Enable Embedded Harbor

Untitled

After the enablement is completed.

Untitled

<aside> 💡 You need to ensure your system trust the Harbor SSL certificate. The root certificate can be downloaded from the above Image Registry page.

</aside>

What happened in the background?

When enable Harbor, a new namespace was created and a bunch of vSphere Pods were created as well.

Untitled

As the vSphere namespace was created as a system namespace, we can't change the permissions

Untitled

You can check the similar information via CLI as well.

root@42141881543599eb8bd16d779fbbb4e8 [ ~ ]# k get all -n vmware-system-registry-1560008775
NAME                                                       READY   STATUS    RESTARTS   AGE
pod/harbor-1560008775-harbor-core-7858fdc6c7-t9wxq         1/1     Running   0          5m37s
pod/harbor-1560008775-harbor-database-0                    1/1     Running   0          5m36s
pod/harbor-1560008775-harbor-jobservice-788d666d84-mtbsl   1/1     Running   0          5m37s
pod/harbor-1560008775-harbor-nginx-7db687d79f-4755m        1/1     Running   0          5m37s
pod/harbor-1560008775-harbor-portal-654d5f944f-tt54l       1/1     Running   0          5m37s
pod/harbor-1560008775-harbor-redis-0                       1/1     Running   0          5m36s
pod/harbor-1560008775-harbor-registry-78b9549bf6-xfl5r     2/2     Running   0          5m37s

NAME                                          TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)             AGE
service/harbor-1560008775                     LoadBalancer   10.96.0.219   172.31.96.4   443:31869/TCP       6m34s
service/harbor-1560008775-harbor-core         ClusterIP      10.96.0.166   <none>        80/TCP              5m37s
service/harbor-1560008775-harbor-database     ClusterIP      10.96.0.93    <none>        5432/TCP            5m37s
service/harbor-1560008775-harbor-jobservice   ClusterIP      10.96.0.111   <none>        80/TCP              5m37s
service/harbor-1560008775-harbor-portal       ClusterIP      10.96.0.178   <none>        80/TCP              5m37s
service/harbor-1560008775-harbor-redis        ClusterIP      10.96.0.129   <none>        6379/TCP            5m37s
service/harbor-1560008775-harbor-registry     ClusterIP      10.96.0.71    <none>        5000/TCP,8080/TCP   5m37s

NAME                                                  READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/harbor-1560008775-harbor-core         1/1     1            1           5m38s
deployment.apps/harbor-1560008775-harbor-jobservice   1/1     1            1           5m38s
deployment.apps/harbor-1560008775-harbor-nginx        1/1     1            1           5m38s
deployment.apps/harbor-1560008775-harbor-portal       1/1     1            1           5m38s
deployment.apps/harbor-1560008775-harbor-registry     1/1     1            1           5m38s

NAME                                                             DESIRED   CURRENT   READY   AGE
replicaset.apps/harbor-1560008775-harbor-core-7858fdc6c7         1         1         1       5m38s
replicaset.apps/harbor-1560008775-harbor-jobservice-788d666d84   1         1         1       5m38s
replicaset.apps/harbor-1560008775-harbor-nginx-7db687d79f        1         1         1       5m38s
replicaset.apps/harbor-1560008775-harbor-portal-654d5f944f       1         1         1       5m38s
replicaset.apps/harbor-1560008775-harbor-registry-78b9549bf6     1         1         1       5m38s

NAME                                                 READY   AGE
statefulset.apps/harbor-1560008775-harbor-database   1/1     5m38s
statefulset.apps/harbor-1560008775-harbor-redis      1/1     5m38s
root@42141881543599eb8bd16d779fbbb4e8 [ ~ ]#

From network end, a dedicated T1 and load balancer were created for the new vSphere namespace as well:

T1 router

Untitled

Load Balancer

Untitled

The Harbor can be reachaed via UI as well.

Untitled

You can login to the Harbor UI with your vSphere vCenter account.