1. harbor-users@lists.cncf.io
  2. Messages
   Date   
Application not accessible after deploying SSL certificates.

sujan.n@...
 

Hi Team,

I am getting below error after deploying the certificates signed by Digicert CA.

Error occurred during a connection to ilharbor.xxxx.net. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG.

All harbor containers are running healthy

Please assist to solve this issues.

Best Regards,

Sujan
Announcing the launch of Harbor SIG Docs!

Abigail McCarthy
 

Hello everyone,

The Harbor team is launching a new SIG Docs group focused on helping to write and maintain the Harbor docs. We are having a kick-off meeting during the Harbor community meeting next Wednesday, February 23rd at 8am Eastern Daylight Time (Timezone converter). At the meeting, we’ll go over more details about participating in the group, covering the following topics

  • The Harbor docs tools and how to set up your environment
  • How to preview the documentation locally before submitting a pull request
  • Anything else you’d like to know about helping with Harbor documentation

One of our first goals is to verify and update our Harbor interface localizations. Over the years, we’ve had several community members contribute localizations to the project but have not had a way to make sure each localization was updated each release. If you are familiar with one of the localized languages, or would like to contribute a new localization, please join us! For more information, see the localization issue or our interface localization instructions.


We hope you can join us as we start up this new initiative. As a part of this effort, you will be enriching the community for everyone by providing new and experienced users with access to the docs they need to be successful.

If you have any questions, please reach out to Orlin or I in the harbor-dev Slack.

Thanks!
Abigail & Orlin



Abigail McCarthy
Harbor SIG Docs Lead
Github: @a-mccarthy

Orlin Vasilev
Harbor Community Manager
Github: @OrlinVasilev



Updated Event: Harbor Community Meeting - China/Europe Time zone #cal-invite

harbor-users@lists.cncf.io Calendar <noreply@...>
 

Harbor Community Meeting - China/Europe Time zone

When:
Wednesday, July 31, 2019
9:00pm to 10:00pm
(UTC+08:00) Asia/Shanghai
Repeats: Every 2 weeks on Wednesday, through Tuesday, 8 February 2022

Where:
https://zoom.us/j/734959521

Organizer: Jonas Rosland jrosland@...

View Event

Description:
Hello everyone,

This is a recurring calendar invite for the bi-weekly Harbor community meetings.
There will be two meetings, one for China/Europe time zone, and one for Americas time zone
Please pick the one that fits your schedule best.

To attend, use the following Zoom link: https://zoom.us/j/734959521

Meeting notes, agenda, and recordings of past meetings and other details are located at https://github.com/goharbor/community/blob/master/MEETING_SCHEDULE.md
and
https://github.com/goharbor/community/tree/master/conf-calls

Calendar
Calendar

Harbor Community meeting recording 26 Jan 2022

Orlin Vasilev
 

Hi Community,

in case you missed our Community meeting on 26th of January here is the recording:

image.pngRecording: Community Meeting - 26th Jan 2022

In this epizode:)
* [Yan Wang] - Cosign integration demo
* [Orlix] - Harbor 2.5 release - date and announcement - Feb 11th - feature completion, March 11th - Release date!
* [Yan Wang] - Maintainers track KubeConEU'22
* [Abbie] - Announcement of the Technical Writing Working Group - After Chinese New Year celebrations 

Happy day everyone!

Orlix
Community Manager!
Harbor - Collecting requirements for v2.6

Orlin Vasilev
 

Community,

We are close to the release of v2.5 so it's time to start collecting the requirements and features needed in v2.6.

Please enter your topics/wishes/requirements here:

Feel free to add for discussion anything your use case or organization needs and will try to address it!

Thank you for being an active member of the community and making Harbor better!

Orlix
Harbor Community Manager
Christmas Break, no meeting until January 12th!

Orlin Vasilev
 

Hello all,

Just to inform you that we will skip all meetings until January 12th for our first Community Meeting in 2022!!

Happy Holidays all!

Orlix
Harbor Community Manager
#security Information regarding the CVE-2021-4428 - log4j RCE vulnerability and Project Harbor #security

Vadim Bauer
 

Hello Harbor Users,

since the publication of the Apache log4j Vulnerability CVE-2021-44228 on Dec. 9, 2021 the Harbor community receives frequent questions on the effects of the vulnerability to project Harbor.

Details

Project Harbor is built with Golang, and is not running or using the JVM. Nor does project Harbor use any Java library, including log4j.  
This also applies to any subsystem and auxiliary services that belong to project Harbor and the Harbor Software stack.

Impact

None


sincerely


Vadim Bauer
Project Harbor Maintainer
Re: How to handle certificates for remote registry correctly #security

daojunz
 

See Harbor faq:

https://github.com/goharbor/harbor/wiki/Harbor-FAQs

 

you could add a ca cert:

 

  1. How to add a CA cert for the LDAP server or other Harbor server?

[A] After installed the Harbor, there is a directory under common/config/shared/trust-certificates Copy the LDAP certificate, for example, ldap_ca.crt to this directory and restart the Harbor, The certificate is added to the trust store of the core container, and then you could enable “Verify Cert” in the LDAP configuration.

 

 

Best regards,

Stone (张道军)

Software Engineer, CNA, VMware R&D

 

-- 

 

 

From: <harbor-users@...> on behalf of "Dany via lists.cncf.io" <daniel.peigne=nokia.com@...>
Reply-To: "harbor-users@..." <harbor-users@...>
Date: Friday, November 19, 2021 at 12:00 AM
To: "harbor-users@..." <harbor-users@...>
Subject: Re: [harbor-users] How to handle certificates for remote registry correctly #security

 

Hi,
I have posted a similar post but  not exactly the same question.

My understanding is that whe you create a registry end point , the harbor tries to check the remote certifacte so in your case the docker registry
The help online states that the verify remote cert flag should be unchecked  when remote registry is using a self signed cert, so it might be normal that the connection test is failing.

In my case, i wanted to know if need to configure the harbor with the CA cert of remote registry and how ;
cna you elaborate on what you did  on your habor host

Re: How to handle certificates for remote registry correctly #security

Dany
 

Hi,
I have posted a similar post but  not exactly the same question.

My understanding is that whe you create a registry end point , the harbor tries to check the remote certifacte so in your case the docker registry
The help online states that the verify remote cert flag should be unchecked  when remote registry is using a self signed cert, so it might be normal that the connection test is failing.

In my case, i wanted to know if need to configure the harbor with the CA cert of remote registry and how ;
cna you elaborate on what you did  on your habor host
What configuration needs to be done to verify remote registry certificate #security

Dany
 

Hi ,

on an Harbor, i will call "Local Harbor" in below text ,  I am creating a remote registry EndPoint i will call remote Harbor and i check in the flag "Verify remote Cert",  (see below picture), as a result, test connection failed, The same connection test is working without verifying remote cert,
I know that this might be due to remote registry configured with a self signed cert

But my question is : 
Do i need to configure something in my local harbor , for instance do i need the CA cert used to isue the remote Harbor server certificate  in order the local harbor  be able to verify remote server certificate.
if yes, can you point me to the procedure






Brs
Dany
Welcome Vadim Bauer as new member of the Maintainer team

Orlin Vasilev
 

Hello Community,

Wanna share something great today: Vadim Bauer from https://container-registry.com/ is now part of the maintainers team. Vadim's passion and dedication to Harbor were the main drivers in his nomination!
 
Vadim is Software Engineer, SaaS Builder, Cloud Native, and DevOps advocate & practitioner. Founder of container-registry and partner at 56k.cloud. Thriving OSS Contributor, located in Switzerland! 

Vadim has contributed in:
General:
 - Answer questions and helping users adopt Harbor in the Slack Community and on GitHub issues and discussion.
 - Translation of the german language

Helm Chart:
 - Improving Harbor Helm Chart PR (1073, 767)
Core
 - Contributing to Harbor Core by providing PRs (14329, 14901,14905, 14906, 15210, 15211)
 - Verifying and reproducing issues reported by users
 - Improved the replications functionality with GitLab
 - Use of robot accounts for replication
 - Improved replication by providing different replication options.

Welcome once again Vadim!



Orlix
Harbor Community Manager
Re: is deduplication of artifacts applied across projects?

Yan Wang
 

The shared blob will not increse the total storage usage, the increase is just because there is an new manifest that generated after copy.

 

-Yan

 

From: harbor-users@... <harbor-users@...> on behalf of Dany via lists.cncf.io <daniel.peigne=nokia.com@...>
Date: Monday, November 8, 2021 at 16:46
To: harbor-users@... <harbor-users@...>
Subject: [harbor-users] is deduplication of artifacts applied across projects?

Hi,
I would like  to know when an image is stored in 2 differents projects whether the layers of image are duplicated on disk.

When i copy image, harbor UI increases the metric "Storage used"
BRs
Daniel

is deduplication of artifacts applied across projects?

Dany
 

Hi,
I would like  to know when an image is stored in 2 differents projects whether the layers of image are duplicated on disk.

When i copy image, harbor UI increases the metric "Storage used"
BRs
Daniel
Re: Replication rule using tag filtering

Dany
 

Thanks for suggestion
I did it see  https://github.com/goharbor/harbor/issues/15957
I posted a new proposal because i assume this is not a bug with regards to the implementation .

Have a nice WE
Re: Replication rule using tag filtering

Orlin Vasilev
 

Hi Daniel, 

you can also ask in slack as well https://cloud-native.slack.com/archives/CC1E09J6S in the Cloud Native space under the channel #harbor.

Orlix



On Thu, Nov 4, 2021 at 6:14 PM <daniel.peigne@...> wrote:
Hi,
I am new comer in CNCF and harbor users group. Let me know if this is not  the right channel to address this topic.

When i set up a Replication rule  and provison the Tag field of Source resource filter, the replication rule is workling properly but  ONLY the tag matching the filter criteria is replicated.

I was expecting that the Source resource filter is used to scope the list of artifact to be replicated  but when an artifact is matching the filter criteria, ALL its tags are replicated.

How can i get this behavior ?  how to submit a new feature request ?

BRs
Daniel

Re: Replication rule using tag filtering

Dany
 

Hi Normal,
Thanks for your proposal, No , i am not,
Daniel
Re: Replication rule using tag filtering

Norman Henderson <norman@...>
 

Daniel, are you at the Linux Foundation member summit today?
if so happy to meet in person and help.





-------- Original message --------
From: daniel.peigne@...
Date: 11/4/21 12:14 PM (GMT-05:00)
To: harbor-users@...
Subject: [harbor-users] Replication rule using tag filtering

Hi,
I am new comer in CNCF and harbor users group. Let me know if this is not  the right channel to address this topic.

When i set up a Replication rule  and provison the Tag field of Source resource filter, the replication rule is workling properly but  ONLY the tag matching the filter criteria is replicated.

I was expecting that the Source resource filter is used to scope the list of artifact to be replicated  but when an artifact is matching the filter criteria, ALL its tags are replicated.

How can i get this behavior ?  how to submit a new feature request ?

BRs
Daniel

Replication rule using tag filtering

Dany
 

Hi,
I am new comer in CNCF and harbor users group. Let me know if this is not  the right channel to address this topic.

When i set up a Replication rule  and provison the Tag field of Source resource filter, the replication rule is workling properly but  ONLY the tag matching the filter criteria is replicated.

I was expecting that the Source resource filter is used to scope the list of artifact to be replicated  but when an artifact is matching the filter criteria, ALL its tags are replicated.

How can i get this behavior ?  how to submit a new feature request ?

BRs
Daniel
Harbor 2.4 Release is out!

Orlin Vasilev
 

Hello Harbor Community!

We are pleased to inform you that we just released Harbor 2.4.
Please read the full blog here: 


You can find the release info here https://github.com/goharbor/harbor/releases/tag/v2.4.0
Downloadables and full information!

Collaborate with the Harbor Community

Get updates on Twitter: @project_harbor
Chat with us on Slack: #harbor and #harbor-dev on the CNCF Slack
Collaborate with us on GitHub
Attend the community meetings

Orlin Vasilev
Harbor Community Manager
Github: @OrlinVasilev

Twitter: OrlinVasilev
New member of the maintainers team - Tianon Gravi

Orlin Vasilev
 

Hi folks,

So happy to inform you that Tianon Gravi has joined the maintainers team!

Tianon Gravi joined the InfoSiftr/Devgistics team in 2010 as a founding member.  He became a maintainer on the Docker Open Source project in 2013, helped create the Docker Official Images program in 2014, joined in the creation of the Open Container Initiative in 2015 as a member of the Technical Developer Community, and officially joined the Debian Project in 2015 as a Debian Developer.  Much of his time both personally and professionally is spent contributing to and maintaining free and open source projects.

Please join me to welcome him into the family!

Orlix
61 - 80 of 309