Doc/update doc 1.2

MAINTAINERS

@@ -19,7 +19,11 @@ Weiwei He , heww, VMware
 Ziming Zhang , bitsf , VMware
 Canfeng Wang , wangcanfengxs , Netease
 Huijun Zhu , Ghostbaby , Yunmanman
-Xiaoyang Zhu , soulseen , QingCloud
-Chengyu Zhang , chlins , AlaudaCloud
+Xiaoyang Zhu , soulseen , Shoppee
+Chengyu Zhang , chlins , VMware
 Xavier Duthil , XavierDuthil , OVHcloud
+Yinan Li , cndoit18 , Qihu360
+Lubron Zhan , lubronzhan , VMware
+Xiongxiong Yuan, yxxhero, Qunar
+
 

README.md

@@ -24,30 +24,26 @@ Harbor deployment stack is controlled by a custom Harbor resource `HarborCluster
   * [X] filesystem: A storage driver configured to use a directory tree in the a kubernetes volume.
   * [X] [s3](https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html): A driver storing objects in an Amazon Simple Storage Service (S3) bucket.
   * [X] [swift](https://wiki.openstack.org/wiki/Swift): A driver storing objects in Openstack Swift.
+  * [X] [azure](https://azure.microsoft.com/services/storage/): A driver storing objects in Microsoft Azure Blob Storage.
+  * [X] [gcs](https://cloud.google.com/storage): A driver storing objects in a Google Cloud Storage bucket.
 * Supports updating the deployed Harbor cluster
   * Adjust replicas of components
-  * Add the optional Harbor components
-* Support upgrading the managed Harbor registry version
+  * Add/remove the optional Harbor components
+* Supports upgrading the managed Harbor registry version
 * Deletes all the linked resources when deleting the Harbor cluster
-* Configures Harbor system settings with CRD-based configuration or labeled ConfigMap
-* Support services exposed with [ingress](https://kubernetes.io/fr/docs/concepts/services-networking/ingress/) ([`default`](https://git.k8s.io/ingress-nginx/README.md#readme), [`gce`](https://git.k8s.io/ingress-gce/README.md#readme), `ncp` and `contour`)
-* Support services exposed with LoadBalancer
+* Support services exposed with [ingress](https://kubernetes.io/fr/docs/concepts/services-networking/ingress/): [nginx(default)](https://git.k8s.io/ingress-nginx/README.md#readme), [gce](https://git.k8s.io/ingress-gce/README.md#readme), [contour](https://github.com/projectcontour/contour) and `ncp`
+* Support Day2 operations
+  * Configures Harbor system settings with configuration CRD (`recommend`) or labeled ConfigMap (`deprecated`)
+  * Image pulling secret auto-injection
+    * Auto mapping Kubernetes namespaces to the Harbor project
+  * Image pulling path auto-rewriting
+    * Transparent proxy cache settings
 
 ## Future features
 
 * [Auto-scaling](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) for each component.
 * Backup/restore data (registry layer, chartmuseum data, databases content).
-* More backend storage configurations supported
-  * [ ] [azure](https://azure.microsoft.com/services/storage/): A driver storing objects in Microsoft Azure Blob Storage.
-  * [ ] [oss](https://www.alibabacloud.com/product/oss): A driver storing objects in Aliyun OSS.
-  * [ ] [gcs](https://cloud.google.com/storage): A driver storing objects in a Google Cloud Storage bucket.
-* Supports updating the deployed Harbor cluster
-  * Remove the optional Harbor components
-* More day2 operations (see [PoC project](https://github.com/goharbor/harbor-operator))
-  * Auto mapping Kubernetes namespaces and Harbor project
-  * Pull secrets injections
-  * Container image path rewriting
-  * Transparent proxy cache settings
+* Support services exposed with LoadBalancer
 
 ## Release plans
 
@@ -64,27 +60,29 @@ Versions of the underlying components are listed below:
 
 |  Components   |       Harbor      | MinIO operator | PostgreSQL operator | Redis operator |
 |---------------|-------------------|----------------|---------------------|----------------|
-|  Versions     | 2.3.x `[1]`       | 4.0.6+         | 1.5.0+              | 1.0.0          |
+|  Versions     | 2.4.x `[1]`       | 4.3.2          | 1.6.3               | 1.0.1 `[2]`    |
 
 NOTES:
 
 [1] `.x` means all the patch releases of Harbor can be naturally supported in one operator version.
 
+[2] Use a [forked version](https://github.com/szlabs/redis-operator) of [spotahome/redis-operator](https://github.com/spotahome/redis-operator).
+
 ## Compatibility
 
 ### Applicative Kubernetes versions
 
 Harbor operator supports two extra Kubernetes versions besides the current latest version (`n-2` pattern):
 
-|    Versions   |        1.19        |        1.20        |         1.21        |
+|    Versions   |        1.20        |        1.21        |         1.22        |
 |---------------|--------------------|--------------------|---------------------|
 | Compatibility | :heavy_check_mark: | :heavy_check_mark: |  :heavy_check_mark: |
 
 ### Cert manager versions
 
 Harbor operator relies on cert manager to manage kinds of certificates used by Harbor cluster components. Table shown below lists the compatibilities of cert manager versions:
 
-|    Versions   |         1.2        |           1.3        |           1.4        |
+|    Versions   |         1.4[.4]    |           1.5[.3]    |           1.6[.1]    |
 |---------------|--------------------|----------------------|----------------------|
 | Compatibility | :heavy_check_mark: |  :heavy_check_mark:  |  :heavy_check_mark:  |
 
@@ -113,7 +111,7 @@ Harbor operator exposes the frontend service with ingress (CRD version: `v1beta1
 * [Manifests references](./docs/manifests-reference.md)
 * [Customize storage, database and cache services](./docs/installation/customize-storage-db-redis.md)
 * [Customize images](./docs/customize-images.md)
-* [Day2 configurations](./docs/configurations/day2-config.md)
+* [Day2 operations](docs/day2/day2-operations.md)
 * [Upgrade Harbor cluster](./docs/LCM/upgrade-cluster.md)
 * [Delete Harbor cluster](./docs/LCM/cluster-deletion.md)
 * [Backup data](./docs/LCM/backup-data.md)
@@ -127,7 +125,7 @@ Harbor operator exposes the frontend service with ingress (CRD version: `v1beta1
 
 Harbor operator project is developed and maintained by the [Harbor operator workgroup](https://github.com/goharbor/community/blob/master/workgroups/wg-operator/README.md). If you're willing to join the group and do contributions to operator project, welcome to [contact us](#community). Follow the [Development guide](https://github.com/goharbor/harbor-operator/blob/master/docs/development.md) to start on the project.
 
-Special thanks to the [contributors](./MAINTAINERS) who did significant contributions.
+Special thanks to the [contributors](./MAINTAINERS) who did significant contributions ([see feature area](./docs/feature-areas.md)).
 
 ## Community
 
@@ -139,16 +137,16 @@ Special thanks to the [contributors](./MAINTAINERS) who did significant contribu
 ## Additional references
 
 * [cert-manager](https://cert-manager.io/docs/)
-* [Underlying zalando postgreSQL operator](https://github.com/zalando/postgres-operator)
-* [Underlying spotahome redis operator](https://github.com/spotahome/redis-operator)
+* [Underlying postgreSQL operator](https://github.com/zalando/postgres-operator)
+* [Underlying redis operator](https://github.com/szlabs/redis-operator)
 * [Underlying minio operator](https://github.com/minio/minio-operator)
 * [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
 * [Custom Resource Definition](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/)
 * [Kubebuilder](https://book.kubebuilder.io/)
 
 ## Related links
 
-* Contribute: <https://github.com/goharbor/harbor-operator/blob/master/CONTRIBUTING.md>
+* Contribute: <https://github.com/goharbor/harbor-operator/blob/master/CONTRIBUTING>
 * Report bugs: <https://github.com/goharbor/harbor-operator/issues>
 * Get latest version: <https://hub.docker.com/r/goharbor/harbor-operator>
 

docs/CRD/custom-resource-definition.md

@@ -40,11 +40,14 @@ spec:
       ingress:
         # Host of the exposed service
         host: <registry.goharbor.io> # Required
-        # Ingress controller type, support ["gce","ncp","default"]
+        # Ingress controller type, support ["gce","ncp","contour","default"]
+        # "default" means nginx
         controller: default # Optional, default value = "default"
         # Annotations applied to the ingress
         annotations: # Optional
           key: value
+        # Set the ingress class name. If it is not set, the system default one will be picked up.
+        ingressClassName: ingressClass # Optional
     # Expose notary service when it is configured
     notary: # Optional
       ## Totally same with above [expose.core] part, skipped here.
@@ -105,7 +108,7 @@ spec:
 spec:
   # ... Skipped fields
 
-  updateStrategyType: "myEncryption" # Optional, default="RollingUpdate"
+  updateStrategyType: "RollingUpdate" # Optional, default="RollingUpdate"
 
   # ... Skipped fields
 ```
@@ -116,7 +119,7 @@ spec:
 spec:
   # ... Skipped fields
 
-  # Example: 2.2.1
+  # Example: 2.4.0
   version: <Harbor version> # Optional
 
   # ... Skipped fields
@@ -173,6 +176,79 @@ spec:
   # ... Skipped fields
 ```
 
+### Network stack settings
+
+Network settings for the deploying Harbor.
+
+```yaml
+spec:
+  # ... Skipped fields
+
+  # Network settings
+  network: # Optional
+    # Set what IP families are used for the deploying Harbor
+    ipFamilies:
+      - IPv4
+      - IPv6
+
+  # ... Skipped fields
+```
+
+### Trace settings
+
+Tracing settings for the deploying Harbor.
+
+```yaml
+spec:
+  # ... Skipped fields
+
+  # Tracing settings
+  trace: # Optional
+    # Enable tracing or not
+    enabled: false # Optional, default is false
+    # Used to differentiate different harbor services.
+    namespace: core # Optional
+    # Set `sampleRate` to 1 if you wanna sampling 100% of trace data; set 0.5 if you wanna sampling 50% of trace data, and so forth.
+    sampleRate: 1 # Optional, default is 1
+    # A key value dict contains user defined attributes used to initialize trace provider.
+    attributes: # Optional
+      key: value
+    # The tracing provider: 'jaeger' or 'otel'
+    provider: jaeger # Required
+    # Spec for jaeger provider if provider is set to jaeger
+    jaeger: # Optional
+      # Serve mode. `collector` or `agent`
+      mode: collector # Required
+      # Configuration for collector mode
+      collector: # Optional
+        # The endpoint of the jaeger collector
+        endpoint: jaeger.io # Required
+        # The username of the jaeger collector
+        username: foo
+        # The password secret reference name of the jaeger collector
+        passwordRef: foobar
+      # Configuration for agent mode
+      agent: # Optional
+        # The host of the jaeger agent
+        host: jaeger.io # Required
+        # The port of the jaeger agent
+        port: 8000
+    # Spec for otel provider if provider is set to otel.
+    otel: # Optional
+      # The endpoint of otel
+      endpoint: otel.io # Required
+      # The URL path of otel
+      urlPath: /otel # Required
+      # Whether enable compression or not for otel
+      compression: false # Optional
+      # Whether establish insecure connection or not for otel
+      insecure: true # Optional
+      # The timeout of otel
+      timeout: 10s # Optional, default is 10s
+
+  # ... Skipped fields
+```
+
 ### Harbor component related fields
 
 Each Harbor component has its own spec to accept configurations and shares the common spec shown below.
@@ -233,6 +309,7 @@ spec:
   registryctl: {}
   chartmuseum: {}
   trivy: {}
+  exporter: {}
   notary:
     server: {}
     signer: {}
@@ -257,6 +334,11 @@ spec:
       - cert2
     # Token issuer
     tokenIssuer: myIssuer # Required
+    # Metrics settings
+    metrics: # optional
+      enabled: false # optional, default is false
+      port: 8001 # optional, default is 8001
+      path: /metrics # optional, default is /metrics
 
   # ... Skipped fields
 ```
@@ -278,6 +360,10 @@ spec:
       - cert2
     # The number of workers
     workerCount: 10 # Optional, default = 10 , minimal = 1
+    # Metrics settings
+    metrics: # optional
+      # Similar to the section shown in the `core` component
+      # Skip here
 
   # ... Skipped fields
 ```
@@ -299,6 +385,9 @@ spec:
     storageMiddlewares: # Optional
       - name: m1 # Required
         optionsRef: op1 # Optional
+    metrics: # optional
+    # Similar to the section shown in the `core` component
+    # Skip here
 
   # ... Skipped fields
 ```
@@ -382,7 +471,7 @@ spec:
 
 ### Storage related fields
 
-So far, there are four options for storage configurations: `filesystem` ([Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)), [`S3`](https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html) , [`Swift`](https://docs.openstack.org/swift/latest/), MinIO.
+So far, there are 6 options for storage configurations: `FileSystem` ([Persistent Volume](https://kubernetes.io/docs/concepts/storage/persistent-volumes/)), [S3](https://docs.aws.amazon.com/AmazonS3/latest/API/Welcome.html) , [Swift](https://docs.openstack.org/swift/latest/), [Azure](https://azure.microsoft.com/services/storage/), [Gcs](https://cloud.google.com/storage) and MinIO.
 
 #### FileSystem
 
@@ -610,28 +699,29 @@ spec:
 
   # Configure existing pre-deployed or cloud database service.
   database:
-    spec: "PostgreSQL"
-    postgresql:
-      # PostgreSQL user name to connect as.
-      # Defaults to be the same as the operating system name of the user running the application.
-      username: postsql # Required
-      # Secret containing the password to be used if the server demands password authentication.
-      passwordRef: psqlSecret # Optional
-      # PostgreSQL hosts.
-      # At least 1.
-      hosts:
-        # Name of host to connect to.
-        # If a host name begins with a slash, it specifies Unix-domain communication rather than
-        # TCP/IP communication; the value is the name of the directory in which the socket file is stored.
-        - host: psql # Required
-        # Port number to connect to at the server host,
-        # or socket file name extension for Unix-domain connections.
-        # Zero, specifies the default port number established when PostgreSQL was built.
-          port: 5432 # Optional
-      # PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security.
-      # Supports values ["disable","allow","prefer","require","verify-ca","verify-full"].
-      sslMode: prefer # Optional, default=prefer
-      prefix: prefix # Optional
+    kind: PostgreSQL
+    spec:
+      postgresql:
+        # PostgreSQL user name to connect as.
+        # Defaults to be the same as the operating system name of the user running the application.
+        username: postsql # Required
+        # Secret containing the password to be used if the server demands password authentication.
+        passwordRef: psqlSecret # Optional
+        # PostgreSQL hosts.
+        # At least 1.
+        hosts:
+          # Name of host to connect to.
+          # If a host name begins with a slash, it specifies Unix-domain communication rather than
+          # TCP/IP communication; the value is the name of the directory in which the socket file is stored.
+          - host: psql # Required
+          # Port number to connect to at the server host,
+          # or socket file name extension for Unix-domain connections.
+          # Zero, specifies the default port number established when PostgreSQL was built.
+            port: 5432 # Optional
+        # PostgreSQL has native support for using SSL connections to encrypt client/server communications for increased security.
+        # Supports values ["disable","allow","prefer","require","verify-ca","verify-full"].
+        sslMode: prefer # Optional, default=prefer
+        prefix: prefix # Optional
 
   # ... Skipped fields
 ```
@@ -646,7 +736,7 @@ spec:
 
   # database configurations.
   database:
-    # Set the kind of which database service to be used, Only support 'PostgresSQL' now.
+    # Set the kind of which database service to be used.
     kind: "Zlando/PostgreSQL" # Required
     # storage spec
     spec: # Required

docs/LCM/upgrade-cluster.md

@@ -1,25 +1,25 @@
 # How to upgrade your Harbor cluster
 
-A specified version of Harbor operator supports a corresponding Harbor minor version as well as its subsequent patch releases. e.g: harbor operator v1.0.1 supports 2.2.x harbor versions such as 2.2.0, 2.2.1 and 2.2.2 etc. For upgrading your Harbor cluster, there might be two different cases.
+A specified version of Harbor operator supports a corresponding Harbor minor version as well as its subsequent patch releases. e.g: harbor operator v1.2.0 supports 2.4.x harbor versions such as 2.4.0, 2.4.1 and 2.4.2 etc. For upgrading your Harbor cluster, there might be two different cases.
 
 ## Upgrade to patch releases
 
 The guideline shown below describes how to upgrade your Harbor cluster from lower patch version to higher patch version without operator upgrading (because there is no need as a Harbor operator version supports all patch releases).
 
-Assume that the harbor operator v1.0.1 which serves harbor v2.2.x is installed in the Kubernetes cluster, and there is a harbor cluster v2.2.2 deployed in the Kubernetes cluster.
+Assume that the harbor operator v1.2.0 which serves harbor v2.4.x is installed in the Kubernetes cluster, and there is a harbor cluster v2.4.0 deployed in the Kubernetes cluster.
 
-If you want to upgrade the harbor cluster from v2.2.2 to v2.2.3, just edit the manifest of the harbor cluster by `kubectl` and set the `version` field from `2.2.2` to `2.2.3` and the harbor operator will upgrade the harbor cluster instance to harbor v2.2.3.
+If you want to upgrade the harbor cluster from v2.4.0 to v2.4.1, just edit the manifest of the harbor cluster by `kubectl` and set the `version` field from `2.4.0` to `2.4.1` and the harbor operator will upgrade the harbor cluster instance to harbor v2.4.1.
 
 ## Upgrade to minor+ releases
 
 For upgrading Harbor cluster across different minor versions, an operator upgrading should be involved first (because one Harbor operator version only serves one minor version serials). Steps shown below describes how to do such upgrading.
 
 1. Upgrade the harbor operator to the newer version that supports the Harbor version you're planning to upgrade your existing Harbor cluster to by `helm` or `kustomize`, the method depends on the original way to install the harbor operator. [Installation](../installation/installation.md) is a reference resources to upgrade the harbor operator to new release.
 
-1. Edit the manifest of the harbor cluster by `kubectl` and set the `version` field to the newer Harbor version (e.g:`2.3.0`) in the spec.
+1. Edit the manifest of the harbor cluster by `kubectl` and set the `version` field to the newer Harbor version (e.g:`2.4.0`) in the spec.
 
    ```bash
    kubectl -n harbor-cluster-ns edit harborclusters cluster-name
    ```
 
-1. The harbor operator will get an update event of the harbor cluster resource and reconcile to upgrade the harbor cluster to v2.3.0.
+1. The harbor operator will get an update event of the harbor cluster resource and reconcile to upgrade the harbor cluster to v2.4.0.

docs/arch/day2-op.md

@@ -60,7 +60,7 @@ should be appended to the namespace.
 
 ### Configuration
 
-Set the Harbor system settings via a configuration CRD. At this time, it is not supported anywhere, but a configMap based configuration has been supported in the released Harbor operator. For how to use it, check [day2 config](../configurations/day2-config.md).
+Set the Harbor system settings via a configuration CRD. At this time, it is not supported anywhere, but a configMap based configuration has been supported in the released Harbor operator. For how to use it, check [day2 config](../day2/day2-operations.md).
 
 ## References