harbor is a free and open-source cloud native registry. Harbor provides container image registry with security scanning, signing, and replication, serving as an enterprise alternative to Docker Hub
1. Prerequisites
2. Supported Operating Systems
This guide supports installation on:
3. Installation
RHEL/CentOS/Rocky Linux/AlmaLinux
bash
# Install EPEL repository if needed
sudo dnf install -y epel-release
# Install harbor
sudo dnf install -y harbor
# Enable and start service
sudo systemctl enable --now harbor
# Configure firewall
sudo firewall-cmd --permanent --add-port=80/443/tcp
sudo firewall-cmd --reload
# Verify installation
harbor --versionDebian/Ubuntu
bash
# Update package index
sudo apt update
# Install harbor
sudo apt install -y harbor
# Enable and start service
sudo systemctl enable --now harbor
# Configure firewall
sudo ufw allow 80/443
# Verify installation
harbor --versionArch Linux
bash
# Install harbor
sudo pacman -S harbor
# Enable and start service
sudo systemctl enable --now harbor
# Verify installation
harbor --versionAlpine Linux
bash
# Install harbor
apk add --no-cache harbor
# Enable and start service
rc-update add harbor default
rc-service harbor start
# Verify installation
harbor --versionopenSUSE/SLES
bash
# Install harbor
sudo zypper install -y harbor
# Enable and start service
sudo systemctl enable --now harbor
# Configure firewall
sudo firewall-cmd --permanent --add-port=80/443/tcp
sudo firewall-cmd --reload
# Verify installation
harbor --versionmacOS
bash
# Using Homebrew
brew install harbor
# Start service
brew services start harbor
# Verify installation
harbor --versionFreeBSD
bash
# Using pkg
pkg install harbor
# Enable in rc.conf
echo 'harbor_enable="YES"' >> /etc/rc.conf
# Start service
service harbor start
# Verify installation
harbor --versionWindows
bash
# Using Chocolatey
choco install harbor
# Or using Scoop
scoop install harbor
# Verify installation
harbor --versionInitial Configuration
Basic Configuration
bash
# Create configuration directory
sudo mkdir -p /etc/harbor
# Set up basic configuration
# See official documentation for detailed configuration options
# Test configuration
harbor --version5. Service Management
systemd (RHEL, Debian, Ubuntu, Arch, openSUSE)
bash
# Enable service
sudo systemctl enable harbor
# Start service
sudo systemctl start harbor
# Stop service
sudo systemctl stop harbor
# Restart service
sudo systemctl restart harbor
# Check status
sudo systemctl status harbor
# View logs
sudo journalctl -u harbor -fOpenRC (Alpine Linux)
bash
# Enable service
rc-update add harbor default
# Start service
rc-service harbor start
# Stop service
rc-service harbor stop
# Restart service
rc-service harbor restart
# Check status
rc-service harbor statusrc.d (FreeBSD)
bash
# Enable in /etc/rc.conf
echo 'harbor_enable="YES"' >> /etc/rc.conf
# Start service
service harbor start
# Stop service
service harbor stop
# Restart service
service harbor restart
# Check status
service harbor statuslaunchd (macOS)
bash
# Using Homebrew services
brew services start harbor
brew services stop harbor
brew services restart harbor
# Check status
brew services list | grep harborWindows Service Manager
powershell
# Start service
net start harbor
# Stop service
net stop harbor
# Using PowerShell
Start-Service harbor
Stop-Service harbor
Restart-Service harbor
# Check status
Get-Service harborAdvanced Configuration
See the official documentation for advanced configuration options.
Reverse Proxy Setup
nginx Configuration
nginx
upstream harbor_backend {
server 127.0.0.1:80/443;
}
server {
listen 80;
server_name harbor.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name harbor.example.com;
ssl_certificate /etc/ssl/certs/harbor.example.com.crt;
ssl_certificate_key /etc/ssl/private/harbor.example.com.key;
location / {
proxy_pass http://harbor_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}Apache Configuration
apache
<VirtualHost *:80>
ServerName harbor.example.com
Redirect permanent / https://harbor.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName harbor.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/harbor.example.com.crt
SSLCertificateKeyFile /etc/ssl/private/harbor.example.com.key
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:80/443/
ProxyPassReverse / http://127.0.0.1:80/443/
</VirtualHost>HAProxy Configuration
haproxy
frontend harbor_frontend
bind *:80
bind *:443 ssl crt /etc/ssl/certs/harbor.pem
redirect scheme https if !{ ssl_fc }
default_backend harbor_backend
backend harbor_backend
balance roundrobin
server harbor1 127.0.0.1:80/443 checkSecurity Configuration
Basic Security Setup
bash
# Set appropriate permissions
sudo chown -R harbor:harbor /etc/harbor
sudo chmod 750 /etc/harbor
# Configure firewall
sudo firewall-cmd --permanent --add-port=80/443/tcp
sudo firewall-cmd --reload
# Enable SELinux policies (if applicable)
sudo setsebool -P httpd_can_network_connect onDatabase Setup
See official documentation for database configuration requirements.
Performance Optimization
System Tuning
bash
# Basic system tuning
echo 'net.core.somaxconn = 65535' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv4.tcp_max_syn_backlog = 65535' | sudo tee -a /etc/sysctl.conf
sudo sysctl -pMonitoring
Basic Monitoring
bash
# Check service status
sudo systemctl status harbor
# View logs
sudo journalctl -u harbor -f
# Monitor resource usage
top -p $(pgrep harbor)9. Backup and Restore
Backup Script
bash
#!/bin/bash
# Basic backup script
BACKUP_DIR="/backup/harbor"
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p "$BACKUP_DIR"
tar -czf "$BACKUP_DIR/harbor-backup-$DATE.tar.gz" /etc/harbor /var/lib/harbor
echo "Backup completed: $BACKUP_DIR/harbor-backup-$DATE.tar.gz"Restore Procedure
bash
# Stop service
sudo systemctl stop harbor
# Restore from backup
tar -xzf /backup/harbor/harbor-backup-*.tar.gz -C /
# Start service
sudo systemctl start harbor6. Troubleshooting
Common Issues
1. Service won't start:
bash
# Check logs
sudo journalctl -u harbor -n 100
sudo tail -f /var/log/harbor/harbor.log
# Check configuration
harbor --version
# Check permissions
ls -la /etc/harbor2. Connection issues:
bash
# Check if service is listening
sudo ss -tlnp | grep 80/443
# Test connectivity
telnet localhost 80/443
# Check firewall
sudo firewall-cmd --list-all3. Performance issues:
bash
# Check resource usage
top -p $(pgrep harbor)
# Check disk I/O
iotop -p $(pgrep harbor)
# Check connections
ss -an | grep 80/443Integration Examples
Docker Compose Example
yaml
version: '3.8'
services:
harbor:
image: harbor:latest
ports:
- "80/443:80/443"
volumes:
- ./config:/etc/harbor
- ./data:/var/lib/harbor
restart: unless-stoppedMaintenance
Update Procedures
bash
# RHEL/CentOS/Rocky/AlmaLinux
sudo dnf update harbor
# Debian/Ubuntu
sudo apt update && sudo apt upgrade harbor
# Arch Linux
sudo pacman -Syu harbor
# Alpine Linux
apk update && apk upgrade harbor
# openSUSE
sudo zypper update harbor
# FreeBSD
pkg update && pkg upgrade harbor
# Always backup before updates
tar -czf /backup/harbor-pre-update-$(date +%Y%m%d).tar.gz /etc/harbor
# Restart after updates
sudo systemctl restart harborRegular Maintenance
bash
# Log rotation
sudo logrotate -f /etc/logrotate.d/harbor
# Clean old logs
find /var/log/harbor -name "*.log" -mtime +30 -delete
# Check disk usage
du -sh /var/lib/harborAdditional Resources
---
Note: This guide is part of the HowToMgr collection. Always refer to official documentation for the most up-to-date information.