Harbor is an open-source container registry platform. It offers a secure and advanced way to store, manage, and share container images, for example, for use on your Kubernetes cluster.
In this guide, we will show you how to host a Harbor container registry in Linux and create a 'secret' to push your own container image to your Harbor registry.
Prefer using Docker? Then check out this guide for hosting a Docker container registry on a Kubernetes cluster. How to containerize an application and push it to your registry is explained in this article.
For the steps in this guide, you will need:
- Docker (engine or desktop), see our Docker installation guides for Linux
- Docker compose, see our Docker Compose installation guide for Linux
- A server with 2 CPU cores and 4GB RAM
- A (sub)domain whose DNS records point to the server(s) on which you are hosting Harbor
Installing Harbor on a Linux VPS
Step 1
First things first: hosting Harbor requires an SSL certificate from Let's Encrypt or a Certificate Authority. We choose Let's Encrypt here, which you install as follows:
Ubuntu / Debian:
sudo apt -y install certbotCentOS / AlmaLinux / Rocky Linux:
sudo dnf -y install certbot
Step 2
Stop any processes using ports 80 and 443, such as Apache/Nginx (quickly check with 'netstat -tulpn | less') and generate a Let's Encrypt certificate for the domain pointing to your VPS:
certbot certonly --standalone -d yourdomain.comFollow the indicated steps. At the end, you will see where your certificate and key files are located. Note these locations.
Step 3
Download the latest version of Harbor from the official website. Click on 'Assets' on this page and download the .tgz offline installer, for example:
wget https://github.com/goharbor/harbor/releases/download/v2.5.5/harbor-offline-installer-v2.5.5.tgz
Step 4
Extract the file (tip: type tar -xvzf harbor and press the tab key):
tar -xvzf harbor-offline-installer-v2.5.5.tgz
Step 5
Navigate to the folder where Harbor is extracted:
cd harbor
Step 6
Make a copy of the harbor.yml.tmpl file without the .tmpl extension and open the file:
cp harbor.yml.tmpl harbor.yml
nano harbor.yml
Step 7
You are free to make adjustments, but for the successful installation of Harbor, you only need to make two adjustments:
- hostname: Change the value to the domain for which you generated an SSL certificate earlier.
- certificate/private key: Change the values to the location of the SSL certificate generated in step 2.
Save the changes and close the file (ctrl + x > y > enter).
Step 8
Now install Harbor by running the installation script:
./install.shThis command installs and configures all the necessary Docker containers and services to run Harbor. This may take a few minutes.
Congratulations! Harbor is now running on your server. To test it, you can log in directly by going to the domain you specified as the hostname in harbor.yml and logging in with the username 'admin' and the password 'Harbor12345' (be sure to change this immediately). Tip: Create a user under 'Users' that you can use to push container images to your registry.
Pushing Containers to Your Harbor Registry
To push a containerized application to your Harbor registry, three steps are needed:
- Connect to your own registry:
docker login example.com- Tag your container image with the Harbor registry URL:
docker tag my-image example.com/my-image- Push your container image to the Harbor registry:
docker push example.com/my-imageHow to deploy your containerized application is explained in our guide 'Deploying Your Containerized Image in a Kubernetes Cluster'.