Open in app

Sign in

Write

Sign in

Setting Up Harbor Container Registry on AWS EC2

Ganindu Prabasha Pushpakumara
4 min readNov 26, 2023

--

Containerization has brought significant advance­ments to the process of building, shipping, and de­ploying applications. With technologies like Docke­r and Kubernetes le­ading the way, containers have be­come essential for mode­rn DevOps and cloud-native deve­lopment. To effective­ly manage your container images, a de­pendable container re­gistry is crucial, which is where Harbor comes in.

Harbor is a free­ and open-source registry for managing and storing containe­r images securely.

Why we need Harbor Container Registry ?

  • Secure and Compliant Container Images - Harbor provides e­ssential security measure­s, including vulnerability scanning and image signing.
  • Effortless Image Dissemination - Harbor’s image replication feature enables redundancy and reduces latency by allowing images to be copied across multiple registries, making it ideal for global teams and regions with limited connectivity.
  • Role-Based Access Control (RBAC) - In professional environments, Harbor’s RBAC offers precise access control for team members with varying permissions in managing container images.
  • Storage and Scalability - Harbor is support for numerous storage backends such as S3, NFS and more.
  • Integration with CI/CD - Harbor into their CI/CD pipelines, DevOps teams automate image uploads and ensure they have the most up-to-date and tested container images available.
  • Cost Efficiency - Harbor is open-source, reduces costs by decreasing data transfer expenses while optimizing image storage.

In this article­, we will walk you through the steps to se­t up Harbor Container Registry on an AWS EC2 instance, so you can confidently manage and distribute­ your container images.

Prerequisites

  • AWS account with necessary permissions.
  • AWS EC2 instance
  • AWS ALB
  • ALB configure with Route53
  • Basic knowledge of Docker and AWS services.

Step 1: Launch an AWS EC2 Instance

  1. Log into your AWS Management Console and navigate to the EC2 Dashboard.
  2. Launch an instance
  • Instance Name - harbor
  • AMI - Amazon Linux 2023 AMI
  • Architecture - 64-bit (x86)
  • Instance type - t2.large
  • Security Group harbor-sg Configure as below,

SSH port - Access the Ec2 instance

HTTP port - Access the Harbor UI interface

Step 2: Install Docker and Docker Compose

  1. First SSH into your EC2.

2. Now we need to install the Docker and Docker Compose;

  • Docker
sudo yum update
sudo yum install -y  docker
sudo usermod -a -G docker ec2-user

after that recommend for sudo reboot

sudo systemctl enable docker.service
sudo systemctl start docker.service
sudo systemctl status docker.service
  • Docker Compose
wget https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) 
sudo mv docker-compose-$(uname -s)-$(uname -m) /usr/local/bin/docker-compose
sudo chmod -v +x /usr/local/bin/docker-compose
docker-compose version

Step 3: Install Harbor Container Registry

wget https://github.com/goharbor/harbor/releases/download/v2.7.3/harbor-online-installer-v2.7.3.tgz
tar xzvf harbor-online-installer-v2.7.3.tgz

After installing it creates a folder called harbor

Go inside to the folder and rename the harbor.yml.tmpl to harbor.yml

For now I only need to access the UI, So I am doing these configurations in harbor.yml .

Comment Https for now!

Finally install the sh script using sudo ./install.sh

Access the web UI with the <ec2-public-dns>.

Username - admin

Password - Harbor12345

To interact with the repository in advance. you should follow these steps;

Step 1: Launch a AWS ALB

  1. First you need to Create a AWS ALB harbor-elb that point to the harbor EC2 for that,
  • Security Group harbor-elb-sg

For more secure your Harbor Container Registry you can use your vpn ip for the source without using 0.0.0.0/0 .

  • Target Group harbor-ec2 point to 80 port .
  • Listener and Rules

Step 2: Create Route53

Create a domain using Route53 and point to the harbor-elb .

Example domain - harbor-demo.example.com

Step 3: Secure our EC2

  • Security Group harbor-sg Configure as below,

Add your harbor-elb-sg security group to your HTTP port source.

Step 4: Update harbor.yml

update <ec2-public-dns> with harbor-demo.example.com .

Once again install the sh script using sudo ./install.sh .

Now you can access your Harborusing harbor-demo.example.com

Now you can login to the Harbor with your local terminal

docker login harbor-demo.example.com -u admin -p Harbor12345

Rest of the codes are same as dockerHub .

Conclusion

In summary, Harbor, despite not being the most widely known tool, offers a versatile solution for managing container images on an AWS EC2 instance. With a broad array of features, it empowers you to securely store, manage, and distribute your container images, enhancing your DevOps workflows

DevOps
Development
Software Engineering
Security
Devops Practice

--

--

Ganindu Prabasha Pushpakumara

Written by Ganindu Prabasha Pushpakumara

8 Followers

DevSecOps

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams