cncf / tag-storage

🗄CNCF Storage TAG
https://cncf.io
Apache License 2.0
163 stars 57 forks source link

Harbor Graduation Review #52

Closed michmike closed 4 years ago

michmike commented 4 years ago

SIG-Storage Graduation review request of Harbor as per cncf/toc#311

saad-ali commented 4 years ago

/assign

saad-ali commented 4 years ago

Harbor is a DIY environment-agnostic container registry. Goal of my review is to evaluate the Harbor project for graduation purely from the storage perspective. Any non-storage concerns should be be in https://github.com/cncf/toc/pull/311

From the storage perspective, I want to see a tight integration with Kubernetes and the ability to deploy in an HA way on an arbitrary cluster (without tight coupling with underlying storage).

Based on https://github.com/goharbor/harbor/blob/master/docs/1.10/install-config/harbor-ha-helm.md#usage Harbor has the following storage dependencies:

My observations:

michmike commented 4 years ago

@saad-ali thank you for the review. To answer your question, the Harbor Helm Chart (or our docker-compose deployment method) will deploy single instance of redis and postgres automatically. To deploy a HA redis/postgres, users need to set up them externally. We are currently working on a Harbor operator that will help setup automatically HA redis and HA postgres.

michmike commented 4 years ago

we are also working in the near future to possibly replace postgresql with CockroachDB

dankohn commented 4 years ago

I would predict that the TOC would look negatively on a requirement on a non-open source project like CockroachDB. Having a pluggable DB layer with multiple options (some open source, and some proprietary) could make sense. But actually replacing PostgreSQL (a well-regraded open source database) with CockroachDB (a source available database) would be problematic.

michmike commented 4 years ago

Having a pluggable DB layer with multiple options (some open source, and some proprietary) could make sense

hi Dan, that's why i mentioned "possibly" in my comment. we would first have to do our due diligence, and this has not happened yet. of course we value the opinion of the TOC in this matter.

saad-ali commented 4 years ago

Thank you to the Harbor team for providing more information.

CNCF SIG Storage Due Diligence Report

Observations

The due diligence observations are summarized above in https://github.com/cncf/sig-storage/pull/52#issuecomment-587260290

Recommendation

After completing due diligence, members of CNCF SIG Storage have raised some concerns that are outlined below. Some members of the SIG believe that we should hold off on graduation until they are addressed, others don't see them as blocking concerns. We leave the ultimate decision up to the CNCF TOC.

Areas of Concern

Lack of Out-of-Box HA

Deployment of the dependencies, Redis and Postgres, in high availability configuration is left up to the user (not supported by the Harbor Helm chart).

Counter Argument

The harbor team had two counter arguments

Dependence on Postgres and Redis

In the past, members of the CNCF TOC have expressed some concerns about the neutrality of dependencies, in general extensibility is desired.

Counter Argument

saad-ali commented 4 years ago

/close

raravena80 commented 4 years ago

Can SIG-Storage update the consolidated SIG review template with its assessment http://bit.ly/harbor-graduation-dd? Thx!