https://artifacthub.io/packages/helm/harbor/harbor
helm repo add harbor https://helm.goharbor.io
#helm 3:
helm uninstall my-release
value nếu bạn muốn chỉ định các workload có persistent volume, sẽ cái bên các node được chỉ định
harborAdminPassword: –> set password admin
Phần quan trọng: nếu bạn public harbor ra internet với 1 domain cần cấu hình như sau:
nếu bạn ko cấu hình thì login dù password đúng thì vẫn bị báo sai và response status 405
externalURL: https://docker.nimtechnology.com
expose:
ingress:
hosts:
core: docker.nimtechnology.com
harborAdminPassword: "Password696969"
externalURL: https://docker.nimtechnology.com
expose:
ingress:
hosts:
core: docker.nimtechnology.com
registry:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
jobservice:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
chartmuseum:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
trivy:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
database:
type: internal
internal:
nodeSelector:
node: "storage-ssd"
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
redis:
type: internal
internal:
nodeSelector:
node: "storage-ssd"
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
Upadte heml value. Mon 8 Nov
>>>>>>>
harborAdminPassword: "xxxxxx"
externalURL: https://docker.nimtechnology.com
expose:
ingress:
hosts:
core: docker.nimtechnology.com
registry:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
jobservice:
nodeSelector:
node: "storage-hdd"
chartmuseum:
nodeSelector:
node: "storage-hdd"
trivy:
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
nodeSelector:
node: "storage-ssd"
database:
type: internal
internal:
nodeSelector:
node: "storage-ssd"
tolerations:
- key: "node"
operator: "Equal"
value: "storage-ssd"
effect: "NoSchedule"
redis:
type: internal
internal:
nodeSelector:
node: "storage-hdd"
persistence:
enabled: true
persistentVolumeClaim:
registry:
storageClass: "longhorn-fast"
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
storageClass: "longhorn-normal"
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
storageClass: "longhorn-normal"
accessMode: ReadWriteOnce
size: 1Gi
database:
storageClass: "longhorn-fast"
accessMode: ReadWriteOnce
size: 1Gi
trivy:
storageClass: "longhorn-fast"
accessMode: ReadWriteOnce
size: 5Gi
Bạn có thể tham khảo thêm values.yaml ở đây:
https://waspro.tistory.com/632
Helm harbor tạo sẵn cho chúng ta ingress:
Giờ bạn cấu hình cho user đi qua Kong -> rồi mới vào ingress của k8s -> và vào harbor
Nếu bạn gặp lối 404
Vào Kong add thêm plugin cho service
truy cập kiểm tra
Bạn disable việc để user bên ngoài đăng ký user
làm như sau
