

CNCF Harbor’s rich feature set extends beyond security, too. Customers can now take advantage of advanced features like quotas and an enhanced job runner service, enabling deeper insights and analytics into their containerized environments. This opens up opportunities for more proactive management, letting organizations fine-tune their container registry operations based on real-time metrics and analysis.

MSR: Unleashing the Power of Enterprise-Grade Container Security

In today’s fast-evolving landscape, container security is paramount for enterprises managing cloud-native applications. Mirantis Secure Registry (MSR), built on Harbor (http://www.goharbor.io), delivers a comprehensive suite of features designed to safeguard containerized workloads while maintaining seamless performance and scalability. Here’s why these features matter to businesses:

Preventing Vendor Lock-In and Enabling Flexibility

Built on Harbor, an open-source project, MSR gives enterprises the freedom to avoid vendor lock-in. The open-source nature of Harbor ensures that users are not tied to proprietary solutions, providing flexibility and adaptability. With community-driven innovation, MSR benefits from regular updates, transparency, and wide compatibility across ecosystems.

Why It Matters: By choosing an open-source solution, organizations retain control over their infrastructure and avoid reliance on a single vendor, enabling long-term flexibility and cost control.

Vulnerability Scanning: Securing the Supply Chain

Recent large-scale security incidents underline the need for organizations to be proactive in defending against cyber threats covertly injected into global software supply chains.Customers can also integrate their preferred vulnerability scanners to tailor security to their needs. This flexibility ensures that only secure and compliant images are used, reinforcing trust across teams and partners.

Why It Matters: By addressing vulnerabilities early and customizing their security approach, organizations can prevent supply chain attacks and deploy containers confidently.

Content Signing: Ensuring Trust and Integrity

With multiple teams and contributors involved in building software, verifying the integrity of container images is critical. MSR’s content signing enables cryptographic signatures for images, ensuring that only trusted, unaltered images are deployed. This prevents tampering, ensuring that production environments remain secure.

Why It Matters: Content signing guarantees image authenticity, protecting against unauthorized modifications and ensuring trust across the development pipeline.

4. Role-Based Access Control (RBAC): Secure, Granular Access Management

In any enterprise setting, controlling access to resources is essential for maintaining security. MSR’s role-based access control (RBAC) offers fine-grained permissions to limit who can view, modify, or deploy images. Combined with storage quotas, MSR allows organizations to manage and control their storage usage, ensuring resources are used efficiently.

Why It Matters: RBAC and storage quotas enhance organizational security by limiting access to sensitive assets, preventing accidental actions, and reporting on resource usage for better control.

High Availability (HA): Ensuring Continuous Operations

Containerized applications are increasingly mission critical. So registry downtime is unacceptable. MSR supports high availability (HA) configurations, ensuring that the registry is always accessible, even in the event of hardware or network failures. HA enables automatic failover, minimizing the risk of downtime and maintaining operational continuity.

Why It Matters: HA configurations safeguard mission-critical applications against failures, maintaining 24/7 operational reliability.

Image Replication Across Multiple Sites: Seamless, Global Deployments

For organizations operating across geographic locations or hybrid cloud environments, replicating container images globally is essential. MSR enables image replication, ensuring that synchronized registries are accessible globally. MSR’s replication is also compatible with OCI (Open Container Initiative) standards, allowing it to seamlessly work with major public clouds and other OCI-compliant environments.

Why It Matters: OCI portability ensures that enterprises can replicate images across different clouds and hybrid infrastructures with ease, improving deployment speed and reliability across the globe.

Comprehensive Audit Logging and OpenTelemetry Support: Full Visibility and Distributed Tracing

Maintaining detailed logs of all registry activity is a compliance necessity. MSR’s comprehensive audit logging tracks every action within the registry, ensuring full visibility. Additionally, MSR uses OpenTelemetry standards for distributed tracing, making it interoperable with other OpenTelemetry-compatible tools. This ensures consistency in how metrics and logs are collected and shared.

Why It Matters: Full audit logs and distributed tracing provide the visibility needed for compliance and performance monitoring, simplifying integration with other monitoring tools.

MSR is the Best Choice for Secure, Scalable Container Registries

Mirantis Secure Registry is purpose-built for enterprises seeking a robust, secure, and scalable container registry solution. Its advanced security features, operational flexibility, high availability, and support for OCI standards make it an indispensable tool for modern IT teams managing cloud-native applications.

By leveraging vulnerability scanning, content signing, RBAC, HA, replication, audit logging, and OpenTelemetry support, MSR helps enterprises enhance security, ensure compliance, and streamline operations across distributed environments. With MSR, organizations can confidently manage containerized workloads, knowing they are protected and ready for the future.

Get Started with Mirantis Secure Registry Today

Ready to experience the powerful features of Mirantis Secure Registry (MSR) built on CNCF Harbor? It’s never been easier to get started.

Try it for free: Head over to the MSR product page to access a free trial and see how MSR can secure and streamline your container management.

Explore our documentation: Dive into the technical details and implementation guides ondocs.mirantis.com to learn more about integrating MSR into your environment.

Purchase MSR: You can now buy MSR directly fromstore.mirantis.com or reach out to our Sales team for tailored solutions that fit your organization’s needs.

With Mirantis Secure Registry, you’ll be equipped with the tools to safeguard your containerized workloads and unlock new operational efficiencies.

Robert Illing

Product Manager, Container Products

Mirantis simplifies cloud native development.

From the leading container engine for Windows and Linux to fully managed services and training, we can help you at every step of your cloud native journey.

Connect with a Mirantis expert to learn how we can help you.

CONTACT US