More reorg

2024-10-01 06:47:33 +02:00 · 2019-12-18 17:01:55 +01:00 · 2019-12-18 17:01:55 +01:00 · 7342675a54
commit 7342675a54
parent f0328e70d7
5 changed files with 97 additions and 87 deletions
--- a/docs/harbor-doc-reorg/_index.md
+++ b/docs/harbor-doc-reorg/_index.md
@ -23,32 +23,31 @@ This section describes how to install Harbor and perform the required initial co

 This section describes how to use and maintain Harbor after deployment. These day 2 operations are performed by the Harbor Administrator.

- [Introduction](_index.md)
- [Configuring Authentication](configure_authentication/configure_authentication.md)
-   - [Configure Database Authentication](configure_authentication/db_auth.md)
-   - [Configure LDAP/Active Directory Authentication](configure_authentication/ldap_auth.md)
-   - [Configure OIDC Provider Authentication](configure_authentication/oidc_auth.md)
- [Role Based Access Control](managing_users/rbac.md)
-    - [User Permissions By Role](managing_users/user_permissions_by_role.md)
-    - [Create User Accounts in Database Mode](managing_users/create_users_db.md)
- [Administrator Options](general_settings.md)
- [Configure Project Settings](configure_project_settings.md)
- [Set Project Quotas](set_project_quotas.md)
- [Configuring Replication](configuring_replication/configuring_replication.md)
-    - [Create Replication Endpoints](configuring_replication/create_replication_endpoints.md)
-    - [Create Replication Rules](configuring_replication/create_replication_rules.md)
-    - [Manage Replications](configuring_replication/manage_replications.md) 
- [Vulnerability Scanning](vulnerability_scanning/vulnerability_scanning.md)
-    - [Connect Harbor to Additional Vulnerability Scanners](vulnerability_scanning/pluggable_scanners.md)
-    - [Scan an Individual Image](vulnerability_scanning/scan_individual_image.md)
-    - [Scan All Images](vulnerability_scanning/scan_all_images.md)
-    - [Schedule Scans](vulnerability_scanning/schedule_scans.md)
-    - [Import Vulnerability Data to an Offline Harbor instance](vulnerability_scanning/import_vulnerability_data.md)
-    - [Configure System-Wide CVE Whitelists](vulnerability_scanning/configure_system_whitelist.md)
- [Garbage Collection](garbage_collection.md)
- [Upgrading Harbor](upgrade/_index.md)
-  - [Upgrade Harbor and Migrate Data](upgrade/upgrade_migrate_data.md)
-  - [Roll Back an Upgrade](upgrade/roll_back_upgrade.md)
+- [Introduction](administration/_index.md)
+- [Configuring Authentication](administration/configure_authentication/configure_authentication.md)
+   - [Configure Database Authentication](administration/configure_authentication/db_auth.md)
+   - [Configure LDAP/Active Directory Authentication](administration/configure_authentication/ldap_auth.md)
+   - [Configure OIDC Provider Authentication](administration/configure_authentication/oidc_auth.md)
+- [Role Based Access Control](administration/managing_users/rbac.md)
+    - [User Permissions By Role](administration/managing_users/user_permissions_by_role.md)
+    - [Create User Accounts in Database Mode](administration/managing_users/create_users_db.md)
+- [Administrator Options](administration/general_settings.md)
+- [Configure Project Settings](administration/configure_project_settings.md)
+- [Configuring Replication](administration/configuring_replication/configuring_replication.md)
+    - [Create Replication Endpoints](administration/configuring_replication/create_replication_endpoints.md)
+    - [Create Replication Rules](administration/configuring_replication/create_replication_rules.md)
+    - [Manage Replications](administration/configuring_replication/manage_replications.md) 
+- [Vulnerability Scanning](administration/vulnerability_scanning/vulnerability_scanning.md)
+    - [Connect Harbor to Additional Vulnerability Scanners](administration/vulnerability_scanning/pluggable_scanners.md)
+    - [Scan an Individual Image](administration/vulnerability_scanning/scan_individual_image.md)
+    - [Scan All Images](administration/vulnerability_scanning/scan_all_images.md)
+    - [Schedule Scans](administration/vulnerability_scanning/schedule_scans.md)
+    - [Import Vulnerability Data to an Offline Harbor instance](administration/vulnerability_scanning/import_vulnerability_data.md)
+    - [Configure System-Wide CVE Whitelists](administration/vulnerability_scanning/configure_system_whitelist.md)
+- [Garbage Collection](administration/garbage_collection.md)
+- [Upgrading Harbor](administration/upgrade/_index.md)
+  - [Upgrade Harbor and Migrate Data](administration/upgrade/upgrade_migrate_data.md)
+  - [Roll Back an Upgrade](administration/upgrade/roll_back_upgrade.md)

 ## Working with Harbor Projects

--- a/docs/harbor-doc-reorg/administration/_index.md
+++ b/docs/harbor-doc-reorg/administration/_index.md
@ -1,14 +1,22 @@
+[Back to table of contents](../_index.md)
+
+----------
+
 # Harbor Administration

 This section describes how to configure and maintain Harbor after deployment. These operations are performed by the Harbor system administrator. The Harbor system administrator performs global configuration operations that apply to the whole Harbor instance.

 The operations that are performed by the Harbor system administrator are the following.

- Select database, LDAP/Active Directory, or OIDC based authentication. For information, see [Configuring Authentication](administration/configure_authentication/configure_authentication.md)
- Add users in database authentication mode and assign the system administrator role to other users. For information, see [Role Based Access Control](administration/managing_users/rbac.md)
- Configure general system settings. For information, see [Administrator Options](administration/general_settings.md)
- Configure how projects are created, and apply resource quotas to projects. For information, see [Configure Project Settings](administration/configure_project_settings.md)
- Set up replication of images between Harbor and another Harbor instance or a 3rd party replication target. For information, see [Configuring Replication](administration/configuring_replication/configuring_replication.md)
- Set up vulnerability scanners to check the images in the registry for CVE vulnerabilities. For information, see [Vulnerability Scanning](administration/vulnerability_scanning/vulnerability_scanning.md)
- Perform garbage collection, to remove unnecessary data from Harbor. For information, see [Garbage Collection](administration/garbage_collection.md)
- Upgrade Harbor when a new version becomes available. For information, see [Upgrading Harbor](administration/upgrade/_index.md)
+- Select database, LDAP/Active Directory, or OIDC based authentication. For information, see [Configuring Authentication](configure_authentication/configure_authentication.md)
+- Add users in database authentication mode and assign the system administrator role to other users. For information, see [Role Based Access Control](managing_users/rbac.md)
+- Configure general system settings. For information, see [Administrator Options](general_settings.md)
+- Configure how projects are created, and apply resource quotas to projects. For information, see [Configure Project Settings](configure_project_settings.md)
+- Set up replication of images between Harbor and another Harbor instance or a 3rd party replication target. For information, see [Configuring Replication](configuring_replication/configuring_replication.md)
+- Set up vulnerability scanners to check the images in the registry for CVE vulnerabilities. For information, see [Vulnerability Scanning](vulnerability_scanning/vulnerability_scanning.md)
+- Perform garbage collection, to remove unnecessary data from Harbor. For information, see [Garbage Collection](garbage_collection.md)
+- Upgrade Harbor when a new version becomes available. For information, see [Upgrading Harbor](upgrade/_index.md)
+
+----------
+
+[Back to table of contents](../_index.md)
--- a/docs/harbor-doc-reorg/administration/configure_project_settings.md
+++ b/docs/harbor-doc-reorg/administration/configure_project_settings.md
@ -1,9 +1,55 @@
+[Back to table of contents](../_index.md)
+
+----------
+
 # Configure Project Settings

 Use the **Project Creation** drop-down menu to set which users can create projects. Select **Everyone** to allow all users to create projects. Select **Admin Only** to allow only users with the Administrator role to create projects.  
 ![browse project](../../img/new_proj_create.png)

-[Set Project Quotas](set_project_quotas.md)
+## Set Project Quotas
+
+To exercise control over resource use, as a Harbor system administrator you can set  quotas on projects. You can limit the number of tags that a project can contain and limit the amount of storage capacity that a project can consume. You can set default quotas that apply to all projects globally.
+
+**NOTE**: Default quotas apply to projects that are created after you set or change the default quota. The default quota is not applied to projects that already existed before you set it.
+
+You can also set quotas on individual projects. If you set a global default quota and you set different quotas on individual projects, the per-project quotas are applied.
+
+By default, all projects have unlimited quotas for both tags and storage use. 
+
+1. Select the **Project Quotas** view.
+   ![Project quotas](../../img/project-quota1.png)
+1. To set global default quotas on all projects, click **Edit**.
+
+   ![Project quotas](../../img/project-quota2.png)
+   1. For **Default artifact count**, enter the maximum number of tags that any project can contain at a given time, or enter `-1` to set the default to unlimited.   
+   1. For **Default storage consumption**, enter the maximum quantity of storage that any project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu, or enter `-1` to set the default to unlimited.  
+   ![Project quotas](../../img/project-quota3.png)
+   1. Click **OK**.
+1. To set quotas on an individual project, click the 3 vertical dots next to a project and select **Edit**.
+   ![Project quotas](../../img/project-quota4.png)
+   1. For **Default artifact count**, enter the maximum number of tags that this individual project can contain, or enter `-1` to set the default to unlimited. 
+   1. For **Default storage consumption**, enter the maximum quantity of storage that this individual project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu.
+
+After you set quotas, you can see how much of their quotas each project has consumed.
+
+![Project quotas](../../img/project-quota5.png)
+
+### How Harbor Calculates Resource Usage
+
+When setting project quotas, it is useful to know how Harbor calculates tag numbers and storage use, especially in relation to image pushing, retagging, and garbage collection.
+
+- Harbor computes image size when blobs and manifests are pushed from the Docker client.
+- Harbor computes tag counts when manifests are pushed from the Docker client.
+
+   **NOTE**: When users push an image, the manifest is pushed last, after all of the associated blobs have been pushed successfully to the registry. If several images are pushed concurrently and if there is an insufficient number of tags left in the quota for all of them, images are accepted in the order that their manifests arrive. Consequently, an attempt to push an image might not be immediately rejected for exceeding the quota. This is because there was availability in the tag quota when the push was initiated, but by the time the manifest arrived the quota had been exhausted.
+- Shared blobs are only computed once per project. In Docker, blob sharing is defined globally. In Harbor, blob sharing is defined at the project level. As a consequence, overall storage usage can be greater than the actual disk capacity.
+- Retagging images reserves and releases resources: 
+  -  If you retag an image within a project, the tag count increases by one, but storage usage does not change because there are no new blobs or manifests.
+  - If you retag an image from one project to another, the tag count and storage usage both increase.
+- During garbage collection, Harbor frees the storage used by untagged blobs in the project.
+- If the tag count reaches the limit, image blobs can be pushed into a project and storage usage is updated accordingly. You can consider these blobs to be untagged blobs. They can be removed by garbage collection, and the storage that they consume is returned after garbage colletion.
+- Helm chart size is not calculated. Only tag counts are calculated.

 ----------

--- a/docs/harbor-doc-reorg/administration/managing_users/rbac.md
+++ b/docs/harbor-doc-reorg/administration/managing_users/rbac.md
@ -1,3 +1,7 @@
+[Back to table of contents](../../_index.md)
+
+----------
+
 # Harbor Role Based Access Control (RBAC)  

 Harbor manages images through projects. You provide access to these images to users by including the users in projects and assigning one of the following roles to them.  
@ -27,4 +31,8 @@ Harbor system administrators can assign the Harbor system administrator role to

 ![browse project](../../img/new_set_admin_remove_user.png)

-To delete users, select a user and click `DELETE`. Deleting user is only supported under database authentication mode.
+To delete users, select a user and click `DELETE`. Deleting user is only supported under database authentication mode.
+
+----------
+
+[Back to table of contents](../../_index.md)
--- a/docs/harbor-doc-reorg/administration/set_project_quotas.md
+++ b/docs/harbor-doc-reorg/administration/set_project_quotas.md
@ -1,51 +0,0 @@
-[Back to table of contents](../_index.md)
-
----------
-
-# Set Project Quotas
-
-To exercise control over resource use, as a Harbor system administrator you can set  quotas on projects. You can limit the number of tags that a project can contain and limit the amount of storage capacity that a project can consume. You can set default quotas that apply to all projects globally.
-
-**NOTE**: Default quotas apply to projects that are created after you set or change the default quota. The default quota is not applied to projects that already existed before you set it.
-
-You can also set quotas on individual projects. If you set a global default quota and you set different quotas on individual projects, the per-project quotas are applied.
-
-By default, all projects have unlimited quotas for both tags and storage use. 
-
-1. Select the **Project Quotas** view.
-   ![Project quotas](../../img/project-quota1.png)
-1. To set global default quotas on all projects, click **Edit**.
-
-   ![Project quotas](../../img/project-quota2.png)
-   1. For **Default artifact count**, enter the maximum number of tags that any project can contain at a given time, or enter `-1` to set the default to unlimited.   
-   1. For **Default storage consumption**, enter the maximum quantity of storage that any project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu, or enter `-1` to set the default to unlimited.  
-   ![Project quotas](../../img/project-quota3.png)
-   1. Click **OK**.
-1. To set quotas on an individual project, click the 3 vertical dots next to a project and select **Edit**.
-   ![Project quotas](../../img/project-quota4.png)
-   1. For **Default artifact count**, enter the maximum number of tags that this individual project can contain, or enter `-1` to set the default to unlimited. 
-   1. For **Default storage consumption**, enter the maximum quantity of storage that this individual project can consume, selecting `MB`, `GB`, or `TB` from the drop-down menu.
-
-After you set quotas, you can see how much of their quotas each project has consumed.
-
-![Project quotas](../../img/project-quota5.png)
-
-## How Harbor Calculates Resource Usage
-
-When setting project quotas, it is useful to know how Harbor calculates tag numbers and storage use, especially in relation to image pushing, retagging, and garbage collection.
-
- Harbor computes image size when blobs and manifests are pushed from the Docker client.
- Harbor computes tag counts when manifests are pushed from the Docker client.
-
-   **NOTE**: When users push an image, the manifest is pushed last, after all of the associated blobs have been pushed successfully to the registry. If several images are pushed concurrently and if there is an insufficient number of tags left in the quota for all of them, images are accepted in the order that their manifests arrive. Consequently, an attempt to push an image might not be immediately rejected for exceeding the quota. This is because there was availability in the tag quota when the push was initiated, but by the time the manifest arrived the quota had been exhausted.
- Shared blobs are only computed once per project. In Docker, blob sharing is defined globally. In Harbor, blob sharing is defined at the project level. As a consequence, overall storage usage can be greater than the actual disk capacity.
- Retagging images reserves and releases resources: 
-  -  If you retag an image within a project, the tag count increases by one, but storage usage does not change because there are no new blobs or manifests.
-  - If you retag an image from one project to another, the tag count and storage usage both increase.
- During garbage collection, Harbor frees the storage used by untagged blobs in the project.
- If the tag count reaches the limit, image blobs can be pushed into a project and storage usage is updated accordingly. You can consider these blobs to be untagged blobs. They can be removed by garbage collection, and the storage that they consume is returned after garbage colletion.
- Helm chart size is not calculated. Only tag counts are calculated.
- 
----------
-
-[Back to table of contents](../_index.md)