-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
doc(day2 config): remove day2 realted content out (#852)
Signed-off-by: Steven Zou <szou@vmware.com>
- Loading branch information
1 parent
021bb30
commit ae550eb
Showing
2 changed files
with
86 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
# Day2 configurations | ||
|
||
Initially, we configure harbor by means of configmap, but currently we recommend using `HarborConfiguration` CRD to configure harbor, for the configmap method will be deprecated in version 1.2, those who have used and still use configmap will be automatically converted to `HarborConfiguration` CR by the controller, and automatically remove old configmap. | ||
> The harbor configuration items can be found in [harbor swagger](https://github.com/goharbor/harbor/blob/0867a6bfd6f33149f86a7ae8a740f5e1f976cafa/api/v2.0/swagger.yaml#L7990). | ||
#### ConfigMap (deprecated) | ||
|
||
First you need to prepare a config map to provide your harbor configurations, apply the config map in the same namespace as harborcluster. In particular, you need to add an annotation (`goharbor.io/configuration: <harbor cluster name>`) to your config map to mark which harborcluster it is acting on. | ||
|
||
In addition, in order to protect the password from being displayed directly in the config map, you need to define the password inside the secret, and then specify the name of the secret in the configuration. We currently offer these type of secret configurations fields: `"email_password", "ldap_search_password", "uaa_client_secret", "oidc_client_secret"`. | ||
|
||
**ConfigMap example**: | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: secret-sample | ||
namespace: cluster-sample-ns | ||
type: Opaque | ||
data: | ||
# the key is same with fields name. | ||
email_password: YmFyCg== | ||
``` | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: test-config | ||
# namespace same with harborcluster cr namespace. | ||
namespace: cluster-sample-ns | ||
annotations: | ||
# required. | ||
# if not define the anno, the config map will not work. | ||
# the key is `goharbor.io/configuration`, and the value is your harborcluster cr name. | ||
goharbor.io/configuration: harborcluster-sample | ||
data: | ||
# provide your harbor configuration by yaml format. | ||
config.yaml: | | ||
email_ssl: true | ||
email_password: secret-sample # the value is the name of secret which store the email_password. | ||
``` | ||
|
||
#### CRD-based HarborConfiguration | ||
|
||
**Example of HarborConfiguration**: | ||
|
||
```yaml | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: secret-sample | ||
namespace: cluster-sample-ns | ||
type: Opaque | ||
data: | ||
# the key is same with fields name. | ||
email_password: YmFyCg== | ||
``` | ||
|
||
```yaml | ||
apiVersion: goharbor.io/v1beta1 | ||
kind: HarborConfiguration | ||
metadata: | ||
name: test-config | ||
namespace: cluster-sample-ns | ||
spec: | ||
# your harbor configuration | ||
configuration: | ||
email_password: secret-sample | ||
email_ssl: true | ||
harborClusterRef: harborcluster-sample | ||
``` | ||
|
||
After apply your `HarborConfiguration` CR to kubernetes cluster, the controller of `HarborConfiguration` will apply your configuration to harbor instance, you can see the result of configuration from CR status. | ||
|
||
```yaml | ||
status: | ||
lastApplyTime: "2021-06-04T06:07:53Z" | ||
lastConfiguration: | ||
configuration: | ||
email_password: secret-sample | ||
email_ssl: true | ||
status: Success | ||
``` |