Add install Harbor guide

* Update Kubernetes deployment structure picture * Introducing install Harbor in docker-compose and kubernetes deployment Signed-off-by: Lu Peng <penglu@hydsoft.com>
FederatedAI · Oct 24, 2019 · ea7ac93 · ea7ac93
1 parent 4ea23fa
commit ea7ac93
Show file tree

Hide file tree

Showing 9 changed files with 108 additions and 5 deletions.
diff --git a/docker-deploy/README.md b/docker-deploy/README.md
@@ -13,7 +13,7 @@ $ git clone git@github.com:FederatedAI/KubeFATE.git
 By default, the script pulls the images from [Docker Hub](https://hub.docker.com/search?q=federatedai&type=image) during the deployment.
 
 ### Use Third Party Registry (Optional)
-It is recommended that non-Internet clusters use Harbor as a third-party registry. Change the `THIRDPARTYPREFIX` to [Harbor](https://goharbor.io/) hostname in the `.env` file. `192.168.10.1` is an example of Harbor IP.
+It is recommended that non-Internet clusters use Harbor as a third-party registry. Please refer to [this guide](https://github.com/FederatedAI/KubeFATE/blob/master/registry/install_harbor.md) to install Harbor. Change the `THIRDPARTYPREFIX` to [Harbor](https://goharbor.io/) hostname in the `.env` file. `192.168.10.1` is an example of Harbor IP.
 ```bash
 $ cd KubeFATE/
 $ vi .env

diff --git a/docker-deploy/README_zh.md b/docker-deploy/README_zh.md
@@ -78,9 +78,13 @@ BUILDER_TAG=1.0.2-release
 
 ### 离线部署
 
-当我们的运行机器处于无法连接外部网络的时候，就无法从Docker Hub下载镜像，这时候我们需要打包镜像文件，然后在运行机上导入镜像。一个简单的办法是在部署机上下载镜像，如果无法从Docker Hub下载镜像，可以自己构建镜像，如何构建参考[构建镜像](https://github.com/FederatedAI/FATE/tree/contributor_1.0_docker/docker-build)。如何从Docker Hub下载所需镜像可以参考[准备工作](#准备工作)中部署机下载镜像。
+当我们的运行机器处于无法连接外部网络的时候，就无法从Docker Hub下载镜像，建议使用[Harbor](https://goharbor.io/)作为第三方仓库。安装Harbor请参考: https://github.com/FederatedAI/KubeFATE/blob/master/registry/install_harbor.md。在`.env`文件中，将`THIRDPARTYPREFIX`更改为Harbor的IP。 192.168.10.1是Harbor IP的示例。
+```bash
+$ cd KubeFATE/
+$ vi .env
 
-如果部署机已经拥有了所需的镜像，镜像的导入参考[构建镜像](https://github.com/FederatedAI/FATE/tree/master/docker-build#package-the-docker-images-for-transfer-optional)。
+THIRDPARTYPREFIX=192.168.10.1/federatedai
+```
 
 ### 用docker compose部署FATE
 
@@ -108,6 +112,10 @@ exchangeip=proxy                      #通信组件标识
 ```bash
 $ bash docker-auto-deploy.sh
 ```
+如果使用第三方仓库，请使用这个命令：
+```bash
+$ bash docker-auto-deploy.sh useThirdParty
+```
 
 脚本将会生成10000和9999两个组织（Party）的部署文件，然后打包成两个tar文件。接着把两个文件`10000-confs.tar`和`9999-confs.tar`分别复制到主机`192.168.7.1`和`192.168.7.2`上并解包，解包后的文件默认在`/data/projects/fate`目录下。然后脚本将远程登录到这些主机并使用docker compose命令启动FATE实例。
 

diff --git a/k8s-deploy/README.md b/k8s-deploy/README.md
@@ -40,7 +40,7 @@ $ git clone git@github.com:FederatedAI/KubeFATE.git
 By default, the script pulls the images from [Docker Hub](https://hub.docker.com/search?q=federatedai&type=image) during the deployment.
 
 ### Use Third Party Registry (Optional)
-It is recommended that non-Internet clusters use [Harbor](https://goharbor.io/) as a third-party registry. Change the `THIRDPARTYPREFIX` to Harbor hostname in the `.env` file. `192.168.10.1` is an example of Harbor ip.
+It is recommended that non-Internet clusters use [Harbor](https://goharbor.io/) as a third-party registry. Please refer to [this guide](https://github.com/FederatedAI/KubeFATE/blob/master/registry/install_harbor.md) to install Harbor. Change the `THIRDPARTYPREFIX` to Harbor hostname in the `.env` file. `192.168.10.1` is an example of Harbor ip.
 
 ```bash
 $ cd KubeFATE/

diff --git a/k8s-deploy/README_zh.md b/k8s-deploy/README_zh.md
@@ -43,7 +43,7 @@ $ git clone git@github.com:FederatedAI/KubeFATE.git
 ```
 
 ## 使用第三方Docker仓库
-非互联网集群建议使用[Harbor](https://goharbor.io/)作为第三方仓库。在`.env`文件中，将`THIRDPARTYPREFIX`更改为Harbor的IP。 192.168.10.1是Harbor IP的示例。
+非互联网集群建议使用[Harbor](https://goharbor.io/)作为第三方仓库。安装Harbor请参考: https://github.com/FederatedAI/KubeFATE/blob/master/registry/install_harbor.md。在`.env`文件中，将`THIRDPARTYPREFIX`更改为Harbor的IP。 192.168.10.1是Harbor IP的示例。
 ```bash
 $ cd KubeFATE/
 $ vi .env

diff --git a/k8s-deploy/images/k8s-cluster.jpg b/k8s-deploy/images/k8s-cluster.jpg
diff --git a/registry/images/harbor-endpoint.png b/registry/images/harbor-endpoint.png
diff --git a/registry/images/harbor-project.png b/registry/images/harbor-project.png
diff --git a/registry/images/harbor_replication.png b/registry/images/harbor_replication.png
diff --git a/registry/install_harbor.md b/registry/install_harbor.md
@@ -0,0 +1,95 @@
+# Install Harbor
+Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency.
+
+Detailed article please refer to: https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md
+
+### Downloading the installer
+
+The binary of the installer can be downloaded from the [release page](https://github.com/goharbor/harbor/releases). Use *tar* command to extract the package.
+
+Offline installer:
+
+```bash
+    $ tar xvf harbor-offline-installer-<version>.tgz
+```
+
+### Configuring Harbor
+
+Configuration parameters are located in the file harbor.yml. Change hostname to local ip, such as 192.168.0.1.
+
+```bash
+    hostname: 192.168.10.1
+```
+
+### Change docker client:
+The default installation of Harbor uses HTTP - as such, you will need to add the option --insecure-registry to your client's Docker daemon and restart the Docker service.
+
+```bash
+    $ sudo vi /etc/docker/daemon.json
+
+    {  
+        "insecure-registries" : [ "192.168.10.1" ]  
+    }
+```
+
+Restart docker daemon:
+
+```bash
+    $ sudo service docker restart
+```
+
+### Install Harbor
+
+```bash
+    $ sudo ./install.sh
+```
+
+### Prepare FATE Image
+
+There are two ways to manage images:
+
+- Build image from FATE
+
+- Replicate from Docker Hub
+
+#### Build image from FATE
+
+Detailed build article please refer to: https://github.com/FederatedAI/FATE/blob/master/docker-build/README.md
+
+#### Replicate from Docker Hub
+
+Go to Projects and click the + New Project button.
+
+<div style="text-align:center", align=center>
+<img src="./images/harbor-project.png" />
+</div>
+
+- Name the project federatedai. Check on the "Access Level" checkbox will make this project public.
+
+Go to Registries and click the + New Endpoint button.
+
+<div style="text-align:center", align=center>
+<img src="./images/harbor-endpoint.png" />
+</div>
+
+- Choose provider to docker-hub.
+
+Go to Replications and click the + New Replication Rule.
+
+<div style="text-align:center", align=center>
+<img src="./images/harbor_replication.png" />
+</div>
+
+Replication mode selection pull-based and docker hub endpoint.  
+Three resource filters are supported:
+* **Name**: Filter resources according to the name.
+* **Tag**: Filter resources according to the tag.
+* **Resource**: Filter images according to the resource type.
+
+The terms supported in the pattern used by name filter and tag filter are as follows:
+* **\***: Matches any sequence of non-separator characters `/`.
+* **\*\***: Matches any sequence of characters, including path separators `/`.
+* **?**: Matches any single non-separator character `/`.
+* **{alt1,...}**: Matches a sequence of characters if one of the comma-separated alternatives matches.
+
+Select a replication rule and click REPLICATE, the resources which the rule is applied to will be replicated from the source registry to the destination immediately. Then the resources will appear in Projects.