1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
| var_base=/root/helm
var_app=$var_base/harbor
var_version=1.12.1
mkdir -p $var_app
cd $var_app
helm repo add harbor https://helm.goharbor.io
helm repo update
helm pull harbor/harbor --version $var_version
tar xf harbor-$var_version.tgz
helm upgrade --install --dry-run --debug \
--namespace harbor \
--create-namespace \
--set expose.type=ingress \
--set expose.tls.enabled=true \
--set expose.tls.certSource=secret \
--set expose.tls.secret.secretName='harbor-example-com-tls' \
--set expose.tls.secret.notarySecretName='notary-example-com-tls' \
--set expose.ingress.hosts.core="harbor.example.com" \
--set expose.ingress.hosts.notary="notary.example.com" \
--set expose.ingress.className=nginx \
--set-string expose.ingress.annotations."kubernetes\.io/tls-acme"=true \
--set-string expose.ingress.annotations."ingress\.kubernetes\.io/ssl-redirect"=true \
--set-string expose.ingress.annotations."ingress\.kubernetes\.io/proxy-body-size"=1024m \
--set-string expose.ingress.annotations."nginx\.ingress\.kubernetes\.io/ssl-redirect"=true \
--set-string expose.ingress.annotations."nginx\.ingress\.kubernetes\.io/proxy-body-size"=1024m \
--set-string expose.ingress.annotations."nginx\.org/client-max-body-size"=1024m \
--set-string expose.ingress.annotations."cert-manager\.io/cluster-issuer"='letsencrypt-prod' \
--set externalURL="https://harbor.example.com" \
--set harborAdminPassword='Password' \
--set persistence.enabled=true \
--set persistence.resourcePolicy=keep \
--set persistence.persistentVolumeClaim.registry.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.registry.size=100Gi \
--set persistence.persistentVolumeClaim.registry.accessMode=ReadWriteMany \
--set persistence.persistentVolumeClaim.jobservice.jobLog.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.jobservice.jobLog.size=10Gi \
--set persistence.persistentVolumeClaim.jobservice.jobLog.accessMode=ReadWriteMany \
--set persistence.persistentVolumeClaim.database.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.database.size=10Gi \
--set persistence.persistentVolumeClaim.database.accessMode=ReadWriteOnce \
--set persistence.persistentVolumeClaim.redis.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.redis.size=10Gi \
--set persistence.persistentVolumeClaim.redis.accessMode=ReadWriteOnce \
--set persistence.persistentVolumeClaim.trivy.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.trivy.size=10Gi \
--set persistence.persistentVolumeClaim.trivy.accessMode=ReadWriteOnce \
--set database.internal.password='TestPassword' \
--set metrics.enabled=true \
harbor ./harbor
helm upgrade --install \
--namespace harbor \
--create-namespace \
--set expose.type=ingress \
--set expose.tls.enabled=true \
--set expose.tls.certSource=secret \
--set expose.tls.secret.secretName='harbor-example-com-tls' \
--set expose.tls.secret.notarySecretName='notary-example-com-tls' \
--set expose.ingress.hosts.core="harbor.example.com" \
--set expose.ingress.hosts.notary="notary.example.com" \
--set expose.ingress.className=nginx \
--set-string expose.ingress.annotations."kubernetes\.io/tls-acme"=true \
--set-string expose.ingress.annotations."ingress\.kubernetes\.io/ssl-redirect"=true \
--set-string expose.ingress.annotations."ingress\.kubernetes\.io/proxy-body-size"=1024m \
--set-string expose.ingress.annotations."nginx\.ingress\.kubernetes\.io/ssl-redirect"=true \
--set-string expose.ingress.annotations."nginx\.ingress\.kubernetes\.io/proxy-body-size"=1024m \
--set-string expose.ingress.annotations."nginx\.org/client-max-body-size"=1024m \
--set-string expose.ingress.annotations."cert-manager\.io/cluster-issuer"='letsencrypt-prod' \
--set externalURL="https://harbor.example.com" \
--set harborAdminPassword='Password' \
--set persistence.enabled=true \
--set persistence.resourcePolicy=keep \
--set persistence.persistentVolumeClaim.registry.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.registry.size=100Gi \
--set persistence.persistentVolumeClaim.registry.accessMode=ReadWriteMany \
--set persistence.persistentVolumeClaim.jobservice.jobLog.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.jobservice.jobLog.size=10Gi \
--set persistence.persistentVolumeClaim.jobservice.jobLog.accessMode=ReadWriteMany \
--set persistence.persistentVolumeClaim.database.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.database.size=10Gi \
--set persistence.persistentVolumeClaim.database.accessMode=ReadWriteOnce \
--set persistence.persistentVolumeClaim.redis.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.redis.size=10Gi \
--set persistence.persistentVolumeClaim.redis.accessMode=ReadWriteOnce \
--set persistence.persistentVolumeClaim.trivy.storageClass=rook-cephfs \
--set persistence.persistentVolumeClaim.trivy.size=10Gi \
--set persistence.persistentVolumeClaim.trivy.accessMode=ReadWriteOnce \
--set database.internal.password='TestPassword' \
--set metrics.enabled=true \
harbor ./harbor
helm list --namespace harbor
# helm uninstall harbor --namespace harbor
|