Journal of a guy in IT

Running a container image registry with Harbor

While it's relative easy to run a registry using docker, I wanted to use a solution with a bit more possibilities, e.g. vulnerability scanning.

There are multiple ways to deploy Harbor, HA on kubernetes, locally on docker or on a Virtual Machine running docker by using a quick setup script that is provided. I'm running a Virtual Machine with docker where I also run Core DNS to use hostnames instead of IPs. This is all locally on my laptop because I don't have a lab environment at this moment. This allows me to switch between DNS servers when I'm working on my lab.

Since I don't have a proper way yet to generate verified SSL certificates for my lab, I followed the Harbor documentation on generating a self signed certificate which you can find here: 
I think it's important to mention that this page also contains the write-up of copying the certificates to the folder where Docker can pick them up during the setup for Harbor.

I'm all doing this on an empty Ubuntu Server 20.04 which I run on my laptop. Next up, I followed the quick install script explained here:

After running the script, all prerequisites were installed, docker-ce,, etc., but then it failed to run the This was because I was missing harbor.yml, this is the configuration file used to configure Harbor during setup. The script searches for it in the folder where it unpacked the online Harbor installer. In this folder I did found the template file harbor.yml.tmpl which I could conveniently copy and update the hostname accordingly. After this I ran the again m anually, so not by execution the I figured out by looking into the (

./ --with-clair --with-chartmuseum

The two parameters are used to indicated we want to install optional components with Harbor. Harbor uses Clair for providing vulnerability reports on images stored in Harbor registry as part of its vulnerability scan feature and Chartmuseum to manage Helm Charts.

After the script is finished I run docker ps to verify the containers are started.

When trying to login from my laptop to the Virtual Machine running the Harbor containers using Docker it complaints about the SSL certificate. Since I'm running Docker on my laptop I added the domain name to the insecure-registries JSON attribute in the Docker daemon configuration and installed the CA certificate to by-pass this error.