1 Requirements
- 1.1 Setting up a cluster
- 1.2 Adding the Harbor Helm repo
- 1.3 PostSQL Database
2 Configuring the chart
- 2.1 Our Harbor HA configuration
- 2.2 S3 configuration
3 Installing Harbor HA
4 Harbor replication
5 References

Requirements

Setting up a cluster

Please setup a Kubernetes cluster (please see the following guide: Cluster API Setup ).

Once you have got your cluster up and running you can start deploying Harbor HA.

Adding the Harbor Helm repo

Add the Harbor repo to Helm

helm repo add harbor https://helm.goharbor.io

PostSQL Database

Setup a new PSQL database, please see the following guide (https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-on-ubuntu-20-04 ) and create a new database called registry for Harbor Core (this is where Harbor will store information about itself).

You will then also need to create an account for Harbor to access the database with, so it can create new tables and manage itself.

You may also need to configure the fire wall and security groups for your database and cluster to be able to talk to each other.

Configuring the chart

*Note this configuration reflects the current state of development.

For a full list of configurable variables please see: GitHub - goharbor/harbor-helm: The helm chart to deploy Harbor

A full example Harbor values file can be seen here: harbor-helm/values.yaml at main · goharbor/harbor-helm

Our Harbor HA configuration

Please download and configure each section of the harbor-values.yaml file from cloud-deployed-apps https://github.com/stfc/cloud-deployed-apps/blob/main/prod-values/harbor-values.yaml

S3 configuration

You will need to create EC2 credentials on OpenStack in order to configure S3 in Harbor HA, please see the following guide: Create EC2 Credentials for Swift S3 API Access | OpenMetal Docs

Installing Harbor HA

Once you have saved all the above configuration into a harbor-values.yaml file we can install Harbor HA onto the cluster.

helm install my-harbor-release harbor/harbor -f harbor-values.yaml

It can take a few minutes to deploy.

Check the status of the deployment with

kubectl get pods

You can continue to update the chart with

You should now be able to connect to Harbor on the browser via the IP address you set in the harbor-values.yaml file.

You should now be able to run kubectl delete storageclass --all and the deployment will be unaffected.

Harbor replication

“Due to API changes, replication between different versions of Harbor API is not supported.”

Creating replication endpoints are quite straight forward, you will need to configure an account or credentials, then configure an endpoint and replication rules. Which you can define to do either push or pull based replication with various filters, either auto or manual. See:

https://goharbor.io/docs/2.1.0/administration/configuring-replication/create-replication-endpoints/

https://goharbor.io/docs/2.1.0/administration/configuring-replication/create-replication-rules/

https://goharbor.io/docs/2.1.0/administration/configuring-replication/manage-replications/

This does NOT replicate user account, rules, config etc. We may need to do backups and migration separately, some of these guides could be useful. https://goharbor.io/docs/2.9.0/administration/upgrade/helm-upgrade/

References

https://goharbor.io/docs/2.9.0/install-config/harbor-ha-helm/

CloudKB

Deploying Harbor HA on a K8s cluster