Harbor is VMware’s free, open-source image registry that ships with a few of our Tanzu products (Tanzu Kubernetes Grid Integrated Edition and vSphere 7 with Tanzu). There are numerous ways to get it up and running but I wanted to take a crack at getting it running on Photon OS, also a free, open-source project from VMware. Photon OS is very small, very fast and optimized for running container workloads on vSphere infrastructure. If you’ve been working with many VMware products over the last several years, you’ll have noticed a shift to preferring Photon OS for a large number of our software products.
We’ll start off with downloading the latest minimal Photon OS iso file from Downloading Photon OS. For this example, this was the Photon OS 3.0 Revision 2 Update3 file. I went with the minimal install as it had almost everything I needed and nothing I didn’t. I uploaded this iso file to a datastore in my vSphere environment so that I could use it later when installing the operating system on my Harbor VM. This is a simple as navigating to the Storage view in the vSphere client, selecting your datastore and then clicking the Upload Files button.
The minimal Photon OS iso file is only about 300MB so it should take a minute or less to upload (unless you’ve got a very slow network).
Creating a VM to be used for Harbor is fairly straightforward. I’m using vSphere 7.0c but the steps are nearly identical for most releases back through 6.7.
- Right-click your cluster and select New Virtual Machine.
- Select Create a new virtual machine and click the Next button.
- Set a name for the new VM and choose a folder for it (if desired). Click the Next button.
- Select a compute resource (if desired) and click the Next button.
- Select a datastore and click the Next button.
- Choose your desired compatibility level (I left it at the default and this is usually fine) and click the Next button.
- Set the Guest OS Family and Version. Since we’re installing Photon OS, you should choose Linux as the family and VMware Photon OS (64-bit) as the version. Click the Next button.
- Since Harbor requires a minimum for 2 CPUs, 4GB of RAM and 40GB of disk, we’ll need to make a few changes on the Customize hardware page. You can increase these values beyond the minimums or add additional devices if your use-case warrants it. Be sure to choose the appropriate network and set the New CD/DVD Drive to the minimal Photon OS iso file that was uploaded previously. Click the Next button when you’re ready to proceed.
- If everything looks good on the summary page, click the Finish button.
It will only take a split-second for the VM to be created. Once it’s in your inventory, you can right-click it and select Power -> Power On. You can select the VM itself and then click on the Launch Web Console link.
You should be presented with a screen similar to the following:
Press the Enter key to move into the installation wizard.
You need to use the arrow keys on your keyboard to navigate but get the <Accept> button highlighted and then press the Enter key.
My VM only had one disk so there wasn’t much to here but you could choose to go with a custom partition layout if you didn’t want to accept the defaults. I chose to let the installer do everything for me so I got the <Auto> button highlighted and pressed the Enter key.
The networking page does require some thought or you’ll end up with a VM that is inaccessible on your network. I went with the manual configuration and provided the information needed, as seen on the following screenshot.
After you get the <Next> button highlighted and press the Enter key on the Network Configuration page, you’ll be asked which kernel you would like to install.
If you’re running this on vSphere you’ll probably be making the same choice I did and go with the VMware hypervisor optimized option but you could choose the Generic option if you have some need for it or are running this on an IAAS other than vSphere. Get the <Next> button highlighted and press the Enter key when you’re ready to proceed.
Configure the hostname and root password when prompted.
Get the <Next> button highlighted and press the Enter key when you’re happy with the values on both of these screens.
If you’re ready to get the installation started, get the Yes option highlighted and press the Enter key.
You’ll see a progress bar as well as some basic information about what’s being done as the installation is progressing.
And when the installation is done a very short while later, you’ll be prompted to reboot (just press any key at this point).
Be sure to edit the settings on your VM and set the CD/DVD Drive back to the default setting, Client Device.
One the harbor VM is finished booting, you should be presented with a login prompt.
Go ahead and login as the root user with the password you used during the installation wizard.
To access the system remotely you can either create a new user with the
useradd command or allow the root user to login via SSH. The former is the preferred option but since I was just running this in a nested lab, I chose to allow root logins over SSH. This is accomplished by setting the
PermitRootLogin value to
yes in the
sed -I 's/^PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config systemctl restart sshd
And then I was able to ssh to my Harbor VM as the root user.
The installer configures the DNS settings and hostname but does not configure a domain suffix. I issued the following commands to get this set appropriately:
echo "Domain=corp.tanzu" >> /etc/systemd/network/99-static-en.network systemctl restart systemd-networkd
For Harbor to function, we need to have docker installed and running. Photon OS comes with docker installed but it’s not enabled by default. The following commands take care of that for us:
systemctl enable docker systemctl start docker
One of the pieces that we need that isn’t available on Photon OS by default is
docker-compose. You can find detailed installation instructions for
docker-compose at Install Compose but it’s really as simple as running the following two commands:
curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/harbor
The only extra piece of software that I found I needed (outside of Harbor itself) was the
tar executable. I used the
tdnf install tar -y command to install it but you could also use
yum install tar -y. And just to be sure I was running the latest and greatest Photon OS, I ran
tdnf upgrade -y to get all packages up to the most current version.
Harbor does require a certificate to work properly (as does nearly every private registry) and there are numerous ways to create one. I’ve done this in the past with
openssl and a simple CA built on Linux and have also used cert-manager. This time around I decided to go with the Microsoft Certificate Authority that I already had up and running on my Windows jump box. For a production environment you would likely be obtaining a CA certificate from a legitimate, external authority. If you are also using a Microsoft Certificate Authority though, you can use the following steps to create a certificate for Harbor.
The first step is to create a new key that will be used when creating the CSR. You can do this on the Harbor VM as it already has
openssl genrsa -out harbor.corp.tanzu.key 4096
Next up it to create an
openssl configuration file that will be fed into
openssl when creating the CSR. You can see from this example that I’m setting the commonname to harbor.corp.tanzu (the hostname of my Harbor VM) and also setting a few SANs in case anyone tries to get to it via it’s short name or IP address.
echo "[ req ] default_bits = 4096 distinguished_name = req_distinguished_name req_extensions = req_ext prompt = no [ req_distinguished_name ] countryName = US stateOrProvinceName = California localityName = CA organizationName = Tanzu commonName = harbor.corp.tanzu [ req_ext ] subjectAltName = @alt_names [alt_names] DNS.1 = harbor.corp.tanzu DNS.2 = harbor IP.1 = 192.168.110.30" > harbor-cert.cnf
The last step is to use
openssl to create the CSR that will be fed to the Microsoft Certificate Authority.
openssl req -config harbor-cert.cnf -nodes -new -out harbor.corp.tanzu.csr -key harbor.corp.tanzu.key
There should be a new file named
harbor.corp.tanzu.csr in the current working directory.
When I access the web enrollment page for my Microsoft Certificate Authority, the following page is shown (you’ll likely see something similar):
Note: If you don’t already have a copy of the CA certificate saved, click on the Download a CA certificate, certificate chain, or CRL link and download the CA certificate in Base 64 format as it will be needed later.
Click on the Request a certificate link and then click on the advanced certificate request link on the next page.
Paste the contents of the CSR that was created earlier in the Base-64-encoded certificate request field and choose the appropriate Certificate Template. I already had a vSphere template created which works fine for this exercise (you can read about how to create one at Creating a Microsoft Certificate Authority Template for SSL certificate creation in vSphere 6.x/7.x (2112009).
Click the Submit button to create the certificate.
To download the certificate, set the type to Base 64 encoded and then click on the Download certificate link. A file named
certnew.cer will be downloaded.
Rename the CA certificate file to
ca.crt and the
certnew.cer file to
harbor.corp.tanzu.crt (or the FQDN of your Harbor VM). Copy both files to the Harbor VM.
The next set of commands (run on the Harbor VM) will get the necessary folder structure created for Docker and Harbor to use the new certificate and get everything copied to the right directories.
mkdir -p /data/ cert mkdir -p /etc/docker/certs.d/harbor.corpt.tanzu cp ~/harbor.corp.tanzu.crt /data/cert/ cp ~/harbor.corp.tanzu.key /data/cert/ openssl x509 -inform PEM -in ~/harbor.corp.tanzu.crt -out /etc/docker/certs.d/harbor.corpt.tanzu /harbor.corp.tanzu.cert cp ~/harbor.corp.tanzu.key /etc/docker/certs.d/harbor.corpt.tanzu/ cp ~/ca.crt /etc/docker/certs.d/harbor.corpt.tanzu/ systemctl restart docker
With all of this preliminary work out of the way, we’re finally ready to start installing Harbor. The first thing to do is get the installer executable. There are a few different varieties available on the Harbor Release page but I went with the 2.0.2 online installer variant.
curl -L https://github.com/goharbor/harbor/releases/download/v2.0.2/harbor-online-installer-v2.0.2.tgz -o ~/harbor.tgz tar -zxvf ~/harbor.tgz harbor/prepare harbor/LICENSE harbor/install.sh harbor/common.sh harbor/harbor.yml.tmpl
As you can see, there are only four files that come with this bundle. We’ll make a copy of the
harbor.yml.tmpl file to be used during our installation. There are a few placeholder values that need to be updated…change the hostname value from reg.mydomain.com, change the certificate value from /your/certificate/path, change the private_key value from /your/private/key/path, change the harbor_admin_password value from Harbor12345 and change the root database user password from root123.
cp harbor/harbor.yml.tmpl harbor/harbor.yml sed -i 's/hostname: reg.mydomain.com/hostname: harbor.corp.local/' ~/harbor/harbor.yml sed -i 's/your\/certificate\/path/data\/cert\/harbor.corp.local.crt/' ~/harbor/harbor.yml sed -i 's/your\/private\/key\/path/data\/cert\/harbor.corp.local.key/' ~/harbor/harbor.yml sed -i 's/Harbor12345/VMware1!/' ~/harbor/harbor.yml sed -i 's/root123/VMware1!/' ~/harbor/harbor.yml
There are loads of other settings that can be adjusted in here but these are the minimum needed to get Harbor successfully deployed. You can read about all of the various options at Configure the Harbor YML File.
When you’re ready, you can run the
install.sh script with any additional parameters you want to use to customize the installation. My example below installs to the current directory (
/root), installs the trivy scanner, Notary, Clair and the chart repository service. You can read about the different options that can be used with the installer script at Run the Installer Script.
harbor/install.sh --with-trivy --with-chartmuseum --with-clair --with-notary
You’ll see a lot of output as the installer has to pull down several container images to be used by Harbor.Harbor Installer Output
[Step 0]: checking if docker is installed ... Note: docker version: 19.03.10 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.26.2 [Step 2]: preparing environment ... [Step 3]: preparing harbor configs ... prepare base dir is set to /root/harbor Unable to find image 'goharbor/prepare:v2.0.2' locally v2.0.2: Pulling from goharbor/prepare 07cd1d2c25e7: Pull complete 8619c71f6190: Pull complete 383992c4c4a1: Pull complete 176c2d89ef30: Pull complete 2b2aec6b7bd9: Pull complete d50e9b907385: Pull complete 94d7a7b9afbb: Pull complete 6bf806af059b: Pull complete Digest: sha256:7e4b50df3b7fe6bef66a0dc368f9b6882089508906901989738b521179e71f7e Status: Downloaded newer image for goharbor/prepare:v2.0.2 Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/registryctl/config.yml Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml Generated and saved secret to file: /data/secret/keys/secretkey Successfully called func: create_root_cert Successfully called func: create_root_cert Successfully called func: create_cert Copying certs for notary signer Copying nginx configuration file for notary Generated configuration file: /config/nginx/conf.d/notary.upstream.conf Generated configuration file: /config/nginx/conf.d/notary.server.conf Generated configuration file: /config/notary/server-config.postgres.json Generated configuration file: /config/notary/server_env Generated and saved secret to file: /data/secret/keys/defaultalias Generated configuration file: /config/notary/signer_env Generated configuration file: /config/notary/signer-config.postgres.json Generated configuration file: /config/clair/postgres_env Generated configuration file: /config/clair/config.yaml Generated configuration file: /config/clair/clair_env Generated configuration file: /config/clair-adapter/env Generated configuration file: /config/trivy-adapter/env Generated configuration file: /config/chartserver/env Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir [Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating network "harbor_harbor-clair" with the default driver Creating network "harbor_harbor-notary" with the default driver Creating network "harbor_harbor-chartmuseum" with the default driver Creating network "harbor_notary-sig" with the default driver Pulling log (goharbor/harbor-log:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-log 07cd1d2c25e7: Already exists d89ac869e801: Pull complete 8b9cd891f824: Pull complete bd60aaa28aa3: Pull complete 75472aa9d464: Pull complete e68df0fc8993: Pull complete 97fe23a823dc: Pull complete 1376ee2d952e: Pull complete 8185789cf6e6: Pull complete Digest: sha256:570fceafb651e5c9490d270b4eeaf8f6871a1a02e623eec03feacea5ba28405a Status: Downloaded newer image for goharbor/harbor-log:v2.0.2 Pulling registry (goharbor/registry-photon:v2.0.2)... v2.0.2: Pulling from goharbor/registry-photon 07cd1d2c25e7: Already exists 3a9f69465479: Pull complete 75de84349314: Pull complete 737370c89d3b: Pull complete 8f75ac4c7b6f: Pull complete dedd49693e33: Pull complete Digest: sha256:be8963f9466c0d6722b5db1090ef36ebef1c94f805ebcb0616631d07ee5404e2 Status: Downloaded newer image for goharbor/registry-photon:v2.0.2 Pulling registryctl (goharbor/harbor-registryctl:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-registryctl 07cd1d2c25e7: Already exists 035312fd43ff: Pull complete d88a09756dca: Pull complete 3aba5adb7c79: Pull complete 0e533f05b2c9: Pull complete 2277f1dbcb1c: Pull complete 95ec400e5164: Pull complete Digest: sha256:5e4787c7e138efa9bccf5d73576d9f4fae8a7e9b4dd9bee753d47d4c53a5cb2f Status: Downloaded newer image for goharbor/harbor-registryctl:v2.0.2 Pulling postgresql (goharbor/harbor-db:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-db 07cd1d2c25e7: Already exists e948c37e7207: Pull complete 3a71cebd7999: Pull complete f109dc6b3800: Pull complete e4be30958527: Pull complete 82ce571198d0: Pull complete 5706317d7d15: Pull complete fa8166be32b9: Pull complete b4cf3d29c739: Pull complete Digest: sha256:b48a75379f64bc753d5b77bd0f187404553577f4b7bca8653514618b48fd58eb Status: Downloaded newer image for goharbor/harbor-db:v2.0.2 Pulling portal (goharbor/harbor-portal:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-portal 07cd1d2c25e7: Already exists ba0578672ca0: Pull complete a4049803e285: Pull complete 6e7b285c4e83: Pull complete fd8e11cd61fa: Pull complete 814aa4d80c9d: Pull complete 15bc9946d17d: Pull complete ce6b3b0ea5e0: Pull complete 901ce17214e0: Pull complete Digest: sha256:e9770b4e81d23204f82f309a45b6bbf0f2d3d04b799d6809032370b32b3e8bc8 Status: Downloaded newer image for goharbor/harbor-portal:v2.0.2 Pulling redis (goharbor/redis-photon:v2.0.2)... v2.0.2: Pulling from goharbor/redis-photon 07cd1d2c25e7: Already exists 4319f9523628: Pull complete 286473b88c0c: Pull complete d42081d9071a: Pull complete f945dcaa9608: Pull complete Digest: sha256:2510920e4faef376509a41bbfe58ea62f3e3e1c0dbcfca579581909b279ebaaa Status: Downloaded newer image for goharbor/redis-photon:v2.0.2 Pulling core (goharbor/harbor-core:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-core 07cd1d2c25e7: Already exists bdc8a779277e: Pull complete 4e1127c85380: Pull complete ffc6af618257: Pull complete 414603b1ee40: Pull complete da211b348d01: Pull complete c1b4d6a8d2d8: Pull complete 7663f4268e24: Pull complete ca33837424db: Pull complete Digest: sha256:8cedaa21e940155f37de0712954753638c050eda2630825f284eaab8df2ec6e2 Status: Downloaded newer image for goharbor/harbor-core:v2.0.2 Pulling jobservice (goharbor/harbor-jobservice:v2.0.2)... v2.0.2: Pulling from goharbor/harbor-jobservice 07cd1d2c25e7: Already exists deafefaaee4f: Pull complete a7a2f8217853: Pull complete 3f37fa27fb65: Pull complete e494603ffb58: Pull complete bf3b99cc1215: Pull complete Digest: sha256:d8477257a3ab8385b2c80ff229e87e9d3b20fb139e54e6657ffc6ff827eb2fcb Status: Downloaded newer image for goharbor/harbor-jobservice:v2.0.2 Pulling proxy (goharbor/nginx-photon:v2.0.2)... v2.0.2: Pulling from goharbor/nginx-photon 07cd1d2c25e7: Already exists 71bd4936dbd0: Pull complete Digest: sha256:faa9c384b3e1abdb83043cd9212ad131a45a10a3dd1eddb629907eb1f7556116 Status: Downloaded newer image for goharbor/nginx-photon:v2.0.2 Pulling notary-signer (goharbor/notary-signer-photon:v2.0.2)... v2.0.2: Pulling from goharbor/notary-signer-photon 07cd1d2c25e7: Already exists 36ad417faa91: Pull complete 4353b4f42868: Pull complete 47814cfd998a: Pull complete 5b77ebafec8b: Pull complete 6d4ed9afb582: Pull complete 6bb5aa0cd81f: Pull complete Digest: sha256:141311d3f1609dcbaaeebcb4ba311817e92eb073fba7ba3ee540631f1dfb8321 Status: Downloaded newer image for goharbor/notary-signer-photon:v2.0.2 Pulling notary-server (goharbor/notary-server-photon:v2.0.2)... v2.0.2: Pulling from goharbor/notary-server-photon 07cd1d2c25e7: Already exists 36ad417faa91: Already exists 4353b4f42868: Already exists d94fae612c0a: Pull complete c9b5b7a50cd4: Pull complete 6ca3b958e621: Pull complete 3b5129923539: Pull complete Digest: sha256:2201af0b394c7de6ee06167e6985af2f2a0ebb4288f91e26209081c3ad553894 Status: Downloaded newer image for goharbor/notary-server-photon:v2.0.2 Pulling clair (goharbor/clair-photon:v2.0.2)... v2.0.2: Pulling from goharbor/clair-photon 07cd1d2c25e7: Already exists f3128675d018: Pull complete 9f90be1b140d: Pull complete a64645d7754b: Pull complete 2d87fe2eb846: Pull complete f75479f3eabb: Pull complete 426b5f795420: Pull complete Digest: sha256:b03f5fb58928161dc32ab4ba7c5de4d23dd4d36da68e56a5709006567f90a75c Status: Downloaded newer image for goharbor/clair-photon:v2.0.2 Pulling clair-adapter (goharbor/clair-adapter-photon:v2.0.2)... v2.0.2: Pulling from goharbor/clair-adapter-photon 07cd1d2c25e7: Already exists c5f1096eb386: Pull complete 0ad3ea9b33e1: Pull complete a2f9213b6a03: Pull complete d2da6b4c9ee9: Pull complete ad89758617c9: Pull complete Digest: sha256:518b17077d6cb2a3fd0f78aa1af529f5c7f1133076d893396b34b2e85273a794 Status: Downloaded newer image for goharbor/clair-adapter-photon:v2.0.2 Pulling trivy-adapter (goharbor/trivy-adapter-photon:v2.0.2)... v2.0.2: Pulling from goharbor/trivy-adapter-photon 07cd1d2c25e7: Already exists e41d2cfc0aef: Pull complete 0517ab0645b3: Pull complete 5905ece4c968: Pull complete 1a964cd6f92d: Pull complete edb60e7a4b8e: Pull complete 465ae0d71fa0: Pull complete Digest: sha256:316d0bc11a070c1a43a00af8f8c90f782a2ffcdceaf87fb29a3a6ac0aa5d95e2 Status: Downloaded newer image for goharbor/trivy-adapter-photon:v2.0.2 Pulling chartmuseum (goharbor/chartmuseum-photon:v2.0.2)... v2.0.2: Pulling from goharbor/chartmuseum-photon 07cd1d2c25e7: Already exists 23cbc8230159: Pull complete aa6fb2fbee20: Pull complete d59a684068e1: Pull complete 677c6a771ab3: Pull complete 60f3109a22a6: Pull complete Digest: sha256:367f25072ffaaac3332d1adc8fc8ebe695f3d7678ba8ec1907fc89b12d557cc2 Status: Downloaded newer image for goharbor/chartmuseum-photon:v2.0.2 Creating harbor-log ... done Creating registryctl ... done Creating redis ... done Creating harbor-db ... done Creating harbor-portal ... done Creating registry ... done Creating chartmuseum ... done Creating trivy-adapter ... done Creating clair ... done Creating notary-signer ... done Creating harbor-core ... done Creating clair-adapter ... done Creating notary-server ... done Creating nginx ... done Creating harbor-jobservice ... done ✔ ----Harbor has been installed and started successfully.----
At this point, Harbor should be up and running and you can test connectivity to the Harbor UI in a browser (https://harbor.corp.tanzu in my example):
Note: If you already had your CA certificate added to the Trusted Root Certificate Authorities store you shouldn’t get any certificate warnings when accessing the UI.
You can login as the admin user with the password that was configured in the yaml file during installation. Once in, you should see a single Project named library and not much else:
Before we can start pushing any images to Harbor, we need to get the harbor certificate copied to our local machine. This is similar to the prep work that was done on the Harbor VM prior to installing Harbor. Just make sure you have a copy of the Harbor certificate (or the CA certificate) on your local system and run commands similar to the following:
sudo mkdir -p /etc/docker/certs.d/harbor.corp.tanzu sudo cp ~/harbor.corp.tanzu.crt /etc/docker/certs.d/harbor.corp.tanzu/ca.crt sudo systemctl restart docker
Now you can login to Harbor with the
docker command and start tagging and pushing images.
docker login harbor.corp.tanzu Username: admin Password: WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded docker pull busybox Using default tag: latest latest: Pulling from library/busybox 61c5ed1cbdf8: Pull complete Digest: sha256:4f47c01fa91355af2865ac10fef5bf6ec9c7f42ad2321377c21e844427972977 Status: Downloaded newer image for busybox:latest docker.io/library/busybox:latest docker tag busybox harbor.corp.tanzu/library/busybox:latest docker push harbor.corp.tanzu/library/busybox:latest The push refers to repository [harbor.corp.tanzu/library/busybox] 514c3a3e64d4: Pushed latest: digest: sha256:400ee2ed939df769d4681023810d2e4fb9479b8401d97003c710d0e20f7c49c6 size: 527
And you’ll see that the busybox image that was just pushed to Harbor is visible in the UI now as well.
The one thing that’s missing at this point is a means to get Harbor to start automatically at system boot. I opted to create a systemd service to handle this. If you choose to go this route you can use the following example and just make sure to change the path where Harbor was installed.
echo " [Unit] Description=Harbor After=docker.service systemd-networkd.service systemd-resolved.service Requires=docker.service Documentation=http://github.com/vmware/harbor [Service] Type=simple Restart=on-failure RestartSec=5 ExecStart=/usr/local/bin/docker-compose -f /root/harbor/docker-compose.yml up ExecStop=/usr/local/bin/docker-compose -f /root/harbor/docker-compose.yml down [Install] WantedBy=multi-user.target" | sudo tee /etc/systemd/system/harbor.service > /dev/null chmod +x /etc/systemd/system/harbor.service systemctl enable harbor.service
To switch over from the manual startup method invoked during installation and systemd, stop the current running processes and then start the systemd service.
docker-compose -v /root/harbor/docker-compose.yml down Stopping nginx ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping harbor-portal ... done Stopping registry ... done Stopping harbor-db ... done Stopping redis ... done Stopping registryctl ... done Stopping harbor-log ... done WARNING: Found orphan containers (chartmuseum, trivy-adapter, notary-server, clair, notary-signer, clair-adapter) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up. Removing nginx ... done Removing harbor-jobservice ... done Removing harbor-core ... done Removing harbor-portal ... done Removing registry ... done Removing harbor-db ... done Removing redis ... done Removing registryctl ... done Removing harbor-log ... done Removing network harbor_harbor systemctl start harbor
You can check the status of the harbor service with the
systemctl status harbor ● harbor.service - Harbor Loaded: loaded (/etc/systemd/system/harbor.service; enabled; vendor preset: enabled) Active: active (running) since Sun 2020-08-23 00:05:26 UTC; 18s ago Docs: http://github.com/vmware/harbor Main PID: 3837 (docker-compose) Tasks: 12 (limit: 4718) Memory: 62.3M CGroup: /system.slice/harbor.service ├─3837 /usr/local/bin/docker-compose -f /root/harbor/docker-compose.yml up └─3838 /usr/local/bin/docker-compose -f /root/harbor/docker-compose.yml up Aug 23 00:05:33 harbor docker-compose: Creating nginx ... Aug 23 00:05:35 harbor docker-compose: [216B blob data] Aug 23 00:05:35 harbor docker-compose: harbor-core | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: harbor-db | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: harbor-jobservice | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: harbor-portal | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: nginx | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: redis | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: registry | WARNING: no logs are available with the 'syslog' log driver Aug 23 00:05:35 harbor docker-compose: registryctl | WARNING: no logs are available with the 'syslog' log driver
You can also use the
journalctl -u harbor command to view logs from the harbor service if you suspect that there are issues with it.