Skip to content

Instantly share code, notes, and snippets.

@sneal

sneal/harbor.md

Last active May 13, 2023 14:54
Show Gist options
  • Save sneal/3a91c9400d96a5942a92b1f44787e39b to your computer and use it in GitHub Desktop.
Save sneal/3a91c9400d96a5942a92b1f44787e39b to your computer and use it in GitHub Desktop.
Download ZIP
Private Harbor example from k8s
Raw
harbor.md

Add Harbor CA Cert to Docker

Download the Harbor CA cert from the UI. Login to harbor, select Projects. Under the project you want to use select Repositories. Click the Registry Certificate button to download the cert. Add the downloaded Harbor CA cert to your system keychain.

$ sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Downloads/ca.crt

Restart docker daemon from system tray.

Push Nginx to Harbor

$ docker pull nginx:latest
$ docker login harbor.run.haas.pez.example.com
$ docker tag nginx:latest harbor.run.haas.pez.example.com/library/nginx:latest
$ docker push harbor.run.haas.pez.example.com/library/nginx:latest

Run Nginx on k8s

Create a Docker registry secret so k8s can pull from your private Harbor registry

$ kubectl create secret docker-registry harborcreds \
  --docker-server=harbor.run.haas.pez.example.com \
  --docker-username=library \
  --docker-password='harborsecret' \
  --docker-email=admin

Use the following pod definition to run Nginx

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: helloworld
  name: helloworld
spec:
  containers:
  - name: helloworld
    image: harbor.run.haas.pez.example.com/library/nginx:latest
  imagePullSecrets:
  - name: harborcreds
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment