Migrated last of the UG into reorg

This commit is contained in:
Stuart Clements 2019-12-17 11:20:25 +01:00
parent 7fb24c3dbb
commit e1e17165a4
11 changed files with 44 additions and 21 deletions

Binary file not shown.

After

Width:  |  Height:  |  Size: 34 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 21 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 208 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 41 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 153 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 168 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 95 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 165 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 181 KiB

View File

@ -26,6 +26,20 @@ There are two views to show repositories, list view and card view, you can switc
![browse repositories](../img/browse_project_repositories.png)
Project properties can be changed by clicking "Configuration".
* To make all repositories under the project accessible to everyone, select the `Public` checkbox.
* To prevent un-signed images under the project from being pulled, select the `Enable content trust` checkbox.
![browse project](../img/project_configuration.png)
## Searching Projects and Repositories
Entering a keyword in the search field at the top lists all matching projects and repositories. The search result includes both public and private repositories you have access to.
![browse project](../img/new_search.png)
## What to Do Next
[Assign Users to a Project](add_users.md)

View File

@ -1,55 +1,61 @@
# Pulling and pushing images using Docker client
# Pulling and Pushing Images in the Docker Client
**NOTE: Harbor only supports Registry V2 API. You need to use Docker client 1.6.0 or higher.**
**NOTE**: Harbor only supports the Registry V2 API. You must use Docker client 1.6.0 or higher.
Harbor supports HTTP by default and Docker client tries to connect to Harbor using HTTPS first, so if you encounter an error as below when you pull or push images, you need to configure insecure registry. Please, read [this document](https://docs.docker.com/registry/insecure/) in order to understand how to do this.
Harbor optionally supports HTTP connections, however the Docker client always attempts to connect to registries by first using HTTPS. If Harbor is configured for HTTP, you must configure your Docker client so that it can connect to insecure registries. In your Docker client is not configured for insecure registries, you will see the following error when you attempt to pull or push images to Harbor:
```Error response from daemon: Get https://myregistrydomain.com/v1/users/: dial tcp myregistrydomain.com:443 getsockopt: connection refused.```
<pre>
Error response from daemon: Get https://<i>myregistrydomain.com</i>/v1/users/: dial tcp <i>myregistrydomain.com</i>:443 getsockopt: connection refused.
</pre>
If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add
`--insecure-registry myregistrydomain.com` to the daemon's start up arguments.
For information about how to add insecure registries to your Docker client, see [Connecting to Harbor via HTTP](installation_guide.md#connect_http) in the *Harbor Installation and Configuration Guide*.
In the case of HTTPS, if you have access to the registry's CA certificate, simply place the CA certificate at /etc/docker/certs.d/myregistrydomain.com/ca.crt .
You also see this error if Harbor uses HTTPS with an unknown CA certificate. In this case, obtain the registry's CA certificate, and copy it to <code>/etc/docker/certs.d/<i>myregistrydomain.com</i>/ca.crt</code>.
### Pulling images
## Pulling Images
If the project that the image belongs to is private, you should sign in first:
```sh
```
sh
$ docker login 10.117.169.182
```
You can now pull the image:
```sh
```
sh
$ docker pull 10.117.169.182/library/ubuntu:14.04
```
**Note: Replace "10.117.169.182" with the IP address or domain name of your Harbor node. You cannot pull a unsigned image if you enabled content trust.**
**Note**: Replace "10.117.169.182" with the IP address or domain name of your Harbor node. You cannot pull an unsigned image if you enabled content trust.
### Pushing images
## Pushing Images
Before pushing an image, you must create a corresponding project on Harbor web UI.
First, log in from Docker client:
```sh
```
sh
$ docker login 10.117.169.182
```
Tag the image:
```sh
```
sh
$ docker tag ubuntu:14.04 10.117.169.182/demo/ubuntu:14.04
```
Push the image:
```sh
```
sh
$ docker push 10.117.169.182/demo/ubuntu:14.04
```
**Note: Replace "10.117.169.182" with the IP address or domain name of your Harbor node.**
### Add description to repositories
## Add Descriptions to Repositories
After pushing an image, an Information can be added by project admin to describe this repository.
@ -57,13 +63,13 @@ Go into the repository and select the "Info" tab, and click the "EDIT" button.
![edit info](../img/edit_description.png)
### Download the harbor certs
## Download the Harbor Certificate
Users can click the "registry certificate" link to download the registry certificate.
![browse project](../img/download_harbor_certs.png)
### Deleting repositories
## Deleting Repositories
Repository deletion runs in two steps.
@ -77,8 +83,11 @@ the repository is no longer managed in Harbor, however, the files of the reposit
Next, delete the actual files of the repository using the [garbage collection](#online-garbage-collection) in Harbor's UI.
## Pull image from Harbor in Kubernetes
## Pulling Images from Harbor in Kubernetes
Kubernetes users can easily deploy pods with images stored in Harbor. The settings are similar to that of another private registry. There are two major issues:
1. When your Harbor instance is hosting http and the certificate is self signed. You need to modify daemon.json on each work node of your cluster, for details please refer to: https://docs.docker.com/registry/insecure/#deploy-a-plain-http-registry
2. If your pod references an image under private project, you need to create a secret with the credentials of user who has permission to pull image from this project, for details refer to: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/