Download the Harbor CA cert from the UI. Login to harbor, select Projects
. Under the project you want to use select Repositories
. Click the Registry Certificate
button to download the cert. Add the downloaded Harbor CA cert to your system keychain.
$ sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Downloads/ca.crt
Restart docker daemon from system tray.
$ docker pull nginx:latest
$ docker login harbor.run.haas.pez.example.com
$ docker tag nginx:latest harbor.run.haas.pez.example.com/library/nginx:latest
$ docker push harbor.run.haas.pez.example.com/library/nginx:latest
Create a Docker registry secret so k8s can pull from your private Harbor registry
$ kubectl create secret docker-registry harborcreds \
--docker-server=harbor.run.haas.pez.example.com \
--docker-username=library \
--docker-password='harborsecret' \
--docker-email=admin
Use the following pod definition to run Nginx
apiVersion: v1
kind: Pod
metadata:
labels:
run: helloworld
name: helloworld
spec:
containers:
- name: helloworld
image: harbor.run.haas.pez.example.com/library/nginx:latest
imagePullSecrets:
- name: harborcreds