Home  > Resources  > Blog

Introduction to Harbor

December 9, 2022 by Bibhas Bhattacharya
Category: DevOps

1.1 What is Harbor?

  • Harbor is a container image registry software. You can use it to run an image registry on the premises.
  • It is open source.
    • Written in Go.
    • Web site: https://goharbor.io/
    • Git repo: https://github.com/goharbor/harbor
  • It is compatible with the docker CLI. That means you can push and pull images using the docker command line.

1.2 Benefits of Harbor

  • Provides role-based access control to your projects. You can finetune who can push, pull, delete images, etc.
  • You can define company-wide policies, such as space quota, retention age or images, and signing of images.
  • Harbor can scan images for vulnerabilities.
  • In addition to container images, you can also push and pull Helm charts.
  • Kubernetes can pull images from Harbor.

1. 3 Planning to Install Harbor

  • There are two possible ways we can run Harbor:
    • As Docker containers managed by Docker compose.
    • As containers inside of Kubernetes. In this case, installation is done by Helm
  • Generally speaking, the Helm and Kubernetes-based option is easier and offers better scalability and fault tolerance.
  • Harbor has a long list of prerequisite software such as:
    • PostgreSQL
    • Redis
  • Helm can install all the required software. Alternatively, if you already have PostgreSQL and Redis running somewhere you can point Harbor to them.

1.4 Installing Harbor in K8s

  • Add the ingress add-on to the K8s cluster.
  • Run these commands. All components will be created in the harbor-system namespace.
    • kubectl create namespace harbor-system
    • helm repo add harbor https://helm.goharbor.io
    • helm fetch harbor/harbor –untar
    • helm install -n harbor-system my-harbor-release harbor/
  • After a few minutes, you can check the status of all the pods.
    • kubectl get pods -n harbor-system

1.5 Opening the Administration Console

  • Check the host name and IP address the ingress controller is using.
    • kubectl get ing -n harbor-system
  • Register that domain name and IP address to your DNS or /etc/hosts.
  • Access the admin console using the URL. For example:
    • https://core.harbor.domain.
  • Default super user ID is admin with the password Harbor12345.

1.6 Creating a Project

  • A project groups a collection of images.
  • Each project can have its own user access control, policies such as quota and other settings.
  • A project can be created in the admin console by clicking Projects > NEW PROJECT.

1.7 Project Naming

  • Your project name will appear in the image names. So, name your projects carefully.
  • In the end, each image must be named as follows:
  • For example:
    • core.harbor.domain/my-project/my-webapp:latest

1.8 Summary

  • Harbor is an open-source image registry. You can use it to run an on-premises image registry.
  • Harbor comes with many benefits, such as role-based access control to projects, corporate policy enforcement, and vulnerability scanning.
  • It is easier to install Harbor using Helm and run in a K8s cluster. Helm will install all required software such as PostgreSQL and Redis.
  • A project is a collection of images. You can apply policies and role-based security to a project.

Follow Us

Blog Categories