Deploying Harbor HA on a K8s cluster
Requirements
Setting up a cluster
Please setup a Kubernetes cluster (please see the following guide: Cluster API Setup ).
Once you have got your cluster up and running you can start deploying Harbor HA.
Adding the Harbor Helm repo
Add the Harbor repo to Helm
helm repo add harbor https://helm.goharbor.io
PostSQL Database
Setup a new PSQL database, please see the following guide (https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-20-04 ) and create a new database called registry
for Harbor Core (this is where Harbor will store information about itself).
You will then also need to create an account for Harbor to access the database with, so it can create new tables and manage itself.
You may also need to configure the fire wall and security groups for your database and cluster to be able to talk to each other.
Configuring the chart
*Note this configuration reflects the current state of development.
For a full list of configurable variables please see: https://github.com/goharbor/harbor-helm#configuration
A full example Harbor values file can be seen here: https://github.com/goharbor/harbor-helm/blob/main/values.yaml
Our Harbor HA configuration
Please download and configure each section of the harbor-values.yaml
file from cloud-deployed-apps https://github.com/stfc/cloud-deployed-apps/blob/main/prod-values/harbor-values.yaml
S3 configuration
You will need to create EC2 credentials on OpenStack in order to configure S3 in Harbor HA, please see the following guide: https://openmetal.io/docs/manuals/openstack-admin/access-swift-s3-api
Installing Harbor HA
Once you have saved all the above configuration into a harbor-values.yaml
file we can install Harbor HA onto the cluster.
helm install my-harbor-release harbor/harbor -f harbor-values.yaml
It can take a few minutes to deploy.
Check the status of the deployment with
kubectl get pods
You can continue to update the chart with
You should now be able to connect to Harbor on the browser via the IP address you set in the harbor-values.yaml file.
You should now be able to run kubectl delete storageclass --all
and the deployment will be unaffected.
Harbor replication
“Due to API changes, replication between different versions of Harbor API is not supported.”
Creating replication endpoints are quite straight forward, you will need to configure an account or credentials, then configure an endpoint and replication rules. Which you can define to do either push or pull based replication with various filters, either auto or manual. See:
https://goharbor.io/docs/2.1.0/administration/configuring-replication/create-replication-endpoints/
https://goharbor.io/docs/2.1.0/administration/configuring-replication/create-replication-rules/
https://goharbor.io/docs/2.1.0/administration/configuring-replication/manage-replications/
This does NOT replicate user account, rules, config etc. We may need to do backups and migration separately, some of these guides could be useful. https://goharbor.io/docs/2.9.0/administration/upgrade/helm-upgrade/
References
https://goharbor.io/docs/2.9.0/install-config/harbor-ha-helm/