Last active
March 26, 2018 01:41
-
-
Save jaigouk/a02214e9c7eb6c72fc3360da2fde37f6 to your computer and use it in GitHub Desktop.
harbor-values
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| persistence: | |
| enabled: true | |
| # The tag for Harbor docker images. | |
| harborImageTag: &harbor_image_tag v1.4.0 | |
| # The FQDN for Harbor service. | |
| externalDomain: docker.mysite.com | |
| # If set to true, you don't need to set tlsCrt/tlsKey/caCrt, but must add | |
| # Harbor FQDN as insecure-registries for your docker client. | |
| insecureRegistry: false | |
| # The TLS certificate for Harbor. The common name of tlsCrt must match the externalDomain above. | |
| tlsCrt: | | |
| -----BEGIN CERTIFICATE----- | |
| xxxx | |
| -----END CERTIFICATE----- | |
| tlsKey: | | |
| -----BEGIN PRIVATE KEY----- | |
| xxx | |
| -----END PRIVATE KEY----- | |
| caCrt: | | |
| -----BEGIN CERTIFICATE----- | |
| xxx | |
| -----END CERTIFICATE----- | |
| # The secret key used for encryption. Must be a string of 16 chars. | |
| secretKey: my-secret-key | |
| # These annotations allow the registry to work behind the nginx | |
| # ingress controller. | |
| ingress: | |
| annotations: | |
| ingress.kubernetes.io/ssl-redirect: "true" | |
| ingress.kubernetes.io/body-size: "0" | |
| ingress.kubernetes.io/proxy-body-size: "0" | |
| adminserver: | |
| image: | |
| repository: vmware/harbor-adminserver | |
| tag: *harbor_image_tag | |
| pullPolicy: IfNotPresent | |
| emailHost: "smtp.mydomain.com" | |
| emailPort: "25" | |
| emailUser: "sample_admin@mydomain.com" | |
| emailSsl: "false" | |
| emailFrom: "admin <sample_admin@mydomain.com>" | |
| emailIdentity: "" | |
| emailInsecure: "False" | |
| emailPwd: not-a-secure-password | |
| harborAdminPassword: Harbor12345 | |
| ## Persist data to a persistent volume | |
| volumes: | |
| config: | |
| # storageClass: "-" | |
| accessMode: ReadWriteOnce | |
| size: 1Gi | |
| ## Persist data to a persistent volume | |
| volumes: | |
| config: | |
| storageClass: "portworx" | |
| accessMode: ReadWriteOnce | |
| size: 1Gi | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| ## jobservice | |
| # | |
| jobservice: | |
| image: | |
| repository: vmware/harbor-jobservice | |
| tag: *harbor_image_tag | |
| pullPolicy: IfNotPresent | |
| secret: my-secret-key | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| ## UI | |
| # | |
| ui: | |
| image: | |
| repository: vmware/harbor-ui | |
| tag: *harbor_image_tag | |
| pullPolicy: IfNotPresent | |
| secret: my-secret-key | |
| privateKeyPem: | | |
| -----BEGIN RSA PRIVATE KEY----- | |
| xxx | |
| -----END RSA PRIVATE KEY----- | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| ## MySQL Settings. Currently Harbor does not support an external | |
| ## MySQL server, only their own image. Until this is fixed, do not | |
| ## Change the settings below. | |
| # | |
| mysql: | |
| image: | |
| repository: vmware/harbor-db | |
| tag: *harbor_image_tag | |
| pullPolicy: IfNotPresent | |
| # If left blank will use the included mysql service name. | |
| host: ~ | |
| port: 3306 | |
| user: "root" | |
| pass: "registry" | |
| database: "registry" | |
| volumes: | |
| data: | |
| storageClass: "portworx" | |
| accessMode: ReadWriteOnce | |
| size: 1Gi | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| registry: | |
| image: | |
| repository: jaigouk/modified-vmware-registry | |
| tag: latest | |
| pullPolicy: Always | |
| httpSecret: my-secret-key | |
| logLevel: debug | |
| proxy: | |
| remoteurl: https://registry-1.docker.io | |
| health: | |
| storagedriver: | |
| enabled: "false" | |
| objectStorage: | |
| s3: | |
| region: ams3 | |
| regionendpoint: ams3.digitaloceanspaces.com | |
| bucket: my-space-name | |
| accesskey: "xxx" | |
| secretkey: "xxx" | |
| rootdirectory: /registry | |
| rootCrt: | | |
| -----BEGIN CERTIFICATE----- | |
| xxxx | |
| -----END CERTIFICATE----- | |
| ## Persist data to a persistent volume | |
| volumes: | |
| data: | |
| storageClass: "portworx" | |
| accessMode: ReadWriteOnce | |
| size: 5Gi | |
| ## Persist data to a persistent volume | |
| # volumes: | |
| # data: | |
| # storageClass: "portworx" | |
| # accessMode: ReadWriteOnce | |
| # size: 5Gi | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| clair: | |
| enabled: true | |
| image: | |
| # repository: vmware/clair-photon | |
| # tag: v2.0.1-v1.4.0 | |
| repository: jaigouk/modified-vmware-clair | |
| tag: latest | |
| pullPolicy: Always | |
| ## The following needs to match the credentials | |
| ## in the `postgresql` configuration under the | |
| ## `postgresql` namespace below. | |
| postgresPassword: xxxx | |
| postgresUser: clair | |
| postgresDatabase: clair | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| # pgResources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| volumes: | |
| pgData: | |
| storageClass: "portworx" | |
| accessMode: ReadWriteOnce | |
| size: 2Gi | |
| # resources: | |
| # requests: | |
| # memory: 256Mi | |
| # cpu: 100m | |
| ## Notary support is not yet fully implemented in the Helm Charts | |
| ## Enabling it will just break things. | |
| # | |
| notary: | |
| enabled: false | |
| ## Settings for postgresql dependency. | |
| ## see https://github.com/kubernetes/charts/tree/master/stable/postgresql | |
| ## for further configurables. | |
| postgresql: | |
| postgresUser: clair | |
| postgresPassword: xxxxx | |
| postgresDatabase: clair | |
| persistence: | |
| enabled: true | |
| storageClass: "portworx" | |
| accessMode: ReadWriteOnce | |
| size: 2Gi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment