Harbormaster is a basic extendable Docker Engine access authorization plugin that runs on directly on the host.
By default, Harbormaster plugin prevents from executing commands with certain parameters.
- Docker commands
- Pull images
- Start containers with specific parameters
--privileged--ipc=host--net=host--pid=host--userns=host--uts=host- any Linux capabilities with parameter
--cap-add=[] - any devices added with parameter
--device=[] - any dns servers added with parameter
--dns - any ports added with parameter
--port - any volumes mounted with parameter
-v - any logging with parameters
--log-driverand--log-opt --sysctl--security-opt
Supported Docker versions with HBM.
| HBM Version | Docker Version | Docker API |
|---|---|---|
| 0.2.x | 1.12.x | 1.24 |
| 0.3.x | 17.05.x | 1.29 |
| 0.5.x | 17.06.x | 1.30 |
| 0.5.x | 17.09.x | 1.32 |
| >= 0.6.0 | >= 1.12.x | >= 1.24 |
All documentation is available on the Harbormaster website.
If you have any problems with or questions about this application, please contact us through a GitHub issue.