Harbor is an open-source enterprise-class registry server that stores and distributes Docker images. Harbor extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security. Having a registry closer to the build and run environment improves the image transfer efficiency. Harbor supports the setup of multiple registries and has images replicated between them. In addition, Harbor offers advanced security features, such as user management, access control and activity auditing.
Prerequisites
- A Rcs CentOS 7 server instance with at least 1GB RAM.
- A non-root user with sudo privileges setup on your server.
Getting Started
Before starting, you will need to install the EPEL
repo and other required packages to your system.
sudo yum install epel-release wget -y
Once the installation is completed, update your system to the latest version.
sudo yum update -y
Next, restart your system to apply all the updates.
sudo shutdown -r now
In this tutorial, we will use harbor.example.com
as the domain name pointed to the server. Replace all occurrences of harbor.example.com
with your actual domain name.
Install Docker and Docker-Compose
Harbor is deployed as several Docker containers. Therefore, it can be deployed on any Linux distribution that supports Docker. The target host requires that Docker and Docker Compose be installed.
Install Docker CE using the repository.
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce
Install Docker-Compose using pip
.
sudo yum install -y python-pip
pip install docker-compose
Start Docker.
sudo systemctl start docker
Verify that docker is installed correctly by running the hello-world
image.
sudo docker run hello-world
Install Harbor
The binary of the installer can be downloaded from the release page. Choose either the online or offline installer.
Online installer:
wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-online-installer-v1.2.0.tgz
Offline installer:
wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-offline-installer-v1.2.0.tgz
Use the tar
command to extract the package.
tar -xvf harbor-online-installer-1.2.0.tgz
Generate your own SSL certificate
The default installation of Harbor uses HTTP
- as such, you will need to add the option --insecure-registry
to your client's Docker daemon, then restart the Docker service. Installing Harbor with HTTPS
is highly recommended. It will save us a lot of time in the future. Generate your own SSL certificate (replace harbor.example.com
with your host’s FQDN).
mkdir cert && cd cert
openssl req -sha256 -x509 -days 365 -nodes -newkey rsa:4096 -keyout harbor.example.com.key -out harbor.example.com.crt
Configure Harbor
Edit the Harbor config file. vim harbor.cfg
Change hostname
to your host's FQDN and enable https
.
hostname = harbor.example.com
ui_url_protocol = https
ssl_cert = /root/cert/harbor.example.com.crt
ssl_cert_key = /root/cert/harbor.example.com.key
Run install.sh
to finish the installation.
./install.sh
Run Harbor in the background.
docker-compose up -d
Access Harbor Web Interface
Before starting, you will need to allow port 80
through the firewall.
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --reload
You can access the Harbor server on http://harobr.example.com
if you have DNS configured. Login using the default username
and password
.
admin
Harbor12345
Conclusion
The installation and basic configuration of Harbor is now complete.