Add Harbor/Artificatory documentation to Helm Air Gap docs #2791
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -101,3 +101,44 @@ After logging into the registry, the customer exports their current version and | |
| With the list of images the provided `bash` script will automate the process of pulling updated images from the repository, tagging them with a name for an internal registry, and then pushing the newly tagged images to their internal registry. | ||
|
|
||
| Unless the customer has set up the `values` to preserve the updated tag (for example, by using the `latest` tag), they need to edit the `values.yaml` to reference the new image tags. After doing so, they can log in to the OCI registry and perform the commands to install the updated chart. | ||
|
|
||
| ## Using a Pull-Through Proxy | ||
|
|
||
| For authenticated users, the [Replicated proxy registry](/vendor/private-images-about) exposes standard catalog and tag listing endpoints that are used during Helm installations in air-gapped environments to generate the list of images required for installation. These endpoints are provided in the Helm air gap installation instructions in the Replicated Download Portal. For example, an `'updates.wp-e.10/my-app/1.2.3/images'` endpoint would return images for version 1.2.3 of an application from the proxy registry. | ||
|
|
||
| Users can optionally connect the Replicated proxy registry with [Harbor](https://goharbor.io) or Artifactory in order to use these endpoints to cache images. Integrating with Harbor also allows users to set up replicated rules for mirroring. | ||
|
|
||
| ### Limitations | ||
|
|
||
| Connecting the Replicated proxy registry with Harbor and Artifactory has the following limitations: | ||
|
|
||
| * Neither the catalog or tags listing endpoints respect pagination requests yet but harbor requests 1000 items at a time. (Documented in "Harbor _catalog use": https://docs.google.com/document/d/1Ece7PaFOV12EVhMWFMHkrVZLDHFQfWUv4rWzi_wRjAM/edit#heading=h.wxiwuxpqb3pw) | ||
|
||
| * Only authenticated users can perform catalog calls or list tags | ||
| * Artifactory does not support Docker registry mirroring or replication. | ||
|
|
||
| ### Integrate With Harbor | ||
|
|
||
| [Harbor](https://goharbor.io) is a popular open-source container registry that supports both pull-through proxy caching and repository mirroring through pull based replication rules. Users can add the Replicated proxy registry to Harbor in order to cache images on demand and set up replication rules to proactively mirror images. It also allows customers use Harbor's caching, security, and other features. | ||
|
|
||
| To connect the Replicated proxy registry with Harbor: | ||
|
|
||
| 1. Log in to Harbor and create a new registry endpoint. You will configure this endpoint to connect to the Replicated proxy registry. | ||
|
|
||
| 1. Enter the following details for the registry endpoint: | ||
|
|
||
| * For the provider field, choose Docker Registry | ||
| * For the URL field, enter `https://proxy.replicated.com` or the custom domain that you configured for the proxy registry. For more information about configuring custom domains in the Vendor Portal, see [Using Custom Domains](/vendor/custom-domains-using). | ||
| * For the access ID, enter the email address associated with the customer in the Vendor Portal. | ||
| * For the access secret, enter the customer's license ID. You can find the license ID in the Vendor Portal by going to **Customers > [Customer Name]**. | ||
|
|
||
| 1. Verify your configuration by testing the connection and then save the endpoint. | ||
|
|
||
| After connecting the Replicated proxy registry with Harbor, users can set up a proxy cache. For more information, see [Configure Proxy Cache](https://goharbor.io/docs/2.11.0/administration/configure-proxy-cache/) | ||
|
|
||
| Users can also optionally set up a **pull based** replication rule in Harbor to mirror images proactively. This periodically (or when manually triggered) pulls images from the Replicated proxy registry to store them in Harbor. For more information, see [Creating a replication rule](https://goharbor.io/docs/2.11.0/administration/configuring-replication/create-replication-rules/)in the Harbor documentation. | ||
|
|
||
| ### Integrate With Artifactory | ||
|
|
||
| Artifactory supports a pull-through caching mode for Docker registries. | ||
|
|
||
| For information about how to configure a pull through cache with Artifactory, see [Remote Repository](https://jfrog.com/help/r/jfrog-artifactory-documentation/configure-a-remote-repository) in the Artifactory documentation. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.