Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency.
Detailed document please refer to here.
The requirements of the host to install Harbor are as follows:
- A Linux host
- Docker: 18+
- Docker-Compose: 1.18+
The binary of the offline installer can be downloaded from the release page of Harbor. Use tar command to extract the package.
$ tar xvf harbor-offline-installer-v1.9.3.tgzConfiguration parameters are located in the file harbor.yml. Change hostname the local IP address of your Harbor host, such as 192.168.10.1:
hostname: 192.168.10.1Run the below command to install Harbor. After installation, Harbor registry service should be up and running:
$ sudo ./install.shThe default installation of Harbor uses HTTP - as such, perhaps you need to add the option --insecure-registry to your client's Docker daemon and restart the Docker service.
$ sudo vi /etc/docker/daemon.json
{
"insecure-registries" : [ "192.168.10.1" ]
}Restart docker daemon:
$ sudo service docker restartAfter Harbor has been installed, FATE docker images must be pushed to Harbor registry so that other nodes can pull FATE images from Harbor. There are basically two ways to obtain the FATE images:
-
Build images from FATE source code and push to Harbor
-
Replicate FATE images from Docker Hub to Harbor
Refer to Build Document to create FATE images. Once images are built, push them to Harbor.
Usually, a user does not need to take the long time to build images from source. It is recommended to use te pre-built docker images of FATE directly. Refer to te below section to for more details.
Log into Harbor's management portal using the URL http://<your_harbor_host_ip. The default username and password is admin / Harbor12345.
Go to Projects tab and click the + New Project button.
- Create a new project and name the project
federatedai. Check on the "Access Level" checkbox to make this a public project.
Go to Registries tab and click the + New Endpoint button to add Docker Hub for the replication of FATE images.
- Choose
docker-hubasprovider.
Go to Replications and click the + New Replication Rule to create a rule to replicate container images from Docker Hub.
Choose pull-based Replication mode and docker hub endpoint as source registry.
In the Source resource filters, under Name, enter federatedai/* . Click Save to create the rule.
Next, select the newly created replication rule and click REPLICATE, the FATE images from Docker Hub will be replicated to Harbor immediately. Depending on the network bandwidth, the images will appear under project federatedai after the images have been replicated. Now FATE images are ready for local environment to pull from.
For KubeFATE and FATE, there could be other public images need to be replicated, we can also add new replication rules to do that.
For example, when MySQL version is 8, we can configure as below.
IMPORTANT: We need to specify the Destination namespace as federatedai.
NOTE: The replication rule continues to take effect until it is disabled or cancelled. If FATE images are available for a new release, they will be replicated to Harbor automatically.