It's been quiet here on the blog, but I finally got around to getting something nifty out the door!

Harbor is an Open Source Project that is sponsored by VMware and is currently being sandboxed by the CNCF. It's a container registry that has all the bells and whistles that include Clair for CVE (critical vulnerability) scanning and Notary for image signing.

I originally began playing with Harbor as a component of the Pivotal Container Service (PKS) package since it was all bundled and has automated deploy capabilities. After exploring what Harbor had to offer, I wanted to use it with my existing Kubernetes clusters that were built with kubeadm outside of PKS. I began by deploying the OVA into my vSphere environment and ran into issues and learned the OVA was being a deprecated form of installation (#5276). I decided to try using the online version of the installer that will pull images from DockerHub. I've been using CentOS a lot more than Ubuntu lately because it maps more to customer environments. So create a new CentOS 7 virtual machine from a template or build one out.

The installation and configuration directions on Harbor's README are a bit like a "choose your own adventure" book. For instance, "Install it like X if you want to use Y feature". The best thing about Harbor is that is has a bunch of features, so I wanted to use them all. In an effort to streamline this process and not figure it out line by line, it made more sense to turn this into a bash installation script!

The script will use the virtual machine's fully qualified domain name to automatically generate the files needed and will be using self-signed certificates for quick and easy usage. For my scenario, the virtual machine host name is harbor01 and the domain is vsphere.local. Once again, this is tailored for Cent OS 7. All commands are performed ON the harbor VM. If you want to push images from a different machine to the harbor instance, take the self-signed CA certificates within the `openssl` folder and place them on your machine in the locations shown for Docker and Notary.