Harbor

License: Apache 2.0

Harbor is a container and helm registry. Used by few customers of the the IT Common Platform, it is made available to those who cannot use GitLab as their repository.

The Platform's implementation of Harbor leverages Trivy for Vulnerability Scanning.

In the code, Harbor is treated like a tenant application, however is requires a few objects that cannot be spun up as a tenant.

In order to make the two Harbors more homogenous, a project was created that manages both of the tenancies. This uses a pipeline, some templating, and kustomize to create the appropriate environment. This project revolves around the official helm chart for Harbor.

Harbor Dev

To minimize charges, Harbor Dev may not be enabled and will needed to be added/renabled as a tenant for testing.

Links

• Code:

  • https://github.com/goharbor/harbor

• Releases:

  • https://github.com/goharbor/harbor/releases

• Documentation:

  • General Documentation: https://goharbor.io/docs

Harbor Documentation Versioning

Make sure to select the version of the documentation you need in the top right in the Docs menu.

• Helm:

  • Releases: https://github.com/goharbor/harbor-helm/tree/chart-repository
  • Upgrade Guide: https://goharbor.io/docs/2.9.0/administration/upgrade/helm-upgrade/

• Implementation:

  • Infrastructure - https://code.vt.edu/it-common-platform/harbor/harbor-infra
  • Harbor Template - https://code.vt.edu/it-common-platform/platform-support/harbor

Update Concerns for Harbor

Critical Concerns

• Ensuring compatibility with Amazon objects (database)

General Concerns

• Ensure Authentication is working

Conveniences

• All the data for Harbor is held in the database, allowing the remaing structures to be removed and replaced if there is an issue, not limited to but including all volumes.

Harbor Restart Warning

Harbor takes many minutes to startup even if the pods look healthy. Do not be alarmed if it takes several minutes.