k-space/harbor-operator
10
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Activity

Update README

Browse Source
This commit is contained in:
Lauri Võsandi 2022-12-15 10:28:31 +02:00
parent 34f3a878d9
commit fd76ea3b7f
2 changed files with 40 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
README.md
View File

@ -2,7 +2,14 @@
## Background ## Background
This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster: Note that this project is NOT connected to [official Harbor operator](https://github.com/goharbor/harbor-operator#future-features).
The main reason we decided to write our own operator was that the official
operator was missing all the features we wanted to have and mainlining such
features would likely take months.
This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster
using Helm:
* Only one Harbor instance per Kubernetes cluster * Only one Harbor instance per Kubernetes cluster
* Nearly all components deployed in HA fashion * Nearly all components deployed in HA fashion
@ -15,9 +22,14 @@ This operator is higly opinionated way to deploy Harbor in a Kubernetes cluster:
* Sandbox dashboard adds `ClusterUser` resources when user logs in * Sandbox dashboard adds `ClusterUser` resources when user logs in
* Automate push/pull credential provisioning using HarborCredential CRD-s, * Automate push/pull credential provisioning using HarborCredential CRD-s,
to simplify working with Skaffold to simplify working with Skaffold
* [WIP] Pod admission mutation webhook to rewrite Pod images to use * Pod admission mutation webhook to rewrite Pod images to use
proxy caches defined via `ClusterHarborProject` definitions with `cache: true`. proxy caches defined via `ClusterHarborProject` definitions with `cache: true`.
Caveats:
* User must have logged in with OIDC first before `ClusterHarborProjectMember`
CRD will have effect and it will take operator several minutes to pick up the change.
## Instantiating Harbor projects ## Instantiating Harbor projects
@ -60,6 +72,19 @@ spec:
quota: 10737418240 quota: 10737418240
``` ```
To instantiate Harbor project:
```
apiVersion: codemowers.io/v1alpha1
kind: ClusterHarborProject
metadata:
name: k-space
spec:
cache: false
public: true
quota: 10737418240
```
## Deploying push/pull secrets into namespaces ## Deploying push/pull secrets into namespaces

14
values.yaml
View File

@ -1,4 +1,7 @@
# Availability zone key for pods
topologyKey: kubernetes.io/hostname topologyKey: kubernetes.io/hostname
# Harbor portal
ingress: ingress:
enabled: true enabled: true
host: harbor.k-space.ee host: harbor.k-space.ee
@ -6,13 +9,22 @@ ingress:
host: "*.k-space.ee" host: "*.k-space.ee"
target: traefik.k-space.ee target: traefik.k-space.ee
class: traefik class: traefik
# Instantiate proxy cache projects for known Docker registries
caches: caches:
docker: true docker: true
quay: true quay: true
# Mutate pods for cached images
admissionController: false
# Harbor image repository and tag
image: image:
repository: goharbor repository: goharbor
tag: v2.6.2 tag: v2.6.2
persistence:
# Storage options
storage:
postgres: postgres:
storageClass: postgres storageClass: postgres
storage: 5Gi storage: 5Gi