- goharbor/harbor: An open source trusted cloud native registry project that stores, signs, and scans content. (github.com)
- Harbor docs | Upgrade Harbor and Migrate Data (goharbor.io)
- goharbor/harbor-helm: The helm chart to deploy Harbor (github.com)
- https://demo.goharbor.io/
- Harbor docs | Deploying Harbor with High Availability via Helm (goharbor.io)
- !!!harbor-helm/docs/High Availability.md at main · goharbor/harbor-helm (github.com)
- helm/helm: The Kubernetes Package Manager (github.com)
- Architecture Overview of Harbor · goharbor/harbor Wiki (github.com)(process of docker login/push)
如果要在 Kubernetes上部署Harbor,使用Harbor chart.
Prerequisites
- Kubernetes cluster 1.20+
- Helm v3.2.0+
helm repo add harbor https://helm.goharbor.io
helm search repo <REPOSITORY_NAME>
helm fetch harbor/harbor --untar 从指定的源(harbor/harbor)获取 Helm Chart 包,并在获取后进行解压缩(--untar 选项的作用)。
helm install my-release harbor/harbor
helm uninstall my-release- Harbor 不支持
helm rollback
常用命令:(Multi-Attach error for volume "pvc-3391f2d3-6221-44c2-bc53-66c493978a4e" Volume is already exclusively attached to one node and can't be attached to another这个报错重启对应节点后OK)
#kubectl -n harbor get pv pvc-3391f2d3-6221-44c2-bc53-66c493978a4e -o go-template='{{.spec.csi.volumeAttributes.imageName}}'
csi-vol-08dfbcd6-50f8-11ed-8c46-022c029f8d1f
bash-4.4$ rbd status replicapool/csi-vol-08dfbcd6-50f8-11ed-8c46-022c029f8d1f
Watchers: none
#kubectl describe pv pvc-e692d188-a8d9-4416-946a-aa3a8dfe34be
name=data-atc-harbor-trivy-0
#k -n harbor get pvc
data-atc-harbor-trivy-0 Bound pvc-e692d188-a8d9-4416-946a-aa3a8dfe34be
#k -n harbor get pv |grep pvc-e692d188-a8d9-4416-946a-aa3a8dfe34be
pvc-e692d188-a8d9-4416-946a-aa3a8dfe34be 5Gi RWO Delete Bound harbor/data-atc-harbor-trivy-0
# kubectl get pv pvc-3391f2d3-6221-44c2-bc53-66c493978a4e -o json | jq '.spec.claimRef'
{
"apiVersion": "v1",
"kind": "PersistentVolumeClaim",
"name": "atc-harbor-registry",
"namespace": "harbor",
"resourceVersion": "18518103",
"uid": "3391f2d3-6221-44c2-bc53-66c493978a4e"
}
# kubectl describe pv pvc-3391f2d3-6221-44c2-bc53-66c493978a4e
VolumeAttributes: clusterID=rook-ceph
imageName=csi-vol-08dfbcd6-50f8-11ed-8c46-022c029f8d1f 1、目前使用版本:Harbor v2.3.3,最新v2.11.0
1.1、如果启用了TLS,并且证书是由图表自动生成的,升级过程中将生成一个新证书并覆盖旧证书,如果您分发了证书,这可能会导致一些问题。
kubectl get secret <secret-name-from-step-1> -o yaml > secret.yaml
***Rename the secret by setting metadata.name in secret.yaml
kubectl create -f secret.yaml
***Configure the chart to use the new secret by setting expose.tls.secretName as the value1.2、备份Harbor使用的数据库,以防升级过程失败。
1.3、Download new chart
1.4、Upgrade
helm upgrade release-name --force .- The
--forceis necessary if upgrade from version 0.3.0 due to issue #30. - covers migration from v2.3.0 and later to the current v2.5.0 version
