diff --git a/docs/harbor-doc-reorg/_index.md b/docs/harbor-doc-reorg/_index.md index 4126eb628..de225b8ea 100644 --- a/docs/harbor-doc-reorg/_index.md +++ b/docs/harbor-doc-reorg/_index.md @@ -7,10 +7,10 @@ This is the main table of contents for the Harbor documentation. This section describes how to install Harbor and perform the required initial configurations. These day 1 operations are performed by the Harbor Administrator. - [Harbor Installation and Configuration](install_config/_index.md) - - [Installing Harbor](install_config/installation/_index.md) + - [Installing Harbor](install_config/installation/_index.md) - [Test Harbor with the Demo Server](install_config/installation/demo_server.md) - [Harbor Installation Prerequisites](install_config/installation/installation_prereqs.md) - - [Configure HTTPS Access to Harbor](install_config/installation/configure_https.md) + - **[Configure HTTPS Access to Harbor](install_config/installation/configure_https.md)** - [Download the Harbor Installer](install_config/installation/download_installer.md) - [Configure the Harbor YML File](install_config/installation/configure_yml_file.md) - [Run the Installer Script](install_config/installation/run_installer_script.md) diff --git a/docs/harbor-doc-reorg/install_config/configuration/reconfigure_manage_lifecycle.md b/docs/harbor-doc-reorg/install_config/configuration/reconfigure_manage_lifecycle.md index f2f846ac2..456ed3a0b 100644 --- a/docs/harbor-doc-reorg/install_config/configuration/reconfigure_manage_lifecycle.md +++ b/docs/harbor-doc-reorg/install_config/configuration/reconfigure_manage_lifecycle.md @@ -70,3 +70,4 @@ $ sudo docker-compose up -d ``` Please check the [Docker Compose command-line reference](https://docs.docker.com/compose/reference/) for more on docker-compose. + diff --git a/docs/harbor-doc-reorg/install_config/installation/configure_yml_file.md b/docs/harbor-doc-reorg/install_config/installation/configure_yml_file.md index 88336712e..56e142b9b 100644 --- a/docs/harbor-doc-reorg/install_config/installation/configure_yml_file.md +++ b/docs/harbor-doc-reorg/install_config/installation/configure_yml_file.md @@ -50,7 +50,7 @@ You can use certificates that are signed by a trusted third-party CA, or you can
harbor_admin_password
admin
and Harbor12345
.admin
and Harbor12345
.database
chartmuseum_db_index
uaa
ca_file
/path/to/ca
.gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 644FF454C0B4115C+ + You should see the message ` public key "Harbor-sign (The key for signing Harbor build)
gpg -v --keyserver hkps://keyserver.ubuntu.com --verify harbor-online-installer-version.tgz.asc+ - Offline installer:
gpg -v --keyserver hkps://keyserver.ubuntu.com --verify harbor-offline-installer-version.tgz.asc+ + The `gpg` command verifies that the signature of the bundle matches that of the `*.asc` key file. You should see confirmation that the signature is correct. + +
+ gpg: armor header: Version: GnuPG v1 + gpg: assuming signed data in 'harbor-offline-installer-v1.10.0-rc2.tgz' + gpg: Signature made Fri, Dec 6, 2019 5:04:17 AM WEST + gpg: using RSA key 644FF454C0B4115C + gpg: using pgp trust model + gpg: Good signature from "Harbor-sign (The key for signing Harbor build) <jiangd@vmware.com> [unknown] +1. Use `tar` to extract the installer package: - Online installer:
bash $ tar xvf harbor-online-installer-version.tgzdiff --git a/docs/harbor-doc-reorg/install_config/installation/installation_prereqs.md b/docs/harbor-doc-reorg/install_config/installation/installation_prereqs.md index 628e08a00..6e2ac1ed8 100644 --- a/docs/harbor-doc-reorg/install_config/installation/installation_prereqs.md +++ b/docs/harbor-doc-reorg/install_config/installation/installation_prereqs.md @@ -1,8 +1,8 @@ # Harbor Installation Prerequisites -Harbor is deployed as several Docker containers. You can therefore deploy it on any Linux distribution that supports Docker. The target host requires Docker and Docker Compose to be installed. +Harbor is deployed as several Docker containers. You can therefore deploy it on any Linux distribution that supports Docker. The target host requires Docker, and Docker Compose to be installed. -## Hardware +### Hardware The following table lists the minimum and recommended hardware configurations for deploying Harbor. @@ -12,25 +12,25 @@ The following table lists the minimum and recommended hardware configurations fo |Mem|4 GB|8 GB| |Disk|40 GB|160 GB| -## Software +### Software The following table lists the software versions that must be installed on the target host. |Software|Version|Description| |---|---|---| -|Docker Engine|17.06.0-ce+ or higher|For installation instructions, see the [Docker Engine doc](https://docs.docker.com/engine/installation/)| -|Docker Compose|1.18.0 or higher|For installation instructions, see [Docker Compose doc](https://docs.docker.com/compose/install/)| -|OpenSSL|Latest is preferred|Used to generate the Harbor certificate and keys| +|Docker engine|version 17.06.0-ce+ or higher|For installation instructions, see [docker engine doc](https://docs.docker.com/engine/installation/)| +|Docker Compose|version 1.18.0 or higher|For installation instructions, see [docker compose doc](https://docs.docker.com/compose/install/)| +|Openssl|latest is preferred|Used to generate certificate and keys for Harbor| -## Network ports +### Network ports Harbor requires that the following ports be open on the target host. |Port|Protocol|Description| |---|---|---| -|443|HTTPS|Harbor interface and core API accept HTTPS requests on this port. You can change this port in the configuration file.| +|443|HTTPS|Harbor portal and core API accept HTTPS requests on this port. You can change this port in the configuration file.| |4443|HTTPS|Connections to the Docker Content Trust service for Harbor. Only required if Notary is enabled. You can change this port in the configuration file.| -|80|HTTP|Harbor interface and core API accept HTTP requests on this port. You can change this port in the configuration file.| +|80|HTTP|Harbor portal and core API accept HTTP requests on this port. You can change this port in the configuration file.| ## What to Do Next ## diff --git a/docs/harbor-doc-reorg/install_config/installation/run_installer_script.md b/docs/harbor-doc-reorg/install_config/installation/run_installer_script.md index 82a626bfe..6b70b637b 100644 --- a/docs/harbor-doc-reorg/install_config/installation/run_installer_script.md +++ b/docs/harbor-doc-reorg/install_config/installation/run_installer_script.md @@ -27,7 +27,7 @@ $ docker login reg.yourdomain.com $ docker push reg.yourdomain.com/myproject/myrepo:mytag ``` -**IMPORTANT:** If your installation of Harbor uses HTTP, you must add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service. +**IMPORTANT:** If your installation of Harbor uses HTTP, you must add the option `--insecure-registry` to your client's Docker daemon and restart the Docker service. For more information, see [Connecting to Harbor via HTTP](#connect_http) below. ## Installation with Notary @@ -51,6 +51,8 @@ To install Harbor with Clair service, add the `--with-clair` parameter when you For more information about Clair, see the [Clair documentation](https://coreos.com/clair/docs/2.0.1/). +By default, Harbor limits the CPU usage of the Clair container to 150000 to avoid it using up all CPU resources. This is defined in the `docker-compose.clair.yml` file. You can modify this file based on your hardware configuration. + ## Installation with Chart Repository Service To install Harbor with chart repository service, add the `--with-chartmuseum` parameter when you run ```install.sh```: @@ -67,6 +69,31 @@ If you want to install all three of Notary, Clair and chart repository service, $ sudo ./install.sh --with-notary --with-clair --with-chartmuseum ``` + +## Connecting to Harbor via HTTP + +**IMPORTANT:** If your installation of Harbor uses HTTP rather than HTTPS, you must add the option `--insecure-registry` to your client's Docker daemon. By default, the daemon file is located at `/etc/docker/daemon.json`. + +For example, add the following to your `daemon.json` file: + +
+{ +"insecure-registries" : ["myregistrydomain.com:5000", "0.0.0.0"] +} ++ +After you update `daemon.json`, you must restart both Docker Engine and Harbor. + +1. Restart Docker Engine. + + `systemctl restart docker` +1. Stop Harbor. + + `docker-compose down -v` +1. Restart Harbor. + + `docker-compose up -d` + ## What to Do Next ## If installation succeeds, continue to set up Harbor by following the instructions in [Post-Installation Configuration](install_config/configuration/_index.md) and [Initial Configuration in the Harbor UI](install_config/configuration/initial_config_ui.md). diff --git a/docs/harbor-doc-reorg/install_config/installation/troubleshoot_installation.md b/docs/harbor-doc-reorg/install_config/installation/troubleshoot_installation.md index db8dedcca..cdd5ab2c0 100644 --- a/docs/harbor-doc-reorg/install_config/installation/troubleshoot_installation.md +++ b/docs/harbor-doc-reorg/install_config/installation/troubleshoot_installation.md @@ -2,6 +2,8 @@ ## Harbor Doesn't Start or Functions Incorrectly +Harbor Doesn't Start or Functions Incorrectly + When Harbor does not function correctly, run the following commands to find out if all of Harbor's containers in **UP** status: ``` $ sudo docker-compose ps @@ -20,7 +22,7 @@ When Harbor does not function correctly, run the following commands to find out If a container is not in the `Up` state, check the log file for that container in `/var/log/harbor`. For example, if the `harbor-core` container is not running, look at the `core.log` log file. -## Using nginx or Load Balancing +### Using nginx or Load Balancing When setting up Harbor behind an `nginx` proxy or elastic load balancing, look for the following line in `common/config/nginx/nginx.conf` and, if the proxy already has similar settings, remove it from the sections `location /`, `location /v2/` and `location /service/`.