mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-22 10:15:35 +01:00
commit
592e596ae4
13
AUTHORS
13
AUTHORS
@ -2,27 +2,36 @@
|
||||
|
||||
Alexander Zeitler <alexander.zeitler at pdmlab.com>
|
||||
Alexey Erkak <eryigin at mail.ru>
|
||||
Allen Heavey <xheavey at gmail.com>
|
||||
Allen Heavey <xheavey at gmail.com>
|
||||
Amanda Zhang <amzhang at vmware.com>
|
||||
Andre Cruz <andre at brpx.com>
|
||||
Benniu Ji <benniuji at gmail.com>
|
||||
Bin Liu <liubin0329 at gmail.com>
|
||||
Bobby Zhang <junzhang at vmware.com>
|
||||
Chaofeng Wu <chaofengw at vmware.com>
|
||||
Daniel Jiang <jiangd at vmware.com>
|
||||
Deshi Xiao <xiaods at gmail.com>
|
||||
Deshi Xiao <xiaods at gmail.com>
|
||||
Guangping Fu <krystism at gmail.com>
|
||||
Haining Henry Zhang <henryzhang at vmware.com>
|
||||
Hao Xia <haox at vmware.com>
|
||||
Haoyuan <harryge00 at gmail.com>
|
||||
Jack Liu <ljack at vmware.com>
|
||||
Jessy Zhang <jessyz at vmware.com>
|
||||
Jianye Li <li.jianye at gmail.com>
|
||||
Kun Wang <kunw at vmware.com>
|
||||
Mahesh Paolini-Subramanya <mahesh at dieswaytoofast.com>
|
||||
Maxwell <710028463 at qq.com>
|
||||
Meng Wei <weim at vmware.com>
|
||||
Nagarjun G <nagarjung.g at gmail.com>
|
||||
Peng Zhao <zhaopeng1988 at gmail.com>
|
||||
Penghao Cen <scorpiocph at gmail.com>
|
||||
Robin Naundorf <r.naundorf at fh-muenster.de>
|
||||
Shan Zhu <zhus at vmware.com>
|
||||
Robin Yue <jmyue at hotmail.com>
|
||||
Tobe Chen <tobeg3oogle at gmail.com>
|
||||
Victoria Zheng <vzheng at vmware.com>
|
||||
Wenkai Yin <yinw at vmware.com>
|
||||
Xiaoxiao Zhou <xiaoxiaoz at vmware.com>
|
||||
Yahao He <bhe at vmware.com>
|
||||
Yan Wang <wangyan at vmware.com>
|
||||
Yong Hua <yhua at vmware.com>
|
||||
|
@ -1,5 +1,14 @@
|
||||
# Changelog
|
||||
|
||||
## v0.4.5 (2016-10-31)
|
||||
|
||||
- Virtual appliance of Harbor for vSphere.
|
||||
- Refactory for new build process.
|
||||
- Easier configuration for HTTPS in prepare step.
|
||||
- Updated documents.
|
||||
- Various bug fixes.
|
||||
|
||||
|
||||
## v0.4.0 (2016-09-23)
|
||||
|
||||
- Database schema changed, data migration/upgrade is needed for previous version.
|
||||
|
18
README.md
18
README.md
@ -20,25 +20,19 @@ Project Harbor is an enterprise-class registry server that stores and distribute
|
||||
### Install & Run
|
||||
|
||||
**System requirements:**
|
||||
Harbor only works with docker 1.10.0+ and docker-compose 1.6.0+.
|
||||
|
||||
**On a Linux host:** docker 1.10.0+ and docker-compose 1.6.0+ .
|
||||
|
||||
**On vSphere:** vCenter 5.x+ for deployment of Harbor's virtual appliance.
|
||||
|
||||
Download binaries of **[Harbor release ](https://github.com/vmware/harbor/releases)** and follow **[Installation & Confiugration Guide](docs/installation_guide.md)** to install Harbor.
|
||||
|
||||
After installation, if everything worked properly, you should be able to open a browser to visit the admin portal at http://reg.yourdomain.com. Note that the default administrator username/password are admin/Harbor12345.
|
||||
|
||||
Log in to the admin portal and create a new project, e.g. `myproject`. You can then use docker commands to login and push images (by default, the registry server listens on port 80):
|
||||
```sh
|
||||
$ docker login reg.yourdomain.com
|
||||
$ docker push reg.yourdomain.com/myproject/myrepo:mytag
|
||||
```
|
||||
|
||||
Refer to **[User Guide](docs/user_guide.md)** for more details on how to use Harbor.
|
||||
|
||||
|
||||
### Community
|
||||
**Slack:** Join Harbor's community here: [VMware {code}](https://code.vmware.com/join/) Slack group, Channel: #harbor.
|
||||
**Slack:** Join Harbor's community here: [VMware {code}](https://code.vmware.com/join/), Channel: #harbor.
|
||||
**Email:** harbor@ vmware.com .
|
||||
**WeChat:** Add WeChat id *connect1688* to join WeChat discussion group.
|
||||
**WeChat Group:** Add WeChat id *connect1688* to join WeChat discussion group.
|
||||
|
||||
### Contribution
|
||||
We welcome contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a pull request. For any questions about the CLA process, please refer to our [FAQ](https://cla.vmware.com/faq). Contact us for any qustions: harbor@ vmware.com .
|
||||
|
17
ROADMAP.md
17
ROADMAP.md
@ -17,28 +17,31 @@ Please open an issue to track any initiative on the roadmap of Harbor. We will w
|
||||
### 1. Notary
|
||||
The notary feature allows publishers to sign their images offline and to push the signed content to a notary server. This ensures the authenticity of images.
|
||||
|
||||
### 2. Image replication between Harbor instances (Completed)
|
||||
### 2. Vulnerability Scanning
|
||||
The capability to scan images for vulnerability.
|
||||
|
||||
### 3. Image replication between Harbor instances (Completed)
|
||||
Enable images to be replicated between two or more Harbor instances. This is useful to have multiple registry servers servicing a large cluster of nodes, or have distributed registry instances with identical images.
|
||||
|
||||
### 3. Image deletion and garbage collection (Completed)
|
||||
### 4. Image deletion and garbage collection (Completed)
|
||||
a) Images can be deleted from UI. The files of deleted images are not removed immediately.
|
||||
|
||||
b) The files of deleted images are recycled by an administrator during system maintenance(Garbage collection). The registry service must be shut down during the process of garbage collection.
|
||||
|
||||
|
||||
### 4. Authentication (OAuth2)
|
||||
### 5. Authentication (OAuth2)
|
||||
In addition to LDAP/AD and local users, OAuth 2.0 can be used to authenticate a user.
|
||||
|
||||
### 5. High Availability
|
||||
### 6. High Availability (in progress)
|
||||
Support multi-node deployment of Harbor for high availability, scalability and load-balancing purposes.
|
||||
|
||||
### 6. Statistics and description for repositories
|
||||
### 7. Statistics and description for repositories
|
||||
User can add a description to a repository. The access count of a repo can be aggregated and displayed.
|
||||
|
||||
|
||||
### 7. Audit all operations in the system
|
||||
### 8. Audit all operations in the system
|
||||
Currently only image related operations are logged. Other operations in Harbor, such as user creation/deletion, role changes, password reset, should be tracked as well.
|
||||
|
||||
|
||||
### 8. Migration tool to move from an existing registry to Harbor
|
||||
### 9. Migration tool to move from an existing registry to Harbor
|
||||
A tool to migrate images from a vanilla registry server to Harbor, without the need to export/import a large amount of data.
|
||||
|
@ -9,7 +9,7 @@ Harbor can be installed by one of three approaches:
|
||||
|
||||
All installers can be downloaded from the **[official release](https://github.com/vmware/harbor/releases)** page.
|
||||
|
||||
To install Harbor's virtual appliance, refer to the **[Harbor Installation Guide for OVA](installation_guide_ova.md)**.
|
||||
To install Harbor's virtual appliance, refer to the **[Harbor Installation Guide for Virtual Appliance](installation_guide_ova.md)**.
|
||||
|
||||
This guide describes the steps to install and configure Harbor by using the online or offline installer. The installation processes are almost the same.
|
||||
|
||||
@ -50,7 +50,7 @@ Configuration parameters are located in the file **harbor.cfg**.
|
||||
The parameters are described below - note that at the very least, you will need to change the **hostname** attribute.
|
||||
|
||||
* **hostname**: The target host's hostname, which is used to access the UI and the registry service. It should be the IP address or the fully qualified domain name (FQDN) of your target machine, e.g., `192.168.1.10` or `reg.yourdomain.com`. _Do NOT use `localhost` or `127.0.0.1` for the hostname - the registry service needs to be accessible by external clients!_
|
||||
* **ui_url_protocol**: (**http** or **https**. Default is **http**) The protocol used to access the UI and the token/notification service. By default, this is _http_. To set up the https protocol, refer to [Configuring Harbor with HTTPS Access](configure_https.md).
|
||||
* **ui_url_protocol**: (**http** or **https**. Default is **http**) The protocol used to access the UI and the token/notification service. By default, this is _http_. To set up the https protocol, refer to **[Configuring Harbor with HTTPS Access](configure_https.md)**.
|
||||
* **Email settings**: These parameters are needed for Harbor to be able to send a user a "password reset" email, and are only necessary if that functionality is needed. Also, do note that by default SSL connectivity is _not_ enabled - if your SMTP server requires SSL, but does _not_ support STARTTLS, then you should enable SSL by setting **email_ssl = true**.
|
||||
* email_server = smtp.mydomain.com
|
||||
* email_server_port = 25
|
||||
@ -102,8 +102,8 @@ storage:
|
||||
_NOTE: For detailed information on storage backend of a registry, refer to [Registry Configuration Reference](https://docs.docker.com/registry/configuration/) ._
|
||||
|
||||
|
||||
#### Installing and starting Harbor
|
||||
Once **harbord.cfg** and storage backend (optional) are configured, install and start Harbor using the ```install.sh script```. Note that it may take some time for the online installer to download Harbor images from Docker hub.
|
||||
#### Finishing installation and starting Harbor
|
||||
Once **harbord.cfg** and storage backend (optional) are configured, install and start Harbor using the ```install.sh``` script. Note that it may take some time for the online installer to download Harbor images from Docker hub.
|
||||
|
||||
```sh
|
||||
$ sudo ./install.sh
|
||||
@ -118,10 +118,10 @@ $ docker push reg.yourdomain.com/myproject/myrepo:mytag
|
||||
```
|
||||
**IMPORTANT:** The default installation of Harbor uses _HTTP_ - as such, you will need to add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service.
|
||||
|
||||
For information on how to use Harbor, please refer to [User Guide of Harbor](user_guide.md) .
|
||||
For information on how to use Harbor, please refer to **[User Guide of Harbor](user_guide.md)** .
|
||||
|
||||
#### Configuring Harbor with HTTPS access
|
||||
Harbor does not ship with any certificates, and, by default, uses HTTP to serve requests. While this makes it relatively simple to set up and run - especially for a development or testing environment - it is **not** recommended for a production environment. To enable HTTPS, please refer to [Configuring Harbor with HTTPS Access](configure_https.md).
|
||||
Harbor does not ship with any certificates, and, by default, uses HTTP to serve requests. While this makes it relatively simple to set up and run - especially for a development or testing environment - it is **not** recommended for a production environment. To enable HTTPS, please refer to **[Configuring Harbor with HTTPS Access](configure_https.md)**.
|
||||
|
||||
|
||||
### Managing Harbor's lifecycle
|
||||
|
@ -2,6 +2,11 @@
|
||||
|
||||
This guide walks you through the steps about installing and configuring Harbor on vSphere as an virtual appliance (OVA). If you are installing Harbor on a Linux host, refer to this **[Installation Guide](installation_guide.md)**.
|
||||
|
||||
## Prerequisites
|
||||
* vCenter 5.x+ and at least an ESX host.
|
||||
* 2 vCPUs, 4GB memory and 100GB free disk space in datastore.
|
||||
* A network with DHCP capability, or a static IP address for the virtual appliance.
|
||||
|
||||
## Installation
|
||||
1. Download the OVA file to your local disk from the **[official release page](https://github.com/vmware/harbor/releases)**.
|
||||
|
||||
@ -51,7 +56,7 @@ This guide walks you through the steps about installing and configuring Harbor o
|
||||
* **Email SSL**: Whether to enabled secure mail transmission.
|
||||
* **SSL Cert**: Paste in the content of a certificate file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
|
||||
* **SSL Cert Key**: Paste in the content of certificate key file. If SSL Cert and SSL Cert Key are both set, HTTPS will be used.
|
||||
* **Self Registration**: Determine whether the self-registration is allowed or not when the authentication mode is database. Set this to off to disable a user's self-registration in Harbor.
|
||||
* **Self Registration**: Determine whether the self-registration is allowed or not. Set this to off to disable a user's self-registration in Harbor. This flag has no effect when users are stored in LDAP or AD.
|
||||
* **Verify Remote Cert**: Determine whether the image replication should verify the certificate when it connects to a remote registry via TLS. Set this flag to off when the remote registry uses a self-signed or untrusted certificate.
|
||||
* **Garbage Collection**: When setting this to true, Harbor performs garbage collection everytime it boots up. The first time setting this flag to true needs to power off the VM and power it on again.
|
||||
|
||||
|
@ -15,7 +15,7 @@ User guide
|
||||
|
||||
# Test Steps:
|
||||
|
||||
1. Thw admin user logs in to UI.
|
||||
1. The admin user logs in to UI.
|
||||
2. The user changes his/her account settings, including email, full name and comments.
|
||||
3. The user logs out.
|
||||
4. The admin user logs in again using **new email**, and verify the account settings had been changed.
|
||||
@ -25,4 +25,4 @@ User guide
|
||||
* User can log in using new email in Step 4 and the settings are the same as input in Step 2.
|
||||
|
||||
# Possible Problems:
|
||||
None
|
||||
None
|
||||
|
Loading…
Reference in New Issue
Block a user