This topic describes how to set up the VMware Harbor Registry (Harbor) image registry for VMware Tanzu Kubernetes Grid Integrated Edition (TKGI).



Overview

VMware Harbor Registry is an enterprise-class image registry server that stores and distributes container images for VMware Tanzu Kubernetes Grid Integrated Edition.

Harbor allows you to store and manage container images for your TKGI deployment. Deploying an image registry alongside TKGI improves image transfer speed.

As an enterprise private registry, Harbor also offers enhanced performance and improved security. By configuring Harbor with TKGI, you can apply enterprise features to your image registry, such as security, identity, and management.

You can install Harbor alongside TKGI on vSphere, Amazon Web Services (AWS), and Microsoft Azure.

To use the VMware Harbor Registry with Tanzu Kubernetes Grid Integrated Edition:



Install Harbor

To install Harbor, do the following:

  1. Install Tanzu Kubernetes Grid Integrated Edition. For more information, see the Installing Tanzu Kubernetes Grid Integrated Edition topic for your cloud provider.
  2. Install Harbor. For more information, see Installing and Configuring VMware Harbor Registry.



Use Harbor

Before you can push images to Harbor, you must do the following:

  1. Configure authentication and role-based access control (RBAC) for Harbor. For more information, see Create Projects in the Harbor documentation.
  2. Create a Harbor project that contains all repositories for your app. For more information, see Create Projects in the Harbor documentation.

After you configure Harbor, you can do the following:

  • Push or pull Docker images to your Harbor project using the Docker command-line interface (CLI). For more information, see Pulling and Pushing Images in the Docker Client in the Harbor documentation.
  • Manage Helm charts in your Harbor project using either the Harbor portal or the Helm CLI. For more information, see Managing Helm Charts in the Harbor documentation.
  • Install Trivy to activate vulnerability scanning for images stored in Harbor. For more information, see Configure Image Scanner in Installing and Configuring VMware Harbor Registry.

For more information about managing images in Harbor, see the Working with Images, Tags, and Helm Charts in the Harbor documentation.



Manage Harbor

As a Harbor administrator, you can manage the following in the Harbor portal:

  • Authentication: Select either local user authentication or configure LDAP/Active Directory integration. If you select local user authentication, you can activate or deactivate user self-registration.
  • Users and roles: Manage privileges for Harbor users.
  • Email settings: Configure a mail server for user password resets.
  • Project creation: Specify which users can create projects.
  • Registry permissions: Manage permissions for image registry access.
  • Endpoints: Add and remove image registry endpoints.
  • Replication policies: Add and remove rules for replication jobs.

For more information about managing Harbor as an administrator, see Harbor Administration in the Harbor documentation.

check-circle-line exclamation-circle-line close-line
Scroll to top icon