Introduction

When you deploy Harbor Registry on Kubernetes you earn the flexibility and scalability of Kubernetes with the robust features of Harbor, offering a great solution for managing container images and Helm charts. Helm based installation, simplifies the process for lifecycle management of the product and provides a consistent and secure environment. Harbor gives end-users the ability to save, scan and control access to their artifacts, enhancing the overall DevOps workflow.

Procedure

Prerequisites for Harbor deployment

  • Kubernetes cluster 1.10+
  • Helm 2.8.0+
  • Dynamic Storage with a default storage class (We use OpenEBS with hostPath) or external object storage
  • Cert-manager (Nice to have).
  • High available Ingress controller

Helm Repository

Add the Helm Repo and fetch the repository.

$ helm repo add harbor https://helm.goharbor.io
$ helm fetch harbor/harbor --untar

Edit the values file

Edit the values.yaml file in order to showcase your requirements.

In our case we expose Harbor to other teams in the organizations and use cert-manager to sign the local domains. You can use our guide to Manage your certificates with cert-manager and Let’s Encrypt

expose:
  tls:
    secret:
      secretName: "harbor-ingress"
      notarySecretName: "notary-ingress"
  ingress:
    enabled: true
    hosts:
      core: registry.apps.example.k8s.co.il
      notary: notary.apps.example.k8s.co.il
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-production
externalURL: https://registry.apps.example.k8s.co.il

Deployment on Kubernetes

We chose to deploy using helm to provide consistent lifecycle management of the deployment instance. This way in case of an upgrade or additional Harbor deployment, if will be required, will be done in a controller and accurate way.

Install Harbor using Helm

Run the following command to install harbor:

$ helm ls | grep harbor || \
  helm install --wait harbor -f values.yaml --namespace harbor-system harbor/harbor \
  --set persistence.enabled=true \
  --set harborAdminPassword=admin

That’s it, you should have access to harbor on your K8s cluster.

Summary

At Octopus Computer Solutions, we champion open-source technologies, and showing how to deploy Harbor Registry on Kubernetes emphasizes this commitment. Harbor brings enterprise-grade container registry to the Kubernetes ecosystem and aligns with our mission to deliver secure, scalable, and resilient cloud solutions. By integrating Harbor, Octopus provides users with a seamless, secure platform for container image storage and management, reinforcing our value proposition as a provider of cutting-edge Kubernetes solutions.

For additional information you can see the official Harbor documentation provided by its creators VMWare Inc.

Enjoy!

Tags:
Last updated on February 21, 2024