upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor synced 2024-09-20 12:15:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

update documents

Browse Source
This commit is contained in:
Henry Zhang 2016-03-31 11:27:22 +08:00
parent 3ebb2dea0f
commit 07a9003ded
3 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
AUTHORS
View File

@ -1,10 +1,14 @@
# This file lists all individuals having contributed content to the repository.
Amanda Zhang <amzhang@vmware.com>
Bobby Zhang <junzhang@vmware.com>
Daniel Jiang <jiangd@vmware.com>
Haining Henry Zhang <henryzhang@vmware.com>
Hao Xia <haox@vmware.com>
Jack Liu <ljack@vmware.com>
Kun Wang <kunw@vmware.com>
Shan Zhu <zhus@vmware.com>
Victoria Zheng <vzheng@vmware.com>
Wenkai Yin <yinw@vmware.com>
Yan Wang <wangyan@vmware.com>

4
README.md
View File

@ -63,7 +63,7 @@ We welcome contributions from the community. If you wish to contribute code, we
Harbor is available under the [Apache 2 license](LICENSE).
### Partners
<a href="https://www.shurenyun.com/" border="0" target="_blank"><img alt="DataMan" src="docs/img/dataman.png"></a>
<a href="https://www.shurenyun.com/" border="0" target="_blank"><img alt="DataMan" src="docs/img/dataman.png"></a> <a href="http://www.slamtec.com" target="_blank" border="0"><img alt="SlamTec" src="docs/img/slamteclogo.png"></a>
### Users
<a href="https://www.madailicai.com/" border="0" target="_blank"><img alt="MaDaiLiCai" src="docs/img/UserMaDai.jpg"></a> <a href="http://www.slamtec.com" target="_blank" border="0"><img alt="SlamTec" src="docs/img/slamteclogo.png"></a>
<a href="https://www.madailicai.com/" border="0" target="_blank"><img alt="MaDaiLiCai" src="docs/img/UserMaDai.jpg"></a>

14
docs/configure_https.md
View File

@ -4,7 +4,7 @@ Because Harbor does not ship with any certificates, it uses HTTP by default to s
##Get a certificate
Assuming that your registrys **hostname** is **reg.yourdomain.com**, and that its DNS record points to the host where you are running Harbor, you first should get a certificate from a CA. The certificate usually contains a .crt file and a .key file, for example, **yourdomain.com.crt** and **yourdomain.com.key**.
Assuming that your registrys **hostname** is **reg.yourdomain.com**, and that its DNS record points to the host where you are running Harbor. You first should get a certificate from a CA. The certificate usually contains a .crt file and a .key file, for example, **yourdomain.com.crt** and **yourdomain.com.key**.
In a test or development environment, you may choose to use a self-signed certificate instead of the one from a CA. The below commands generate your own certificate:
@ -20,9 +20,9 @@ In a test or development environment, you may choose to use a self-signed certif
-newkey rsa:4096 -nodes -sha256 -keyout yourdomain.com.key \
-out yourdomain.com.csr
```
3) Generate the certificate of your registry host
3) Generate the certificate of your registry host:
You need to configure openssl first. On Ubuntu, the config file locates at /etc/ssl/openssl.cnf. Refer to openssl document for more information. The default CA directory of openssl is called demoCA. Lets creates necessary directories and files:
You need to configure openssl first. On Ubuntu, the config file locates at /etc/ssl/openssl.cnf. Refer to openssl document for more information. The default CA directory of openssl is called demoCA. Lets create necessary directories and files:
```
mkdir demoCA
cd demoCA
@ -32,7 +32,7 @@ You need to configure openssl first. On Ubuntu, the config file locates at /etc/
```
Then run this command to generate the certificate of your registry host:
```
openssl ca -in yourdomain.com.csr -out yourdomain.com.crt -cert ca.crt -keyfile ca.key outdir .
openssl ca -in yourdomain.com.csr -out yourdomain.com.crt -cert ca.crt -keyfile ca.key -outdir .
```
##Configuration of Nginx
@ -50,7 +50,7 @@ Copy the template **nginx.https.conf** as the new configuration file:
```
cp nginx.https.conf nginx.conf
```
Edit the file nginx.conf and replace two occurrences of **server name** harbordomain.com to your own host name: reg.yourdomain.com .
Edit the file nginx.conf and replace two occurrences of **harbordomain.com** to your own host name, such as reg.yourdomain.com .
```
server {
listen 443 ssl;
@ -106,11 +106,11 @@ After setting up HTTPS for Harbor, you can verify it by the follow steps:
docker login reg.yourdomain.com
```
##Troubleshooting
1.` `You may get an intermediate certificate from a certificate issuer. In this case, you should merge the intermediate certificate with your own certificate to create a certificate bundle. You can achieve this by the below command:
1. You may get an intermediate certificate from a certificate issuer. In this case, you should merge the intermediate certificate with your own certificate to create a certificate bundle. You can achieve this by the below command:
```
cat intermediate-certificate.pem >> yourdomain.com.crt
```
2.` `On some systems where docker daemon runs, you may need to trust the certificate at OS level.
2. On some systems where docker daemon runs, you may need to trust the certificate at OS level.
On Ubuntu, this can be done by below commands:
```
cp youdomain.com.crt /usr/local/share/ca-certificates/reg.yourdomain.com.crt