YAML for running Harbor in Kubernetes
kind: Deployment
apiVersion: v1.10.1
expose:
type: ingress
tls:
enabled: true
secretName: ""
notarySecretName: ""
commonName: ""
ingress:
hosts:
core: core.harbor.domain
notary: notary.harbor.domain
controller: default
annotations:
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
clusterIP:
name: harbor
ports:
httpPort: 80
httpsPort: 443
notaryPort: 4443
nodePort:
name: harbor
ports:
http:
port: 80
nodePort: 30002
https:
port: 443
nodePort: 30003
notary:
port: 4443
nodePort: 30004
loadBalancer:
name: harbor
IP: ""
ports:
httpPort: 80
httpsPort: 443
notaryPort: 4443
annotations: {}
sourceRanges: []
externalURL: https://core.harbor.domain
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
disableredirect: false
type: filesystem
filesystem:
rootdirectory: /var/lib/registry
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: docker-registry-secret
updateStrategy:
type: RollingUpdate
logLevel: info
harborAdminPassword: "Harbor12345"
secretKey: "not-a-secure-key"
proxy:
httpProxy:
httpsProxy:
noProxy: 127.0.0.1,localhost,.local,.internal
components:
- core
- jobservice
- clair
nginx:
image:
repository: goharbor/nginx-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
portal:
image:
repository: goharbor/harbor-portal
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
core:
image:
repository: goharbor/harbor-core
tag: dev
replicas: 1
livenessProbe:
initialDelaySeconds: 300
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
secretName: ""
xsrfKey: ""
jobservice:
image:
repository: goharbor/harbor-jobservice
tag: dev
replicas: 1
maxJobWorkers: 10
jobLogger: file
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
registry:
registry:
image:
repository: goharbor/registry-photon
tag: dev
controller:
image:
repository: goharbor/harbor-registryctl
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
relativeurls: false
middleware:
enabled: false
type: cloudFront
cloudFront:
baseurl: example.cloudfront.net
keypairid: KEYPAIRID
duration: 3000s
ipfilteredby: none
privateKeySecret: "my-secret"
chartmuseum:
enabled: true
absoluteUrl: false
image:
repository: goharbor/chartmuseum-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
clair:
enabled: true
clair:
image:
repository: goharbor/clair-photon
tag: dev
adapter:
image:
repository: goharbor/clair-adapter-photon
tag: dev
replicas: 1
updatersInterval: 12
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
trivy:
enabled: true
image:
repository: goharbor/trivy-adapter-photon
tag: dev
replicas: 1
debugMode: false
vulnType: "os,library"
severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
ignoreUnfixed: false
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 1
memory: 1Gi
notary:
enabled: true
server:
image:
repository: goharbor/notary-server-photon
tag: dev
replicas: 1
signer:
image:
repository: goharbor/notary-signer-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secretName: ""
database:
type: internal
internal:
image:
repository: goharbor/harbor-db
tag: dev
initContainerImage:
repository: busybox
tag: latest
password: "changeit"
nodeSelector: {}
tolerations: []
affinity: {}
external:
host: "192.168.0.1"
port: "5432"
username: "user"
password: "password"
coreDatabase: "registry"
clairDatabase: "clair"
notaryServerDatabase: "notary_server"
notarySignerDatabase: "notary_signer"
sslmode: "disable"
maxIdleConns: 50
maxOpenConns: 100
podAnnotations: {}
redis:
type: internal
internal:
image:
repository: goharbor/redis-photon
tag: dev
nodeSelector: {}
tolerations: []
affinity: {}
external:
host: "192.168.0.2"
port: "6379"
coreDatabaseIndex: "0"
jobserviceDatabaseIndex: "1"
registryDatabaseIndex: "2"
chartmuseumDatabaseIndex: "3"
clairAdapterIndex: "4"
trivyAdapterIndex: "5"
password: ""
podAnnotations: {}
apiVersion: v1.10.1
expose:
type: ingress
tls:
enabled: true
secretName: ""
notarySecretName: ""
commonName: ""
ingress:
hosts:
core: core.harbor.domain
notary: notary.harbor.domain
controller: default
annotations:
ingress.kubernetes.io/ssl-redirect: "true"
ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
clusterIP:
name: harbor
ports:
httpPort: 80
httpsPort: 443
notaryPort: 4443
nodePort:
name: harbor
ports:
http:
port: 80
nodePort: 30002
https:
port: 443
nodePort: 30003
notary:
port: 4443
nodePort: 30004
loadBalancer:
name: harbor
IP: ""
ports:
httpPort: 80
httpsPort: 443
notaryPort: 4443
annotations: {}
sourceRanges: []
externalURL: https://core.harbor.domain
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
chartmuseum:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
jobservice:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
database:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
redis:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 1Gi
trivy:
existingClaim: ""
storageClass: ""
subPath: ""
accessMode: ReadWriteOnce
size: 5Gi
imageChartStorage:
disableredirect: false
type: filesystem
filesystem:
rootdirectory: /var/lib/registry
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: docker-registry-secret
updateStrategy:
type: RollingUpdate
logLevel: info
harborAdminPassword: "Harbor12345"
secretKey: "not-a-secure-key"
proxy:
httpProxy:
httpsProxy:
noProxy: 127.0.0.1,localhost,.local,.internal
components:
- core
- jobservice
- clair
nginx:
image:
repository: goharbor/nginx-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
portal:
image:
repository: goharbor/harbor-portal
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
core:
image:
repository: goharbor/harbor-core
tag: dev
replicas: 1
livenessProbe:
initialDelaySeconds: 300
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
secretName: ""
xsrfKey: ""
jobservice:
image:
repository: goharbor/harbor-jobservice
tag: dev
replicas: 1
maxJobWorkers: 10
jobLogger: file
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
registry:
registry:
image:
repository: goharbor/registry-photon
tag: dev
controller:
image:
repository: goharbor/harbor-registryctl
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secret: ""
relativeurls: false
middleware:
enabled: false
type: cloudFront
cloudFront:
baseurl: example.cloudfront.net
keypairid: KEYPAIRID
duration: 3000s
ipfilteredby: none
privateKeySecret: "my-secret"
chartmuseum:
enabled: true
absoluteUrl: false
image:
repository: goharbor/chartmuseum-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
clair:
enabled: true
clair:
image:
repository: goharbor/clair-photon
tag: dev
adapter:
image:
repository: goharbor/clair-adapter-photon
tag: dev
replicas: 1
updatersInterval: 12
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
trivy:
enabled: true
image:
repository: goharbor/trivy-adapter-photon
tag: dev
replicas: 1
debugMode: false
vulnType: "os,library"
severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
ignoreUnfixed: false
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 1
memory: 1Gi
notary:
enabled: true
server:
image:
repository: goharbor/notary-server-photon
tag: dev
replicas: 1
signer:
image:
repository: goharbor/notary-signer-photon
tag: dev
replicas: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
secretName: ""
database:
type: internal
internal:
image:
repository: goharbor/harbor-db
tag: dev
initContainerImage:
repository: busybox
tag: latest
password: "changeit"
nodeSelector: {}
tolerations: []
affinity: {}
external:
host: "192.168.0.1"
port: "5432"
username: "user"
password: "password"
coreDatabase: "registry"
clairDatabase: "clair"
notaryServerDatabase: "notary_server"
notarySignerDatabase: "notary_signer"
sslmode: "disable"
maxIdleConns: 50
maxOpenConns: 100
podAnnotations: {}
redis:
type: internal
internal:
image:
repository: goharbor/redis-photon
tag: dev
nodeSelector: {}
tolerations: []
affinity: {}
external:
host: "192.168.0.2"
port: "6379"
coreDatabaseIndex: "0"
jobserviceDatabaseIndex: "1"
registryDatabaseIndex: "2"
chartmuseumDatabaseIndex: "3"
clairAdapterIndex: "4"
trivyAdapterIndex: "5"
password: ""
podAnnotations: {}
Comments
Post a Comment