Harbor in local deployment
This page describes how to use Harbor in our development setup, using skaffold. It is divided in two categories: the first one describes how to use a harbor registry inside the k3d cluster, meanwhile the second describes how to use a harbor registry outside of the cluster. The third section describes the set-up that will be needed.
Use in-cluster Harbor
First-time set-up (specific to in-cluster)
As sudo
, add 127.0.0.1 registry.org-2.com
to /etc/hosts
echo "127.0.0.1 registry.org-2.com" | sudo tee -a /etc/hosts
Use
Set
HARBOR_CERT_PATH
to point to the absolute path toorchestrator/examples/tools/ca.crt
export HARBOR_CERT_PATH=<absolute_path_to_orchestrator_repo>/orchestrator/examples/tools/ca.crt
Re-create the cluster and launch skaffold on the orchestrator
./k3-create.sh cd orchestrator skaffold run
Start
substra-backend
with profileorg-2-harbor
Activate port-forward (port
30046
) onharbor-nginx-xxxxxxxxxx-xxxxx
(referred as<pod_name>
), depending of your tool:kubectl
:kubectl port-forward -n harbor deployments/harbor-nginx 30046:https
k9s
:Hover pod
<pod_name>
Press
<SHIFT>+F
Replace
nginx::30000
bynginx::30046
(theLocal port
should be replaced by30046
)
Follow the instructions in Harbor-set-up with the following informations:
Identifier:
admin
Password:
harborP@ssword2403
Use external Harbor
Follow the Harbor-set-up
Create
docker-config
secret
kubectl create secret docker-registry docker-config -n org-2 --docker-server=<your-registry-server> --docker-username=<your-name>
Update your value file (you can use
backend-org-2-harbor.yaml
as a model)docker-registry: enabled: false containerRegistry: local: false scheme: host: # The host, without the port, as it is defined in the field port pullDomain: # The harbor host, with the port as it won't use the port field port: 443 kaniko: dockerConfigSecretName: docker-config # Equals to the name given to the secret at the previous step
Harbor-set-up
In the frontend, create project
substra
Set the variable
`HARBOR_REGISTRY_DOMAIN`
to your registry URLexport HARBOR_REGISTRY_DOMAIN=<registry_url>
Login to the registry
docker login $HARBOR_REGISTRY_DOMAIN
Manually add base image
Pull image
docker pull ghcr.io/substra/substra-tools:latest
Tag it
docker tag ghcr.io/substra/substra-tools:latest $HARBOR_REGISTRY_DOMAIN/substra/substra-tools:latest
Push to repository
docker push $HARBOR_REGISTRY_DOMAIN/substra/substra-tools:latest