Merge remote-tracking branch 'hupstream/dev' into dev
8
Makefile
@ -25,7 +25,7 @@
|
|||||||
#
|
#
|
||||||
# package_online:
|
# package_online:
|
||||||
# prepare online install package
|
# prepare online install package
|
||||||
# for example: make package_online -e DEVFLAG=flase\
|
# for example: make package_online -e DEVFLAG=false\
|
||||||
# REGISTRYSERVER=reg-bj.eng.vmware.com \
|
# REGISTRYSERVER=reg-bj.eng.vmware.com \
|
||||||
# REGISTRYPROJECTNAME=harborrelease
|
# REGISTRYPROJECTNAME=harborrelease
|
||||||
#
|
#
|
||||||
@ -33,13 +33,13 @@
|
|||||||
# prepare offline install package
|
# prepare offline install package
|
||||||
#
|
#
|
||||||
# pushimage: push Harbor images to specific registry server
|
# pushimage: push Harbor images to specific registry server
|
||||||
# for example: make pushimage -e DEVFLAG=flase REGISTRYUSER=admin \
|
# for example: make pushimage -e DEVFLAG=false REGISTRYUSER=admin \
|
||||||
# REGISTRYPASSWORD=***** \
|
# REGISTRYPASSWORD=***** \
|
||||||
# REGISTRYSERVER=reg-bj.eng.vmware.com/ \
|
# REGISTRYSERVER=reg-bj.eng.vmware.com/ \
|
||||||
# REGISTRYPROJECTNAME=harborrelease
|
# REGISTRYPROJECTNAME=harborrelease
|
||||||
# note**: need add "/" on end of REGISTRYSERVER. If not setting \
|
# note**: need add "/" on end of REGISTRYSERVER. If not setting \
|
||||||
# this value will push images directly to dockerhub.
|
# this value will push images directly to dockerhub.
|
||||||
# make pushimage -e DEVFLAG=flase REGISTRYUSER=vmware \
|
# make pushimage -e DEVFLAG=false REGISTRYUSER=vmware \
|
||||||
# REGISTRYPASSWORD=***** \
|
# REGISTRYPASSWORD=***** \
|
||||||
# REGISTRYPROJECTNAME=vmware
|
# REGISTRYPROJECTNAME=vmware
|
||||||
#
|
#
|
||||||
@ -63,7 +63,7 @@
|
|||||||
# files with specific TAG.
|
# files with specific TAG.
|
||||||
# By default DEVFLAG=true, if you want to release new version of Harbor, \
|
# By default DEVFLAG=true, if you want to release new version of Harbor, \
|
||||||
# should setting the flag to false.
|
# should setting the flag to false.
|
||||||
# make XXXX -e DEVFLAG=flase
|
# make XXXX -e DEVFLAG=false
|
||||||
|
|
||||||
SHELL := /bin/bash
|
SHELL := /bin/bash
|
||||||
BUILDPATH=$(CURDIR)
|
BUILDPATH=$(CURDIR)
|
||||||
|
BIN
docs/img/ova/edit_settings.png
Normal file
After Width: | Height: | Size: 126 KiB |
BIN
docs/img/ova/ova01.png
Normal file
After Width: | Height: | Size: 137 KiB |
BIN
docs/img/ova/ova02.png
Normal file
After Width: | Height: | Size: 32 KiB |
BIN
docs/img/ova/ova03.png
Normal file
After Width: | Height: | Size: 41 KiB |
BIN
docs/img/ova/ova04.png
Normal file
After Width: | Height: | Size: 44 KiB |
BIN
docs/img/ova/ova05.png
Normal file
After Width: | Height: | Size: 47 KiB |
BIN
docs/img/ova/ova06.png
Normal file
After Width: | Height: | Size: 41 KiB |
BIN
docs/img/ova/ova07.png
Normal file
After Width: | Height: | Size: 61 KiB |
BIN
docs/img/ova/ova08.png
Normal file
After Width: | Height: | Size: 63 KiB |
BIN
docs/img/ova/vapp_options.png
Normal file
After Width: | Height: | Size: 52 KiB |
85
docs/installation_guide_ova.md
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
# Install and Configure Harbor on vSphere using OVA
|
||||||
|
This guide takes you through the steps about installing and configuring Harbor on vSphere using OVA.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
1.Get URL or download the OVA file to your local disk from [release page](https://github.com/vmware/harbor/releases).
|
||||||
|
|
||||||
|
2.Login vSphere web client. Right click on the datacenter, cluster or host which Harbor will be deployed on. Select "Deploy OVF Template" and open the import wizard.
|
||||||
|
|
||||||
|
![ova](img/ova/ova01.png)
|
||||||
|
|
||||||
|
3.Paste the URL of OVA file or select it from local disk and click "Next".
|
||||||
|
|
||||||
|
![ova](img/ova/ova02.png)
|
||||||
|
|
||||||
|
4.Review the OVF template details and click "Next".
|
||||||
|
|
||||||
|
![ova](img/ova/ova03.png)
|
||||||
|
|
||||||
|
5.Spefify a name and location for the deployed template.
|
||||||
|
|
||||||
|
![ova](img/ova/ova04.png)
|
||||||
|
|
||||||
|
6.Select the storage and virtual disk format, click "Next".
|
||||||
|
|
||||||
|
![ova](img/ova/ova05.png)
|
||||||
|
|
||||||
|
7.Configure the networks the deployed template should use.
|
||||||
|
|
||||||
|
![ova](img/ova/ova06.png)
|
||||||
|
|
||||||
|
8.Customize the properties of Harbor. The properties are described below. Note that at the very least, you just need to set the **Root Password**, **Harbor Admin Password** and **Database Password** properties.
|
||||||
|
|
||||||
|
![ova](img/ova/ova07.png)
|
||||||
|
|
||||||
|
* Application
|
||||||
|
* **Root Password**: The password of the root user. (8-128 characters)
|
||||||
|
* **Harbor Admin Password**: The initial password of Harbor admin. It only works for the first time when Harbor starts. It has no effect after the first launch of Harbor. Change the admin password from UI after launching Harbor. (8-20 characters)
|
||||||
|
* **Database Password**: The password of the root user of MySQL database. (8-128 characters)
|
||||||
|
* **Authentication Mode**: The default authentication mode is db_auth, i.e. the credentials are stored in a local database. Set it to ldap_auth if you want to verify the user's credential against an LDAP/AD server.
|
||||||
|
* **LDAP URL**: The URL of an LDAP/AD server.
|
||||||
|
* **LDAP Search DN**: A user's DN who has the permission to search the LDAP/AD server. If your LDAP/AD server does not support anonymous search, you should configure this DN and LDAP Seach Password.
|
||||||
|
* **LDAP Search Password**: The password of the user for LDAP search.
|
||||||
|
* **LDAP Base DN**: The base DN from which to look up a user in LDAP/AD.
|
||||||
|
* **LDAP UID**: The attribute used in a search to match a user, it could be uid, cn, email, sAMAccountName or other attributes depending on your LDAP/AD server.
|
||||||
|
* **Email Server**: The mail server to send out emails to reset password.
|
||||||
|
* **Email Server Port**: The port of mail server.
|
||||||
|
* **Email Username**: The user from whom the password reset email is sent.
|
||||||
|
* **Email Password**: The password of the user from whom the password reset email is sent.
|
||||||
|
* **Email From**: The name of the email sender.
|
||||||
|
* **Email SSL**: Whether to enabled secure mail transmission.
|
||||||
|
* **SSL Cert**: Paste in the content of a certificate file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
|
||||||
|
* **SSL Cert Key**: Paste in the content of certificate key file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
|
||||||
|
* **Verify Remote Cert**: Determine whether the image replication should verify the SSL certificate when it connects to a remote registry. Set this flag to off when the remote registry uses a self-signed or untrusted certificate.
|
||||||
|
* **Garbage Collection**: When setting this to true, Harbor performs garbage collection everytime it boots up.
|
||||||
|
|
||||||
|
* Networking properties
|
||||||
|
* **Default Gateway**: The default gateway address for this VM. Leave blank if DHCP is desired.
|
||||||
|
* **Domain Name**: The domain name of this VM. Leave blank if DHCP is desired.
|
||||||
|
* **Domain Search Path**: The domain search path(comma or space separated domain names) for this VM. Leave blank if DHCP is desired.
|
||||||
|
* **Domain Name Servers**: The domain name server IP Address for this VM(comma separated). Leave blank if DHCP is desired.
|
||||||
|
* **Network 1 IP Adress**: The IP address of this interface. Leave blank if DHCP is desired.
|
||||||
|
* **Network 1 Netmask**: The netmask or prefix for this interface. Leave blank if DHCP is desired.
|
||||||
|
|
||||||
|
**Notes:** If you want to enable HTTPS with a self-signed certificate and have no idea how to generate it, refer to the "Getting a certificate" part of this [guide](https://github.com/vmware/harbor/blob/master/docs/configure_https.md#getting-a-certificate).
|
||||||
|
|
||||||
|
After you complete the properties, click "Next".
|
||||||
|
|
||||||
|
9.Review your settings and click "Finish" to complete the installation.
|
||||||
|
|
||||||
|
![ova](img/ova/ova08.png)
|
||||||
|
|
||||||
|
## Reconfiguration
|
||||||
|
If you want to reconfigure the properties of Harbor, follow the steps:
|
||||||
|
1.Power off the VM which Harbor is deployed on.
|
||||||
|
2.Right click on the VM and select "Edit Settings".
|
||||||
|
|
||||||
|
![ova](img/ova/edit_settings.png)
|
||||||
|
|
||||||
|
3.Click the "vApp Options" tab, reconfigure the properties and click "OK".
|
||||||
|
|
||||||
|
![ova](img/ova/vapp_options.png)
|
||||||
|
|
||||||
|
4.Power on the VM.
|
||||||
|
|
||||||
|
**Notes:** "Harbor Admin Password" and all networking properties can not be modified using this method after Harbor launched. Change the admin password from UI and change the networking properties in the OS level manually.
|
@ -20,12 +20,12 @@ import (
|
|||||||
"regexp"
|
"regexp"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/vmware/harbor/src/ui/api"
|
|
||||||
"github.com/vmware/harbor/src/common/dao"
|
"github.com/vmware/harbor/src/common/dao"
|
||||||
"github.com/vmware/harbor/src/common/models"
|
"github.com/vmware/harbor/src/common/models"
|
||||||
"github.com/vmware/harbor/src/ui/service/cache"
|
|
||||||
"github.com/vmware/harbor/src/common/utils"
|
"github.com/vmware/harbor/src/common/utils"
|
||||||
"github.com/vmware/harbor/src/common/utils/log"
|
"github.com/vmware/harbor/src/common/utils/log"
|
||||||
|
"github.com/vmware/harbor/src/ui/api"
|
||||||
|
"github.com/vmware/harbor/src/ui/service/cache"
|
||||||
|
|
||||||
"github.com/astaxie/beego"
|
"github.com/astaxie/beego"
|
||||||
)
|
)
|
||||||
@ -36,6 +36,7 @@ type NotificationHandler struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
const manifestPattern = `^application/vnd.docker.distribution.manifest.v\d\+(json|prettyjws)`
|
const manifestPattern = `^application/vnd.docker.distribution.manifest.v\d\+(json|prettyjws)`
|
||||||
|
const vicPrefix = "vic/"
|
||||||
|
|
||||||
// Post handles POST request, and records audit log or refreshes cache based on event.
|
// Post handles POST request, and records audit log or refreshes cache based on event.
|
||||||
func (n *NotificationHandler) Post() {
|
func (n *NotificationHandler) Post() {
|
||||||
@ -102,8 +103,8 @@ func filterEvents(notification *models.Notification) ([]*models.Event, error) {
|
|||||||
events := []*models.Event{}
|
events := []*models.Event{}
|
||||||
|
|
||||||
for _, event := range notification.Events {
|
for _, event := range notification.Events {
|
||||||
log.Debugf("receive an event: ID-%s, target-%s:%s, digest-%s, action-%s", event.ID, event.Target.Repository, event.Target.Tag,
|
log.Debugf("receive an event: \n----ID: %s \n----target: %s:%s \n----digest: %s \n----action: %s \n----mediatype: %s \n----user-agent: %s", event.ID, event.Target.Repository,
|
||||||
event.Target.Digest, event.Action)
|
event.Target.Tag, event.Target.Digest, event.Action, event.Target.MediaType, event.Request.UserAgent)
|
||||||
|
|
||||||
isManifest, err := regexp.MatchString(manifestPattern, event.Target.MediaType)
|
isManifest, err := regexp.MatchString(manifestPattern, event.Target.MediaType)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -115,8 +116,9 @@ func filterEvents(notification *models.Notification) ([]*models.Event, error) {
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
//pull and push manifest by docker-client
|
//pull and push manifest by docker-client or vic
|
||||||
if strings.HasPrefix(event.Request.UserAgent, "docker") && (event.Action == "pull" || event.Action == "push") {
|
if (strings.HasPrefix(event.Request.UserAgent, "docker") || strings.HasPrefix(event.Request.UserAgent, vicPrefix)) &&
|
||||||
|
(event.Action == "pull" || event.Action == "push") {
|
||||||
events = append(events, &event)
|
events = append(events, &event)
|
||||||
log.Debugf("add event to collect: %s", event.ID)
|
log.Debugf("add event to collect: %s", event.ID)
|
||||||
continue
|
continue
|
||||||
|