From 5ee26f1288dc4bd22749515bba2a88a8688bdbeb Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 14:48:03 +0800 Subject: [PATCH 1/5] docs: change preheat document Harbor Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 74 ++++++++++++++++----------------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 371ecc2..916494d 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -281,6 +281,43 @@ If the status is `FAILURE`, the preheating is failure and an error log is displa Use harbor for preheating image, please refer to the [harbor](https://goharbor.io/docs/2.11.0/administration/p2p-preheat/) documentation for details. +## Configure self-signed certificates for registry + +To support preheating for harbor with self-signed certificates, the Manager configuration needs to be modified. + +Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, +refer to [Manager](../reference/configuration/manager.md). + +> Notice: `yourdomain.crt` is Harbor's ca.crt. + +```shell +job: + # Preheat configuration. + preheat: + # registryTimeout is the timeout for requesting registry to get token and manifest. + registryTimeout: 1m + tls: + # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. + insecureSkipVerify: false + # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. + caCert: /etc/certs/yourdomain.crt +``` + +Skip TLS verification, set `job.preheat.tls.insecureSkipVerify` to true. + +```shell +job: + # Preheat configuration. + preheat: + # registryTimeout is the timeout for requesting registry to get token and manifest. + registryTimeout: 1m + tls: + # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. + insecureSkipVerify: true + # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. + # caCert: '' +``` + ### Create personal access token {#harbor-create-personal-access-token} Click the `ADD PERSONAL ACCESS TOKENS` button to create personal access token. @@ -356,40 +393,3 @@ Click the executions `ID` to view the detailed information of the preheating tas The expected output is as follows. ![log](../resource/advanced-guides/preheat/log.png) - -## Harbor using self-signed certificates - -If you use harbor with a self-signed certificate for preheating, you will need to modify the Manager configuration. - -Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, -refer to [Manager](../reference/configuration/manager.md). - -> Notice: `yourdomain.crt` is Harbor's ca.crt. - -```shell -job: - # Preheat configuration. - preheat: - # registryTimeout is the timeout for requesting registry to get token and manifest. - registryTimeout: 1m - tls: - # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. - insecureSkipVerify: false - # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. - caCert: /etc/certs/yourdomain.crt -``` - -Skip TLS verification, set `job.preheat.tls.insecureSkipVerify` to true. - -```shell -job: - # Preheat configuration. - preheat: - # registryTimeout is the timeout for requesting registry to get token and manifest. - registryTimeout: 1m - tls: - # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. - insecureSkipVerify: true - # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. - # caCert: '' -``` From 6d7090b615113edb2659d86bd1a8290be1857f73 Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 14:50:04 +0800 Subject: [PATCH 2/5] docs: change preheat document Harbor Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 916494d..0b7a0dd 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -281,7 +281,7 @@ If the status is `FAILURE`, the preheating is failure and an error log is displa Use harbor for preheating image, please refer to the [harbor](https://goharbor.io/docs/2.11.0/administration/p2p-preheat/) documentation for details. -## Configure self-signed certificates for registry +### Configure self-signed certificates for registry To support preheating for harbor with self-signed certificates, the Manager configuration needs to be modified. From 34bdbae6c95c7bc4e1876930f507d742cd8b27a3 Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 14:53:13 +0800 Subject: [PATCH 3/5] docs: change preheat document Harbor Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 0b7a0dd..31feac7 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -283,7 +283,8 @@ Use harbor for preheating image, please refer to the ### Configure self-signed certificates for registry -To support preheating for harbor with self-signed certificates, the Manager configuration needs to be modified. +To support preheating for harbor with self-signed certificates, +the Manager configuration needs to be modified. Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, refer to [Manager](../reference/configuration/manager.md). From 913edc5d413fc12fe48b09225c39b6c3f1df368f Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 15:48:22 +0800 Subject: [PATCH 4/5] docs: change preheat document Harbor Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 31feac7..434d880 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -286,6 +286,8 @@ Use harbor for preheating image, please refer to the To support preheating for harbor with self-signed certificates, the Manager configuration needs to be modified. +> Notice: If harbor is not configured with self-signed certificates, please ignore the following. + Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, refer to [Manager](../reference/configuration/manager.md). From 67e09d176407df7e8074642c148748d0c0ee526f Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 15:53:13 +0800 Subject: [PATCH 5/5] docs: change preheat document Harbor Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 434d880..1bd971d 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -283,11 +283,11 @@ Use harbor for preheating image, please refer to the ### Configure self-signed certificates for registry +> Notice: If harbor is not configured self-signed certificates, please ignore the following. + To support preheating for harbor with self-signed certificates, the Manager configuration needs to be modified. -> Notice: If harbor is not configured with self-signed certificates, please ignore the following. - Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, refer to [Manager](../reference/configuration/manager.md).