You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A container registry serves as a centralized system for storing and managing container images. In today’s fast-paced containerized application development landscape, speed, security and control over container workflows using a robust container registry are critical. While both cloud-based container registries, such as Google Container Registry (*GCR*), Azure Container Registry (*ACR*), and Amazon Elastic Container Registry (*ECR*), and third-party services like *DockerHub*, GitHub / GitLab Container Registry, and JFrog Container Registry, offer convenience, organizations often face challenges with latency, external dependencies, and security compliance constraints.
11
+
12
+
13
+
14
+
This blog post describes the process of deploying *Harbor* and setting it up as a local container registry within *HPE Private Cloud AI*. By using *Harbor* as a local registry, organizations gain faster image access, reduced reliance on external networks, enhanced security posture, and a tailored environment that aligns with compliance and governance needs.
15
+
16
+
## HPE Private Cloud AI
11
17
12
18
[HPE Private Cloud AI (PCAI)](https://www.hpe.com/us/en/private-cloud-ai.html) offers a comprehensive, turnkey AI solution designed to address key enterprise challenges, including selecting the right LLM models, hosting and deploying them effectively. Beyond these concerns, it empowers organizations to manage AI adoption and deployment independently, providing access to a curated selection of pre-built NVIDIA NIM LLM models and integrating a suite of AI tools and frameworks for Data Engineering, Analytics, and Data Science.
13
19
With HPE Machine Learning Inference Software (MLIS) prepackaged in PCAI, customers can seamlessly establish and oversee the entire AI service deployment while maintaining full control throughout the process. Through the PCAI Import Framework, customers can incorporate their own applications or third-party tools and frameworks into PCAI, managing them alongside pre-installed applications to meet their specific requirements.
14
20
15
21
This blog post shows you the detailed process how to easily deploy the open-source Harbor to PCAI using its Import Framework. Harbor can be configured to be used as a local container registry in PCAI. With a list of features provided in Harbor such as policies, RBAC, security scanner and image singing,
16
22
17
-
###Prerequisites
23
+
## Prerequisites
18
24
19
25
Before starting, make sure you have the following:
20
26
21
-
* The [Docker Engine](https://docs.docker.com/engine/install/), and *docker* CLI included by default in Docker Engine
27
+
* The [Docker Engine](https://docs.docker.com/engine/install/), version 28.1.1 or later, and *docker* CLI included by default in Docker Engine
22
28
* The *kubectl* CLI tool, together with the kubeconfig file for accessing the K8s cluster in HPE Private Cloud AI
23
29
24
-
###Harbor
30
+
## Harbor
25
31
26
32
Harbor is an open-source container registry for cloud native environments like Kubernetes (K8s). It securely stores and manages container images with policies and role-based access control (RBAC), ensures images are scanned and free from vulnerabilities, and signs images as trusted.
27
33
28
34
The following sections start first showing the process to deploy Harbor into PCAI using its Import Framework. It then describes the process to create a private project and a list of users with different role permissions . pushing the image to this project using the Harbor credentials. Harbor can be used as a local image registry in PCAI that ensures the images in both secure and well-managed.
29
35
30
-
####Harbor Deployment via PCAI Import Framework
36
+
1. Harbor Deployment via PCAI Import Framework
31
37
32
38
The Harbor Helm charts have been available from GitHub repo at https://github.com/GuopingJia/pcai-helm-examples/tree/main/harbor. Based on the latest Helm charts from the official [Harbor site](https://helm.goharbor.io/harbor-1.17.0.tgz), a few required YAML manifest files, together with changes to the values.yaml, have been added to be easily deployed into HPE PCAI.
33
39
@@ -39,7 +45,7 @@ Using the created Helm charts, Harbor can be easily deployed into PCAI via its I
39
45
40
46
41
47
42
-
####Harbor UI Access via its endpoint
48
+
2. Harbor UI access via its endpoint
43
49
44
50
After Harbor is installed through PCAI Import Framework, there is an *Imported* Harbor tile being added under *Tools & Frameworks*. A virtual service endpoint, e.g., *https://harbor.ingress.pcai0104.ld7.hpecolo.net* is configured.
45
51
@@ -73,7 +79,7 @@ In addition to the default admin user, these two newly created users have been a
73
79
74
80
Please refer to [Harbor Managing Users](https://goharbor.io/docs/2.13.0/administration/managing-users/) for the detailed permissions in each role. In order to more focus on image pushing process and application deployment from Harbor, the project will use its default *admin* user. As a best practice in production environment, it’s highly recommended to set up users with different role assignments in Harbor.
75
81
76
-
####Pushing Images to Harbor Registry
82
+
3. Pushing Images to Harbor Registry
77
83
78
84
You can push your images using the following steps:
harbor.ingress.pcai0104.ld7.hpecolo.net/demo/cfe-nginx v0.1.0 1e5f3c5b981a 2 months ago 192MB
180
183
```
181
184
182
-
###Application Deployment using Harbor Registry
185
+
## Application Deployment using Harbor Registry
183
186
184
187
With images being pushed to Harbor registry, let’s try to deploy the application to PCAI using the same Import Framework and demonstrate pulling images from the local Harbor repository.
0 commit comments