All content now migrated into new structure

This commit is contained in:
Stuart Clements 2019-12-17 12:42:52 +01:00
parent e1e17165a4
commit 6a03724223
6 changed files with 96 additions and 30 deletions

View File

@ -1,4 +1,4 @@
# Roll Back an Upgrade
# Roll Back from an Upgrade
If, for any reason, you want to roll back to the previous version of Harbor, perform the following steps:
@ -31,4 +31,4 @@ If, for any reason, you want to roll back to the previous version of Harbor, per
./install.sh
```
**NOTE**: While you can roll back an upgrade to the state before you started the upgrade, Harbor does not support downgrades.
**NOTE**: While you can roll back an upgrade to the state before you started the upgrade, Harbor does not support downgrades.

View File

@ -14,7 +14,7 @@ Since the migration might alter the database schema and the settings of `harbor.
- With the introduction of storage and artifact quotas in version 1.9.0, migration from 1.7.x and 1.8.x might take a few minutes. This is because the `core` walks through all blobs in the registry and populates the database with information about the layers and artifacts in projects.
- With the introduction of storage and artifact quotas in version 1.9.0, replication between version 1.9.0 and a previous version of Harbor does not work. You must upgrade all Harbor nodes to 1.9.0 if you have configured replication between them.
## Procedure
## Upgrading Harbor and Migrating Data
1. Log in to the host that Harbor runs on, stop and remove existing Harbor instance if it is still running:
@ -38,12 +38,19 @@ Since the migration might alter the database schema and the settings of `harbor.
3. Get the latest Harbor release package from Github:
[https://github.com/goharbor/harbor/releases](https://github.com/goharbor/harbor/releases)
4. Before upgrading Harbor, perform a migration first. The migration tool is delivered as a docker image, so you should pull the image from docker hub. Replace [tag] with the release version of Harbor (for example, v1.9.0) in the command below:
4. Before upgrading Harbor, perform migration first. The migration tool is delivered as a docker image.
You can pull the image from docker hub. Replace [tag] with the release version of Harbor (e.g. v1.5.0) in the below command:
```sh
docker pull goharbor/harbor-migrator:[tag]
```
Alternatively, if you are using an offline installer package you can load it from the image tarball included in the offline installer package. Replace [version] with the release version of Harbor (e.g. v1.5.0) in the below command:
```sh
tar zxf <offline package>
docker image load -i harbor/harbor.[version].tar.gz
```
5. If you are current version is v1.7.x or earlier, i.e. migrate config file from `harbor.cfg` to `harbor.yml`.
**NOTE:** You can find the ${harbor_yml} in the extracted installer you got in step `3`, after the migration the file `harbor.yml`

View File

@ -1,18 +1,32 @@
# Registry Landscape
The cloud native ecosystem is moving rapidlyregistries and their featuresets are no exception. We've made our best effort to survey the container registry landscape and compare to our core featureset.
The cloud native ecosystem is moving rapidlyregistries and their feature sets are no exception. We've made our best effort to survey the container registry landscape and compare to our core feature set.
If you find something outdated or outright erroneous, please submit a PR and we'll fix it right away.
| Feature | Harbor | Docker Trusted Registry | Quay | Cloud Providers (GCP, AWS, Azure) | Docker Distribution | Artifactory |
| -------------: | :----: | :---------------------: | :--: | :-------------------------------: | :-----------------: | :---------: |
| Local Auth | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ |
| LDAP-based Auth | ✓ | ✓ | ✓ | partial | ✗ | ✓ |
| Content Trust and Validation | ✓ | ✓ | ✗ | ✗ | partial | partial |
| Vulnerability Scanning & Monitoring | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ |
| Replication | ✓ | ✓ | ✓ | n/a | ✗ | ✓ |
| Multi-Tenancy (projects, teams, etc.) | ✓ | ✓ | ✓ | partial | ✗ | ✓ |
| Role-Based Access Control | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ |
| Custom TLS Certificates | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Ability to Determine Version of Binaries in Containers | ✓ | ✓ | ✓ | ✗ | ✗ | ? |
| Upstream Registry Proxy Cache | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ |
| Audit Logs | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ |
Table updated on 10/21/2019 against Harbor 1.9.
| Feature | Harbor | Docker Trusted Registry | Quay | Cloud Providers (GCP, AWS, Azure) | Docker Distribution | Artifactory | GitLab |
| -------------: | :----: | :---------------------: | :-----: | :-------------------------------: | :-----------------: | :---------: | :------: |
| Ability to Determine Version of Binaries in Containers | ✓ | ✓ | ✓ | ✗ | ✗ | ? | ? |
| Artifact Repository (rpms, git, jar, etc) | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | partial |
| Audit Logs | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Content Trust and Validation | ✓ | ✓ | ✗ | ✗ | partial | partial | ✗ |
| Custom TLS Certificates | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ |
| Helm Chart Repository Manager | ✓ | ✗ | partial | ✗ | ✗ | ✓ | ✗ |
| LDAP-based Auth | ✓ | ✓ | ✓ | partial | ✗ | ✓ | ✓ |
| Local Auth | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ |
| Multi-Tenancy (projects, teams, namespaces, etc) | ✓ | ✓ | ✓ | partial | ✗ | ✓ | ✓ |
| Open Source | ✓ | partial | ✗ | ✗ | ✓ | partial | partial |
| Project Quotas (by image count & storage consumption) | ✓ | ✗ | ✗ | partial | ✗ | ✗ | ✗ |
| Replication between instances | ✓ | ✓ | ✓ | n/a | ✗ | ✓ | ✗ |
| Replication between non-instances | ✓ | ✗ | ✓ | n/a | ✗ | ✗ | ✗ |
| Robot Accounts for Helm Charts | ✓ | ✗ | ✗ | ? | ✗ | ✗ | ✗ |
| Robot Accounts for Images | ✓ | ? | ✓ | ? | ✗ | ? | ? |
| Role-Based Access Control | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ |
| Single Sign On (OIDC) | ✓ | ✓ | ✓ | ✓ | ✗ | partial | ✗ |
| Tag Retention Policy | ✓ | ✗ | partial | ✗ | ✗ | ✗ | ✗ |
| Upstream Registry Proxy Cache | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | ✗ |
| Vulnerability Scanning & Monitoring | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | partial |
| Vulnerability Scanning Plugin Framework | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Vulnerability Whitelisting | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Webhooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |

View File

@ -1,4 +1,4 @@
# Developing the Harbor Frontend
# Harbor frontend environment get started guide
If you already have a harbor backend environment, you can build a frontend development environment with the following configuration.
@ -84,17 +84,11 @@ If you already have a harbor backend environment, you can build a frontend devel
npm install
```
3. Compile the frontend code by the following command.
```
npm run build_all
```
4. Execute the following commandserve Harbor locally.
3. Execute the following commandserve Harbor locally.
```
npm run start
```
5. Then you can visit the Harbor by address: https://localhost:4200.
4. Then you can visit the Harbor by address: https://localhost:4200.

View File

@ -1,4 +1,4 @@
# Using Make
### Variables
Variable | Description
-------------------|-------------
BASEIMAGE | Container base image, default: photon
@ -36,10 +36,10 @@ version | set harbor version
#### EXAMPLE:
#### Build and run harbor from source code.
make install GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
make install GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
### Package offline installer
make package_offline GOBUILDIMAGE=golang:1.12.5 COMPILETAG=compile_golangimage NOTARYFLAG=true
make package_offline GOBUILDIMAGE=golang:1.13.4 COMPILETAG=compile_golangimage NOTARYFLAG=true
### Start harbor with notary
make -e NOTARYFLAG=true start

View File

@ -0,0 +1,51 @@
# Harbor Compatibility List
This document provides compatibility information for all Harbor components.
## Replication Adapters
| | Registries | Pull Mode | Push Mode | Introduced in Release | Automated Pipeline Covered |
|-----|------------------|-----------|-----------|-----------------------|---------------------------|
| [Harbor](https://goharbor.io/)| ![Harbor](img/replication_adapters/harbor_logo.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [distribution](https://github.com/docker/distribution) | ![distribution](img/replication_adapters/distribution.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [docker hub](https://hub.docker.com/) | ![docker hub](img/replication_adapters/docker_hub.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | Y |
| [Huawei SWR](https://www.huaweicloud.com/en-us/product/swr.html) | ![Huawei SWR](img/replication_adapters/hw.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.8 | N |
| [GCR](https://cloud.google.com/container-registry/) | ![GCR](img/replication_adapters/gcr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | Y |
| [ECR](https://aws.amazon.com/ecr/) | ![ECR](img/replication_adapters/ecr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | Y |
| [ACR](https://azure.microsoft.com/en-us/services/container-registry/) | ![ACR](img/replication_adapters/acr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | N |
| [AliCR](https://www.alibabacloud.com/product/container-registry) | ![AliCR](img/replication_adapters/ali-cr.png)|![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| V1.9 | N |
| [Helm Hub](https://hub.helm.sh/) | ![Helm Hub](img/replication_adapters/helm-hub.png)|![Y](img/replication_adapters/right.png)| N/A | V1.9 | N |
| [Artifactory](https://jfrog.com/artifactory/) | ![Artifactory](img/replication_adapters/artifactory.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
| [Quay](https://github.com/quay/quay) | ![Quay](img/replication_adapters/quay.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
| [GitLab Registry](https://docs.gitlab.com/ee/user/packages/container_registry/) | ![GitLab Registry](img/replication_adapters/gitlab.png)|![Y](img/replication_adapters/right.png)| ![Y](img/replication_adapters/right.png) | V1.10 | N |
**Notes**:
* `Pull` mode replicates artifacts from the specified source registries into Harbor.
* `Push` mode replicates artifacts from Harbor to the specified target registries.
## OIDC Adapters
| | OIDC Providers | Officially Verified | End User Verified | Verified in Release |
|---|-----------------|---------------------|---------------------|-----------------------|
| [Google Identity](https://developers.google.com/identity/protocols/OpenIDConnect) | ![google identity](img/OIDC/google_identity.png)| ![Y](img/replication_adapters/right.png) | |V1.9|
| [Dex](https://github.com/dexidp/dex) | ![dex](img/OIDC/dex.png) | ![Y](img/replication_adapters/right.png)| | V1.9 |
| [Ping Identity](https://www.pingidentity.com) | ![ping identity](img/OIDC/ping.png) | | ![Y](img/replication_adapters/right.png)| V1.9 |
| [Keycloak](https://www.keycloak.org/) | ![Keycloak](img/OIDC/keycloak.png) | ![Y](img/replication_adapters/right.png) | | V1.10 |
| [Auth0](https://auth0.com/) | ![Auth0](img/OIDC/auth0.png) | ![Y](img/replication_adapters/right.png) | | V1.10 |
## Scanner Adapters
| | Scanners | Providers | Evaluated | As Default | Onboard in Release |
|---|----------|-----------|-----------|------------|--------------------|
| [Clair](https://github.com/goharbor/harbor-scanner-clair) |![Clair](img/scanners/clair.png)| CentOS |![Y](img/replication_adapters/right.png)|![Y](img/replication_adapters/right.png)| v1.10 |
| [Anchore](https://github.com/anchore/harbor-scanner-adapter) |![Anchore](img/scanners/anchore.png) | Anchore |![Y](img/replication_adapters/right.png)| N | v1.10 |
| [Trivy](https://github.com/aquasecurity/harbor-scanner-trivy)|![Trivy](img/scanners/trivy.png)| Aqua |![Y](img/replication_adapters/right.png)| N | v1.10 |
| [CSP](https://github.com/aquasecurity/harbor-scanner-aqua) |![Aqua](img/scanners/aqua.png)| Aqua | N | N | v1.10 |
| [DoSec](https://github.com/dosec-cn/harbor-scanner/blob/master/README_en.md)|![DoSec](img/scanners/dosec.png) | DoSec | N | N | v1.10 |
**Notes:**
* `Evaluated` means that the scanner implementation has been officially tested and verified.
* `As Default` means that the scanner is provided as a default option and can be deployed together with the main Harbor components by providing extra options during installation. You must install other scanners manually.