Install and Configure Harbor Registry on CentOS 7

Harbor is a robust, open-source container registry designed for enterprise use. It stores and distributes Docker images and extends the functionality of the standard Docker Distribution by integrating enterprise-level features such as identity management, security, and access control. As a private registry, Harbor enhances both performance and protection by locating the registry closer to your build and execution environments. It also supports the use of multiple registries with image replication and offers features such as user access controls and activity auditing.

System Requirements

• A CentOS 7 server instance with at least 1 GB of RAM.
• A non-root user account with sudo privileges.

Initial Setup

To begin, install the EPEL repository and necessary packages:

sudo yum install epel-release wget -y

Afterwards, update your system packages:

sudo yum update -y

Then, reboot the system to apply all updates:

sudo shutdown -r now

In this guide, the domain harbor.example.com is used. Replace it with your own domain as necessary.

Install Docker and Docker Compose

Since Harbor runs as multiple Docker containers, Docker and Docker Compose must be installed on the target machine.

Install Docker CE

sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce

Install Docker Compose

sudo yum install -y python-pip
pip install docker-compose

Now, start the Docker service:

sudo systemctl start docker

Verify Docker installation:

sudo docker run hello-world

Install Harbor

Download Harbor’s installation files from the release page. You may opt for either the online or offline installer.

Online Installer

wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-online-installer-v1.2.0.tgz

Offline Installer

wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-offline-installer-v1.2.0.tgz

Extract the downloaded package:

tar -xvf harbor-online-installer-1.2.0.tgz

Create an SSL Certificate

By default, Harbor installs over HTTP. To avoid adding the --insecure-registry flag to Docker clients and improve security, use HTTPS. Generate an SSL certificate (replace harbor.example.com with your domain):

mkdir cert && cd cert
openssl req -sha256 -x509 -days 365 -nodes -newkey rsa:4096 -keyout harbor.example.com.key -out harbor.example.com.crt

Configure Harbor

Open the Harbor configuration file with a text editor:

Edit: vim harbor.cfg

Update the following fields:

• hostname = harbor.example.com
• ui_url_protocol = https
• ssl_cert = /root/cert/harbor.example.com.crt
• ssl_cert_key = /root/cert/harbor.example.com.key

Start the Harbor installation script:

./install.sh

Run Harbor as a background process:

docker-compose up -d

Accessing the Harbor Web UI

First, ensure that port 80 is open through the system firewall:

sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --reload

With DNS configured correctly, access Harbor via http://harbor.example.com. Log in with the default credentials:

• Username: admin
• Password: Harbor12345

Conclusion

By following this guide, you’ve successfully deployed Harbor on a CentOS 7 server. With its robust features such as container image replication, secure authentication, and integrated role-based access control, Harbor provides a scalable and secure private registry solution for your containerized infrastructure. Be sure to configure your domain and SSL properly to fully leverage Harbor’s capabilities in production.