Harbor for enterprise (LV.2)

Architecture

Kubernetes Cluster & HA

Pre-Requisite

Kubernetes Cluster
S3
Redis sentinel on Kubernetes
Postgresql DB (with pre-created DB named as registry)

Setup

เตรียม Value file harbor.values.yaml โดยมี content ดังนี้

expose:
  ingress:
    hosts:
      core: harbor.novice.solutions    # subdomain name for harbor
  externalURL: harbor.novice.solutions # subdomain name for harbor

persistence:
  persistentVolumeClaim:
    jobservice:
      jobLog:
        size: 1Gi
    trivy:
      size: 5Gi
  imageChartStorage:
    type: s3
    s3:
      accesskey: xxxx
      secretkey: yyyy
      region: ap-southeast-1
      bucket: novice-solutions-example # S3 bucket name

harborAdminPassword: mysecret # harbor admin secret. should be random generated.

metrics:
  enabled: true

portal:
  image:
    repository: mirror.gcr.io/goharbor/harbor-portal
  replicas: 2
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 512Mi
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

core:
  image:
    repository: mirror.gcr.io/goharbor/harbor-core
  replicas: 2
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 512Mi
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

jobservice:
  image:
    repository: mirror.gcr.io/goharbor/harbor-jobservice
  replicas: 1
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 1Gi

registry:
  registry:
    image:
      repository: mirror.gcr.io/goharbor/registry-photon
    resources:
      requests:
        memory: 512Mi
        cpu: 100m
      limits:
        memory: 512Mi
  controller:
    image:
      repository: mirror.gcr.io/goharbor/harbor-registryctl
    resources:
      requests:
        memory: 256Mi
        cpu: 100m
      limits:
        memory: 256Mi
  replicas: 2
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

trivy:
  image:
    repository: mirror.gcr.io/goharbor/trivy-adapter-photon
  replicas: 1
  resources:
    requests:
      cpu: 200m
      memory: 512Mi
    limits:
      memory: 1Gi

database:
  type: external
  external:
    host: postgresql   # db server endpoint
    username: postgres # db user
    password: mysecret # db password

redis:
  type: external
  external:
    addr: "redis:26379"           # sentinel endpoint
    sentinelMasterSet: "mymaster" # sentinel masterset
    password: "mysecret"          # redis password

exporter:
  image:
    repository: mirror.gcr.io/goharbor/harbor-exporter
  resources:
    requests:
      memory: 256Mi
      cpu: 100m
    limits:
      memory: 256Mi

ติดตั้งด้วยคำสั่งดังนี้

helm upgrade --install harbor -n harbor harbor/harbor -f harbor.values.yaml --create-namespace

PreviousHarbor for small site (LV.1)NextDatabase

Last updated 7 months ago

Was this helpful?

Setup

เตรียม Value file harbor.values.yaml โดยมี content ดังนี้

expose:
  ingress:
    hosts:
      core: harbor.novice.solutions    # subdomain name for harbor
  externalURL: harbor.novice.solutions # subdomain name for harbor

persistence:
  persistentVolumeClaim:
    jobservice:
      jobLog:
        size: 1Gi
    trivy:
      size: 5Gi
  imageChartStorage:
    type: s3
    s3:
      accesskey: xxxx
      secretkey: yyyy
      region: ap-southeast-1
      bucket: novice-solutions-example # S3 bucket name

harborAdminPassword: mysecret # harbor admin secret. should be random generated.

metrics:
  enabled: true

portal:
  image:
    repository: mirror.gcr.io/goharbor/harbor-portal
  replicas: 2
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 512Mi
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

core:
  image:
    repository: mirror.gcr.io/goharbor/harbor-core
  replicas: 2
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 512Mi
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

jobservice:
  image:
    repository: mirror.gcr.io/goharbor/harbor-jobservice
  replicas: 1
  resources:
    requests:
      memory: 512Mi
      cpu: 100m
    limits:
      memory: 1Gi

registry:
  registry:
    image:
      repository: mirror.gcr.io/goharbor/registry-photon
    resources:
      requests:
        memory: 512Mi
        cpu: 100m
      limits:
        memory: 512Mi
  controller:
    image:
      repository: mirror.gcr.io/goharbor/harbor-registryctl
    resources:
      requests:
        memory: 256Mi
        cpu: 100m
      limits:
        memory: 256Mi
  replicas: 2
  topologySpreadConstraints:
  - maxSkew: 1
    topologyKey: topology.kubernetes.io/zone
    whenUnsatisfiable: DoNotSchedule

trivy:
  image:
    repository: mirror.gcr.io/goharbor/trivy-adapter-photon
  replicas: 1
  resources:
    requests:
      cpu: 200m
      memory: 512Mi
    limits:
      memory: 1Gi

database:
  type: external
  external:
    host: postgresql   # db server endpoint
    username: postgres # db user
    password: mysecret # db password

redis:
  type: external
  external:
    addr: "redis:26379"           # sentinel endpoint
    sentinelMasterSet: "mymaster" # sentinel masterset
    password: "mysecret"          # redis password

exporter:
  image:
    repository: mirror.gcr.io/goharbor/harbor-exporter
  resources:
    requests:
      memory: 256Mi
      cpu: 100m
    limits:
      memory: 256Mi

ติดตั้งด้วยคำสั่งดังนี้

helm upgrade --install harbor -n harbor harbor/harbor -f harbor.values.yaml --create-namespace