harbor-users@lists.cncf.io

Home Messages Hashtags Subgroups

Export Group Data

Between

and

Re: How to handle certificates for remote registry correctly #security daojunz #243 See Harbor faq: https://github.com/goharbor/harbor/wiki/Harbor-FAQs you could add a ca cert: How to add a CA cert for the LDAP server or other Harbor server? [A] After installed the Harbor, there is a directory under common/config/shared/trust-certificates Copy the LDAP certificate, for example, ldap_ca.crt to this directory and restart the Harbor, The certificate is added to the trust store of the core container, and then you could enable “Verify Cert” in the LDAP configuration. Best regards, Stone (张道军) Software Engineer, CNA, VMware R&D -- From: <harbor-users@...> on behalf of "Dany via lists.cncf.io" <daniel.peigne=nokia.com@...> Reply-To: "harbor-users@..." <harbor-users@...> Date: Friday, November 19, 2021 at 12:00 AM To: "harbor-users@..." <harbor-users@...> Subject: Re: [harbor-users] How to handle certificates for remote registry correctly #security Hi, I have posted a similar post but not exactly the same question. My understanding is that whe you create a registry end point , the harbor tries to check the remote certifacte so in your case the docker registry The help online states that the verify remote cert flag should be unchecked when remote registry is using a self signed cert, so it might be normal that the connection test is failing. In my case, i wanted to know if need to configure the harbor with the CA cert of remote registry and how ; cna you elaborate on what you did on your habor host
More All Messages By This Member
Re: How to handle certificates for remote registry correctly #security Dany #242 Hi, I have posted a similar post but not exactly the same question. My understanding is that whe you create a registry end point , the harbor tries to check the remote certifacte so in your case the docker registry The help online states that the verify remote cert flag should be unchecked when remote registry is using a self signed cert, so it might be normal that the connection test is failing. In my case, i wanted to know if need to configure the harbor with the CA cert of remote registry and how ; cna you elaborate on what you did on your habor host
More All Messages By This Member
What configuration needs to be done to verify remote registry certificate #security Dany #241 Hi , on an Harbor, i will call "Local Harbor" in below text , I am creating a remote registry EndPoint i will call remote Harbor and i check in the flag "Verify remote Cert", (see below picture), as a result, test connection failed, The same connection test is working without verifying remote cert, I know that this might be due to remote registry configured with a self signed cert But my question is : Do i need to configure something in my local harbor , for instance do i need the CA cert used to isue the remote Harbor server certificate in order the local harbor be able to verify remote server certificate. if yes, can you point me to the procedure Brs Dany
More All Messages By This Member
Welcome Vadim Bauer as new member of the Maintainer team Orlin Vasilev #240 Hello Community, Wanna share something great today: Vadim Bauer from https://container-registry.com/ is now part of the maintainers team. Vadim's passion and dedication to Harbor were the main drivers in his nomination! Vadim is Software Engineer, SaaS Builder, Cloud Native, and DevOps advocate & practitioner. Founder of container-registry and partner at 56k.cloud. Thriving OSS Contributor, located in Switzerland! Vadim has contributed in: General: - Answer questions and helping users adopt Harbor in the Slack Community and on GitHub issues and discussion. - Translation of the german language Helm Chart: - Improving Harbor Helm Chart PR (1073, 767) Core - Contributing to Harbor Core by providing PRs (14329, 14901,14905, 14906, 15210, 15211) - Verifying and reproducing issues reported by users - Improved the replications functionality with GitLab - Use of robot accounts for replication - Improved replication by providing different replication options. Welcome once again Vadim! Orlix Harbor Community Manager
More All Messages By This Member
Re: is deduplication of artifacts applied across projects? Yan Wang #239 The shared blob will not increse the total storage usage, the increase is just because there is an new manifest that generated after copy. -Yan From: harbor-users@... <harbor-users@...> on behalf of Dany via lists.cncf.io <daniel.peigne=nokia.com@...> Date: Monday, November 8, 2021 at 16:46 To: harbor-users@... <harbor-users@...> Subject: [harbor-users] is deduplication of artifacts applied across projects? Hi, I would like to know when an image is stored in 2 differents projects whether the layers of image are duplicated on disk. When i copy image, harbor UI increases the metric "Storage used" BRs Daniel
More All Messages By This Member
is deduplication of artifacts applied across projects? Dany #238 Hi, I would like to know when an image is stored in 2 differents projects whether the layers of image are duplicated on disk. When i copy image, harbor UI increases the metric "Storage used" BRs Daniel
More All Messages By This Member
Re: Replication rule using tag filtering Dany #237 Thanks for suggestion I did it see https://github.com/goharbor/harbor/issues/15957 I posted a new proposal because i assume this is not a bug with regards to the implementation . Have a nice WE
More All Messages By This Member
Re: Replication rule using tag filtering Orlin Vasilev #236 Hi Daniel, you can also ask in slack as well https://cloud-native.slack.com/archives/CC1E09J6S in the Cloud Native space under the channel #harbor. Or open github issue: https://github.com/goharbor/harbor/issues Orlix toggle quoted messageShow quoted text On Thu, Nov 4, 2021 at 6:14 PM <daniel.peigne@...> wrote: Hi, I am new comer in CNCF and harbor users group. Let me know if this is not the right channel to address this topic. When i set up a Replication rule and provison the Tag field of Source resource filter, the replication rule is workling properly but ONLY the tag matching the filter criteria is replicated. I was expecting that the Source resource filter is used to scope the list of artifact to be replicated but when an artifact is matching the filter criteria, ALL its tags are replicated. How can i get this behavior ? how to submit a new feature request ? BRs Daniel
More All Messages By This Member
Re: Replication rule using tag filtering Dany #235 Hi Normal, Thanks for your proposal, No , i am not, Daniel
More All Messages By This Member
Re: Replication rule using tag filtering Norman Henderson #234 Daniel, are you at the Linux Foundation member summit today? if so happy to meet in person and help. toggle quoted messageShow quoted text -------- Original message -------- From: daniel.peigne@... Date: 11/4/21 12:14 PM (GMT-05:00) To: harbor-users@... Subject: [harbor-users] Replication rule using tag filtering Hi, I am new comer in CNCF and harbor users group. Let me know if this is not the right channel to address this topic. When i set up a Replication rule and provison the Tag field of Source resource filter, the replication rule is workling properly but ONLY the tag matching the filter criteria is replicated. I was expecting that the Source resource filter is used to scope the list of artifact to be replicated but when an artifact is matching the filter criteria, ALL its tags are replicated. How can i get this behavior ? how to submit a new feature request ? BRs Daniel
More All Messages By This Member
Replication rule using tag filtering Dany #233 Hi, I am new comer in CNCF and harbor users group. Let me know if this is not the right channel to address this topic. When i set up a Replication rule and provison the Tag field of Source resource filter, the replication rule is workling properly but ONLY the tag matching the filter criteria is replicated. I was expecting that the Source resource filter is used to scope the list of artifact to be replicated but when an artifact is matching the filter criteria, ALL its tags are replicated. How can i get this behavior ? how to submit a new feature request ? BRs Daniel
More All Messages By This Member
Harbor 2.4 Release is out! Orlin Vasilev #232 Hello Harbor Community! We are pleased to inform you that we just released Harbor 2.4. Please read the full blog here: https://goharbor.io/blog/harbor-2.4/ You can find the release info here https://github.com/goharbor/harbor/releases/tag/v2.4.0 Downloadables and full information! Collaborate with the Harbor Community Get updates on Twitter: @project_harbor Chat with us on Slack: #harbor and #harbor-dev on the CNCF Slack Collaborate with us on GitHub Attend the community meetings Orlin Vasilev Harbor Community Manager Github: @OrlinVasilev Twitter: OrlinVasilev
More All Messages By This Member
New member of the maintainers team - Tianon Gravi Orlin Vasilev #231 Hi folks, So happy to inform you that Tianon Gravi has joined the maintainers team! Tianon Gravi joined the InfoSiftr/Devgistics team in 2010 as a founding member. He became a maintainer on the Docker Open Source project in 2013, helped create the Docker Official Images program in 2014, joined in the creation of the Open Container Initiative in 2015 as a member of the Technical Developer Community, and officially joined the Debian Project in 2015 as a Debian Developer. Much of his time both personally and professionally is spent contributing to and maintaining free and open source projects. Please join me to welcome him into the family! Orlix
More All Messages By This Member
cancelling 10.6.2021 community meeting #cal-cancelled Alex Xu #230 Hey everyone, We're cancelling the Harbor community meeting on 10.6 since the team is away on holiday break. If you have anything urgent to discuss, please reach out here or in slack. Thanks!
More All Messages By This Member
harbor operator v1.1.1 released! Steven Zou #229 Greeting, everyone We’re so pleased to announce the Harbor operator v1.1.1 is released! In this patch release, we fix several critical bugs and also provide better support for openshift platform. For learning more details of this release, you can check the changelog of v1.1.1.Any feedback is welcomed and we’ll continue to make harbor operator better and more stable. By operator workgroup/goharbor thanks&regards -- 邹佳 Steven Zou (he/him/his) Engineer, MAP(Modern Application Platform), VMware R&D \| Harbor Maintainer Mail: szou@... GitHub: github.com/steven-zou Cell: +8618600021252 Addr: 9F Tower C, Raycom Info Tech Park, No. 2 Kexueyuan South Road Haidian District, Beijing 100738 China
More All Messages By This Member
Harbor operator v1.1.0 is released! Steven Zou #228 Hi all, We’re so pleased to announce the harbor operator v1.1.0 is released! Notable features include: - Support deploying Harbor v2.3 - Support Kubernetes version 1.21 - Upgrade ingress version to v1 - Refine CRD definitions to provide consistent database, storage, and cache configuration spec (introduce new CRD version v1beta1) - Support applying day2 configuration with CRD-based declaration way - Support exposing Harbor services with the load balancer - Expose additional configuration options for S3 storage - Logging in a consistent format - Extend supporting versions of underlying operators (PostgreSQL, Redis, and Minio) Any feedback is welcomed! Learn more details, please check the operator v1.1.0 release page. thanks&regards -- 邹佳 Steven Zou (he/him/his) Engineer, MAP(Modern Application Platform), VMware R&D \| Harbor Maintainer Mail: szou@... GitHub: github.com/steven-zou Cell: +8618600021252 Addr: 9F Tower C, Raycom Info Tech Park, No. 2 Kexueyuan South Road Haidian District, Beijing 100738 China
More All Messages By This Member
Harbor v2.3 has GA'ed !! 🎉🎉🎉 Alex Xu #227 Hi everyone, We’re pleased to announce the general availability of Harbor v2.3 New Features Declarative Config Enhanced the current configuration by adding environment variables to overwrite the Harbor configuration including auth, backing store, system permissions and more. This enables full audit capabilities and prevent config drift. This addresses #8076 IPv6 Support running Harbor in Kubernetes with harbor-helm on IPv6-only infrastructure. (Tested on Kubernetes version 1.21.0 and Calico version 3.18.1 ) Photon Upgrade Upgraded all Harbor base images from Photon 2.0 to 4.0. Postgresql upgrade to v13.3. Redis upgrade to v6.0.13. Additional Features Performance enhancement for concurrent requests. Observability Metrics Improvement: Support Jobservice metrics. Swagger API Improvement: The APIs of project scanners & webhooks support both project id and name in their path. Replication enhancement to support destination namespace flattening. Moved the legacy APIs to new programming model. Harbor is now built using Golang v1.15.12 as of this release. Bumped up Trivy to version 0.17 which adds support for Java JAR/WAR/EAR archives and Go binaries scanning. Upgrade Considerations During upgrades, Harbor will remove the old Postgresql data and migrate it to new destination to compatible new version Postgresql. Please back up your data before upgrading to v2.3.0. Deprecations The ChartMuseum is scheduled to be deprecated in a future v2.4.0 release. Helm charts will need to be managed in Harbor through the OCI image registry alongside your container images Breaking Changes The API to GET artifact under public project such as GET /v2/$public_project/$repo/manifests/$tag, will receive a 401 if the request does not carry "Authorization" header, more details see: #14711 #14768 Resolved Issues Full list of issues fixed in v2.3.0 Contributors Will Sun He Weiwei Wang Yan Wenkai Yin(尹文开) Daniel Jiang stonezdj(Daojun Zhang) Qian Deng danfengliu Ziming ChenYu Zhang Steven Zou Alexis rao yunkun Moshe Immerman Daniel Pacak Abigail McCarthy Akiros001 Vadim Bauer 疯魔慕薇 Eike David Lenz
More All Messages By This Member
Cancelled Event: Harbor Office Hours - 2nd Wednesday #cal-cancelled harbor-users@lists.cncf.io Calendar <noreply@...> #226 Cancelled: Harbor Office Hours - 2nd Wednesday This event has been cancelled. When: Wednesday, 11 November 2020 1:00pm to 2:00pm (UTC-05:00) America/New York Repeats: Monthly on the second Wednesday Where: https://zoom.us/j/98160556477?pwd=ZzhUa3VteFJQK2VXbWJxMHRQY0JmUT09 Description: Restarting these for the new year! Come join us for the Harbor Office Hours every 2nd and 4th Wednesday at 1pm ET / 10am PT. The Harbor Office Hours is a place where you can ask questions like "how does Harbor work?", "how do I do this in Harbor?", and "how do I get started contributing to Harbor?" Meeting notes and agenda: https://hackmd.io/qjTVtIOnTU6vbEH32RIE0w CNCF Harbor is inviting you to a scheduled Zoom meeting. Join Zoom Meeting https://zoom.us/j/98160556477?pwd=ZzhUa3VteFJQK2VXbWJxMHRQY0JmUT09 Meeting ID: 981 6055 6477 Passcode: 5313661231 One tap mobile +16465588656,,98160556477# US (New York) +13017158592,,98160556477# US (Washington D.C) Dial by your location +1 646 558 8656 US (New York) +1 301 715 8592 US (Washington D.C) +1 312 626 6799 US (Chicago) +1 669 900 6833 US (San Jose) +1 253 215 8782 US (Tacoma) +1 346 248 7799 US (Houston) 877 369 0926 US Toll-free 855 880 1246 US Toll-free +1 778 907 2071 Canada +1 204 272 7920 Canada +1 438 809 7799 Canada +1 587 328 1099 Canada +1 647 374 4685 Canada +1 647 558 0588 Canada 855 703 8985 Canada Toll-free Meeting ID: 981 6055 6477 Find your local number: https://zoom.us/u/adyobhXLwo Calendar Calendar
More
Harbor Operator v1.1.0 has GA'ed !! 🎉🎉🎉 Alex Xu #225 We’re pleased to announce that the Harbor Operator v1.0.0 is now GA !! This provides a more flexible and resilient way to deploy and manage a full Harbor service including both the Harbor service components and its relevant dependent services such as database, cache, and storage services. Highlights: Provides high customization in deployment stack (identified by HarborCluster CR) Minimal stack: provisions core components such as Harbor Core, Registry, Registry Controller, Job Service and Web Portal only Standard stack: provisions optional components such Notary, Trivy, ChartMuseum and Metrics Exporter Full stack: provisions related dependent services including the database (PostgreSQL), cache (Redis) and storage (MinIO) Supports configuring either external or in-cluster deployed dependent services Supports a variety of backend storage configurations filesystem: A storage driver configured to use a directory tree in a Kubernetes volume. s3: A driver storing objects in an Amazon S3 bucket. swift: A driver storing objects in Openstack Swift. Supports updating the deployed Harbor cluster Allows configuring replicas of individual components Support in place upgrades Deletes all the linked resources when deleting the Harbor cluster Configures Harbor system settings with ConfigMap in a declarative way Support services exposed with ingress (validated Nginx, GCE, NSX NCP) :harbor::harbor::harbor::harbor::harbor:
More All Messages By This Member
KubeCon - Harbor Office Hours 2 - Wed, 05/05/2021 2:00pm-3:00pm #cal-reminder harbor-users@lists.cncf.io Calendar <harbor-users@...> #224 Reminder: KubeCon - Harbor Office Hours 2 When: Wednesday, 5 May 2021, 2:00pm to 3:00pm, (GMT+02:00) Europe/Amsterdam Where:https://community.cncf.io/events/details/cncf-cncf-project-office-hours-presents-harbor-project-office-hours-1400-1500-cest-1/ View Event Description: If you are attending KubeCon Europe 2021, come chat with the Harbor maintainers during our Office Hours! We'd love to hear your feedback and questions. RSVP here: https://community.cncf.io/events/details/cncf-cncf-project-office-hours-presents-harbor-project-office-hours-1400-1500-cest-1/
More

1 - 20 of 242

Home Hashtags Subgroups Terms

Collaborate with the Harbor Community

New Features

Upgrade Considerations

Deprecations

Breaking Changes

Resolved Issues

Contributors