-
Notifications
You must be signed in to change notification settings - Fork 17
harbor_feature
The appliance comes with a preinstalled Harbor service, and includes the following features:
- Zero-touch deployment and configuration of:
- service IP address
- internal database password
- Harbor admin user password
- service SSL certificate
- Data persistency through the use of external virtual disk
In this guide you'll learn how to use the contextualization attributes to automate the setup and configuration of your Harbor instances.
Contextualization parameters provided in the Virtual Machine template controls the initial VM configuration. Except for the common set of parameters supported by every appliance on the OpenNebula Marketplace, there are few specific to the particular service appliance.
The parameters should be provided in the CONTEXT section of the Virtual Machine template, read the OpenNebula Management and Operations Guide for more details.
| Parameter | Default | Stage | Description |
|---|---|---|---|
HARBOR_ADMIN_PASSWORD |
Harbor12345 |
configure | Harbor password for the admin user |
HARBOR_DB_PASSWORD |
random | configure | Harbor PostgreSQL database password |
HARBOR_HOSTNAME |
local IP | configure | Harbor hostname/IP exposing the service |
HARBOR_SSL_CERT |
configure | SSL certificate (.crt content) | |
HARBOR_SSL_KEY |
configure | SSL private key (.key content) | |
HARBOR_PERSISTENT_DEV |
configure | Harbor data persistent device (sda, vda, etc.) |
The service listens on the address (or, IP resolved name) defined in HARBOR_HOSTNAME. If no parameter is provided, it tries to use the first routable address of the virtual machine. It’s a good practice to assign a proper IP address to your virtual machine and also this address as a value of HARBOR_HOSTNAME.
If HARBOR_SSL_CERT and HARBOR_SSL_KEY are set, the service will use this certificate for the HTTPS (port 443) service. If not, a certificate will be autogenerated.
Note
The service will also listen on port 80 (HTTP), redirecting the traffic to the HTTPS port.
Important
The self-signed certificates are impractical for a production environment! For the serious use, you should get SSL certificates from a trusted certificate authority such as Let’s Encrypt.
In order to configure data persistency, please arrach a secondary persistent disk to the VM, indicate the disk label in HARBOR_PERSISTENT_DEV and launch the appliance. The guest OS will follow some rules for the disk naming. It will name the disk as sdX or vdX depending on the bus used (VirtIO or SCSI) and the last letter will be in alfabetical order considering the currently attached disks. For instance:
- If the guest os already has a VirtIO disk attached (vda) and you attach another VirtIO disk, the new disk will be named vdb
- If the guest os already has a VirtIO disk attached (vda) and you attach a SCSI disk, the new disk will be named sda
If no disk label is enforced from OpenNebula, consider this simple logic when setting the value of HARBOR_PERSISTENT_DEV.
Persistent disks will not be deleted when the VM terminates.
- OpenNebula Apps Overview
- OS Appliances Update Policy
- OneApps Quick Intro
- Build Instructions
- Linux Contextualization Packages
- Windows Contextualization Packages
- OneKE (OpenNebula Kubernetes Edition)
- Virtual Router
- Overview & Release Notes
- Quick Start
- OpenRC Services
- Virtual Router Modules
- Glossary
- WordPress
- Harbor Container Registry
- MinIO
- Ray AI
- Development