If you are looking for an on-premises Docker image registry, then Harbor is the best solution that not only hosts your images, but also scans for any vulnerabilities. Key features of Harbor include:
- Security and vulnerability analysis
- Content signing and validation
- Extensible API and web UI
- Image replication
- Role-based access control
In this post, I will take you through the process of installing Harbor into ubuntu 20.04 vm (with docker tools installation), where harbor runs in several Docker containers. You can also deploy it on any Linux distribution that supports Docker. For more info on supported OS, please refer harbor.io
Let’s get started,
- You can use any environment of your choice to create an ubuntu vm, but I created a vm instance in GCP with public ip attached and e2-medium machine type. You can refer here to know the steps to deploy a vm in GCP.
- By default, only few ports are opened for deployed vm in GCP. So, you should create firewall rule to allow ports: 80, 443, 4443.
- Navigate to GCP console > VPC Network > Firewall > Create Firewall rule
- Name: allow-for-harbor-registry
- Targets: Specified target tags
- Target Tags: jumpbox – Note: Create a network tag for vm as jumpbox under vm instance section
- Source IPv4 ranges: 0.0.0.0/0 – Since this need to be accessible over Internet
- TCP: 80,443,4443
- Click on newly created firewall to confirm the applicable instances list:
Install Docker Engine on Ubuntu vm:
- Refer to Docker page for detailed steps.
Install Docker Compose on Ubuntu vm:
- Refer to Docker page for detailed steps:
Download the Installer
- Go to Harbor releases page.
- Find the latest version and pull into the ubuntu box that is created earlier using the command.
Note: Download either the online or offline installer for the version you want to install. I am going ahead with online installer.
Creating SSL Keys
- Below SSL command creates two files ie., cert and key files, which will be added in harbor.yml in next section.
Configure the Harbor Installer
- hostname — set this to either the IP address or the domain of your hosting server.
- harbor_admin_password — set this to a strong, unique password.
- Edit the paths of the keys to reflect as shown in below example:
- Save and close the file.
- It’s time to install Harbor. You can install Harbor with different configurations:
- Just Harbor, without Notary, Clair or Chart Repository Service
- Harbor with Notary
- Harbor with Clair
- Harbor with Chart Repository Service
- Here, I am covering installation without any additional configurations.
- After successful installation, access Harbor using https://SERVER_IP/harbor (Where SERVER_IP is the IP address or domain of your Harbor server). You will be prompted for the admin user credentials (username is admin and password is the password you set in the harbor.yml file).
- Once logged in, you should be able to create new projects, pull and push images into Harbor.
Push an Image into Harbor
Verify the Image
- Login to Harbor and you can find the details of pushed image like Overview, Build history etc..