We just raised a $30M Series A: Read our story

Amazon ECR Competitors and Alternatives

Read reviews of Amazon ECR competitors and alternatives

Sudipto Das
Senior System Administrator at Nucleus Software Exports Limited
Real User
Top 5Leaderboard
Check document vulnerabilities with this cloud-native product that needs to improve in ease-of-use

Pros and Cons

  • "Right now this is the leading product in this category."
  • "The GUI needs to improve."
  • "The product should integrate better with other storage options."

What is our primary use case?

This is a cloud-native product for document and image storage.  

What is most valuable?

The security vulnerability detection is the most valuable feature. It has also the Registryctl (CTL stands for 'control') feature, so we can store our Docker images.  

What needs improvement?

Right now, we are not looking for many improvements in the product. We are still exploring it. But I think the GUI could be improved and there could be better storage options.  

For how long have I used the solution?

We have been using it for the last two or three months. 

What do I think about the stability of the solution?

We have not had any issues with stability to this point.  

What do I think about the scalability of the solution?

Right now we have not had to do anything with scalability because we are new to the product.  

Approximately 10 to 15 people are using it in our company.  

How are customer service and technical support?

We have never used the technical support, so we never raised a ticket that we have been assisted with. I have no idea about that in firsthand experience.  

Which solution did I use previously and why did I switch?

Similar products we have used include Nexus (Sonatype) and JFrog (Artifactory). In the public cloud, we have also been using AWS ECR (Amazon Web Services, Elastic Container Registry) as a data registry. For vulnerability scanning, there is one more open-source tool that we have used called Anchore.  

We decided to switch to using Harbor because there is nothing like it amongst these tools. For Nexus and JFrog we needed some vulnerability reports that they did not provide and we are getting these reports freely from Harbor. This Harbor tool also has the advantage of being an open-source tool and costs nothing. That is why we switched.  

How was the initial setup?

The initial setup is straightforward. It took only two to three hours, maybe. What takes some time is the product has to check all of our documents for vulnerabilities.  

What's my experience with pricing, setup cost, and licensing?

The product is opensource so the cost of the product is free for everyone.  

Which other solutions did I evaluate?

We evaluated other products that we used concurrently. That was Nexus, JFrog, AWS ECR, and Anchore.  

What other advice do I have?

My advice to people looking into Harbor is that I think it is a good tool. There is no reason not to try and use it because it is a free solution for everyone. Everyone can give a try for that price.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate Harbor as a seven-out-of-ten.  

The GUI interface can be better and more user-friendly. There may also be some opportunity to offer different options for storage. If we are working on AWS, we can store its data in the S3 (Simple Cloud Storage), but that is not very straightforward and complicates the processing.   

The storage means we mainly use right now is the EC2 (Elastic Compute Cloud [Amazon]). We would normally make the storage in EC2, but we need to use Harbor with S3. Because of this, we need to do a lot of things manually. This complicates the processes. The solution is okay, but the issues with storage makes some things a more time-consuming process than they need to be.  

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.