logo

Use Traefik with Harbor

For this post, I’ll be documenting how to run Harbor behind Traefik in a kubernetes installation. Although the Harbor helm chart can be installed with nginx ingress controller – I already have an ingress controller running in my cluster and I prefer to use it instead. (Also, traefik is way easier to configure :P).

Now, to install, configure the following in the values.yaml in the harbor helm chart:

values.yaml

  type: clusterIP
  commonName: "harbor.pr.ldc.int"

Make sure to edit the commonName to reflect the FQDN you’ll be specifying in your ingressrouter.

For the traefik, I’m using the ingress-router CRD for my cluster which takes care of dynamically creating the routes. For more info, read here: https://docs.traefik.io/routing/providers/kubernetes-crd/

The following is my ingressroute definition:

apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
  name: harbor-route
  namespace: harbor
spec:
  entryPoints:                 
    - web-secure
  routes:                      
  - match: HostSNI(`harbor.pr.ldc.int`)
    services:                  
    - name: harbor             
      port: 443
  - match: HostSNI(`notary.pr.ldc.int`)
    services:                  
    - name: harbor             
      port: 4443         
  tls:                          
    passthrough: true

The TLS is passthrough since I want harbor to handle it instead of traefik.

Enjoy!

Leave a Reply

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.