For this post, I’ll be documenting how to run Harbor behind Traefik in a kubernetes installation. Although the Harbor helm chart can be installed with nginx ingress controller – I already have an ingress controller running in my cluster and I prefer to use it instead. (Also, traefik is way easier to configure :P).
Now, to install, configure the following in the values.yaml in the harbor helm chart:
values.yaml
type: clusterIP commonName: "harbor.pr.ldc.int"
Make sure to edit the commonName to reflect the FQDN you’ll be specifying in your ingressrouter.
For the traefik, I’m using the ingress-router CRD for my cluster which takes care of dynamically creating the routes. For more info, read here: https://docs.traefik.io/routing/providers/kubernetes-crd/
The following is my ingressroute definition:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: harbor-route
namespace: harbor
spec:
entryPoints:
- web-secure
routes:
- match: HostSNI(`harbor.pr.ldc.int`)
services:
- name: harbor
port: 443
- match: HostSNI(`notary.pr.ldc.int`)
services:
- name: harbor
port: 4443
tls:
passthrough: true
The TLS is passthrough since I want harbor to handle it instead of traefik.
Enjoy!
