From 6f10ac9c7857db12e69f2b91019c42bc4c1ff11d Mon Sep 17 00:00:00 2001 From: Stuart Clements Date: Mon, 21 Oct 2019 17:50:40 +0200 Subject: [PATCH] Converted optional params into a table --- docs/installation_guide.md | 232 +++++++++++++++++++++++++++---------- 1 file changed, 173 insertions(+), 59 deletions(-) diff --git a/docs/installation_guide.md b/docs/installation_guide.md index da71dace7..c50b28498 100644 --- a/docs/installation_guide.md +++ b/docs/installation_guide.md @@ -206,68 +206,182 @@ You can use certificates that are signed by a trusted third-party CA, or you can ### Optional parameters -- **http**: Do not use HTTP in production environments. Using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet. Using HTTP in environments that are not air-gapped exposes you to man-in-the-middle attacks. - - **port** : Port number for HTTP - -- **external_url**: Enable it if use external proxy, and when it enabled the hostname will no longer used - -- **clair**: Clair related configs - - **updaters_interval**: The interval of clair updaters, the unit is hour, set to 0 to disable the updaters - - **http_proxy**: Config http proxy for Clair, e.g. `http://my.proxy.com:3128`. - - **https_proxy**: Config https proxy for Clair, e.g. `http://my.proxy.com:3128`. - - **no_proxy**: Config no proxy for Clair, e.g. `127.0.0.1,localhost,core,registry`. - -- **chart**: chart related configs - - **absolute_url**: if set to enabled chart will use absolute url, otherwise set it to disabled, chart will use relative url. - -- **external_database**: external database configs, Currently only support POSTGRES. - - **harbor**: harbor's core database configs - - **host**: hostname for harbor core database - - **port**: port of harbor's core database - - **db_name**: database name of harbor core database - - **username**: username to connect harbor core database - - **password**: password to harbor core database - - **ssl_mode**: is enable ssl mode - - **max_idle_conns**: The maximum number of connections in the idle connection pool. If <=0 no idle connections are retained. The default value is 2. - - **max_open_conns**: The maximum number of open connections to the database. If <= 0 there is no limit on the number of open connections. The default value is 0. - - **clair**: clair's database configs - - **host**: hostname for clair database - - **port**: port of clair database - - **db_name**: database name of clair database - - **username**: username to connect clair database - - **password**: password to clair database - - **ssl_mode**: is enable ssl mode - - **notary_signer**: notary's signer database configs - - **host**: hostname for notary signer database - - **port**: port of notary signer database - - **db_name**: database name of notary signer database - - **username**: username to connect notary signer database - - **password**: password to notary signer database - - **ssl_mode**: is enable ssl mode - - **notary_server**: - - **host**: hostname for notary server database - - **port**: port of notary server database - - **db_name**: database name of notary server database - - **username**: username to connect notary server database - - **password**: password to notary server database - - **ssl_mode**: is enable ssl mode - -- **external_redis**: configs for use the external redis - - **host**: host for external redis - - **port**: port for external redis - - **password**: password to connect external host - - **registry_db_index**: db index for registry use - - **jobservice_db_index**: db index for jobservice - - **chartmuseum_db_index**: db index for chartmuseum + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ Optional Parameters for Harbor +
ParameterSub-ParametersDescription and Additional Parameters
http Do not use HTTP in production environments. Using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet. Using HTTP in environments that are not air-gapped exposes you to man-in-the-middle attacks.
 portPort number for HTTP
external_urlNoneEnable it if use external proxy, and when it enabled the hostname will no longer used
clair Clair related configs
 updaters_intervalThe interval of clair updaters, the unit is hour, set to 0 to disable the updaters
 http_proxyConfig http proxy for Clair, e.g. http://my.proxy.com:3128.
 https_proxyConfig https proxy for Clair, e.g. http://my.proxy.com:3128.
 no_proxyConfig no proxy for Clair, e.g. 127.0.0.1,localhost,core,registry.
chart chart related configs
 absolute_urlif set to enabled chart will use absolute url, otherwise set it to disabled, chart will use relative url.
external_database external database configs, Currently only support POSTGRES.
 harbor

harbor’s core database configs

+
    +
  • host: hostname for harbor core database
    • +
  • port: port of harbor’s core database
    • +
  • db_name: database name of harbor core database
    • +
  • username: username to connect harbor core database
    • +
  • password: password to harbor core database
    • +
  • ssl_mode: is enable ssl mode
    • +
  • max_idle_conns: The maximum number of connections in the idle connection pool. If <=0 no idle connections are retained. The default value is 2.
    • +
  • max_open_conns: The maximum number of open connections to the database. If <= 0 there is no limit on the number of open connections. The default value is 0.
    • +
 clairclair’s database configs +
    +
  • host: hostname for clair database
    • +
  • port: port of clair database
    • +
  • db_name: database name of clair database
    • +
  • username: username to connect clair database
    • +
  • password: password to clair database
    • +
  • ssl_mode: is enable ssl mode
    • +
 notary_signernotary’s signer database configs +
    +
  • host: hostname for notary signer database
    • +
  • port: port of notary signer database
    • +
  • db_name: database name of notary signer database
    • +
  • username: username to connect notary signer database
    • +
  • password: password to notary signer database
    • +
  • ssl_mode: is enable ssl mode
    • +
 notary_server
    +
  • host: hostname for notary server database
    • +
  • port: port of notary server database
    • +
  • db_name: database name of notary server database
    • +
  • username: username to connect notary server database
    • +
  • password: password to notary server database
    • +
  • ssl_mode: is enable ssl mode
    • +
external_redis configs for use the external redis
 hosthost for external redis
 portport for external redis
 passwordpassword to connect external host
 registry_db_indexdb index for registry use
 jobservice_db_indexdb index for jobservice
 chartmuseum_db_indexdb index for chartmuseum
storage_service By default, Harbor stores images and chart on your local filesystem. In a production environment, you may consider use other storage backend instead of the local filesystem, like S3, OpenStack Swift, Ceph, etc. These parameters are configurations for registry.
 ca_bundleThe path to the custom root ca certificate, which will be injected into the trust store of registry's and chart repository's containers. This is usually needed when the user hosts a internal storage with self signed certificate.
 provider_nameStorage configs for registry, default is filesystem. for more info about this configuration please refer https://docs.docker.com/registry/configuration/
 redirectdisable: set disable to true when you want to disable registry redirect
#### Configuring storage backend (optional) -- **storage_service**: By default, Harbor stores images and chart on your local filesystem. In a production environment, you may consider use other storage backend instead of the local filesystem, like S3, OpenStack Swift, Ceph, etc. These parameters are configurations for registry. - - **ca_bundle**: The path to the custom root ca certificate, which will be injected into the trust store of registry's and chart repository's containers. This is usually needed when the user hosts a internal storage with self signed certificate. - - **provider_name**: Storage configs for registry, default is filesystem. for more info about this configuration please refer https://docs.docker.com/registry/configuration/ - - **redirect**: - - **disable**: set disable to true when you want to disable registry redirect - For example, if you use Openstack Swift as your storage backend, the parameters may look like this: ``` yaml