Harbor - Private Docker Registry

Harbor is an open-source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted.

Installation (Docker Compose)

Prerequisites

# Install Docker & Docker Compose
sudo apt install docker.io docker-compose -y
 
# Install openssl for certificate generation
sudo apt install openssl -y

Install Harbor

# Download Harbor
cd /opt
sudo wget https://github.com/goharbor/harbor/releases/download/v2.8.0/harbor-online-installer-v2.8.0.tgz
sudo tar xzf harbor-online-installer-v2.8.0.tgz
cd harbor
 
# Configure Harbor
sudo cp harbor.yml.tmpl harbor.yml
sudo vi harbor.yml

Configure harbor.yml

hostname: harbor.example.com
http:
  port: 80
https:
  port: 443
  certificate: /path/to/certificate.crt
  private_key: /path/to/private.key
 
harbor_admin_password: StrongPassword123!
 
database:
  password: DBPassword123!
 
data_volume: /data/harbor

Generate SSL Certificate

# Create certificate directory
sudo mkdir -p /data/cert
 
# Generate self-signed certificate (for testing)
cd /data/cert
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
  -keyout private.key -out certificate.crt \
  -subj "/CN=harbor.example.com"
 
# Or use Let's Encrypt
sudo apt install certbot -y
sudo certbot certonly --standalone -d harbor.example.com

Run Harbor

# Prepare environment
cd /opt/harbor
sudo ./prepare
 
# Start Harbor
sudo docker-compose up -d
 
# Verify
sudo docker-compose ps
 
# Access Harbor
# http://harbor.example.com (or https://harbor.example.com)
# Default: admin / Harbor12345

Configure Docker to Use Harbor

# Add insecure registry (if using self-signed cert)
sudo vi /etc/docker/daemon.json

{
  "insecure-registries": ["harbor.example.com"]
}

# Restart Docker
sudo systemctl restart docker
 
# Login to Harbor
docker login harbor.example.com
# Username: admin
# Password: (configured in harbor.yml)
 
# Push image
docker tag myapp:latest harbor.example.com/library/myapp:latest
docker push harbor.example.com/library/myapp:latest

Service Management

# Start Harbor
cd /opt/harbor && sudo docker-compose up -d
 
# Stop Harbor
cd /opt/harbor && sudo docker-compose down
 
# View logs
cd /opt/harbor && sudo docker-compose logs -f
 
# Restart specific service
cd /opt/harbor && sudo docker-compose restart <service-name>

Backup and Restore

# Backup Harbor database
sudo docker exec harbor-db pg_dump -U postgres postgres > /backup/harbor-db.sql
 
# Backup Harbor data
sudo tar czf /backup/harbor-data.tar.gz /data/harbor/
 
# Restore database
sudo docker exec -i harbor-db psql -U postgres postgres < /backup/harbor-db.sql
 
# Restore data
sudo tar xzf /backup/harbor-data.tar.gz -C /

Troubleshooting

# Check Harbor container status
sudo docker-compose ps
 
# View logs
sudo docker-compose logs <service-name>
 
# Restart Harbor
cd /opt/harbor && sudo docker-compose restart
 
# Check disk space
df -h /data/harbor
 
# Clean up dangling images
docker image prune -a --force

Kubernetes Helm