以下是一个示例k3s搭建Harbor的配置文件:
# k3s-server-harbor.yaml
# k3s server config
write-kubeconfig-mode: 0644
tls-san:
- "my-k3s-server.example.com"
- "my-k3s-harbor.example.com"
# Harbor setup
kubelet-arg:
cloud-provider: external
feature-gates: CSINodeInfo=true,CSIDriverRegistry=true,VolumeSnapshotDataSource=true
node-taint:
# Ensure that the harbor node runs only the harbor components
"node-role.kubernetes.io/not-ready": "true:NoSchedule"
"node-role.kubernetes.io/harbor": "true:NoSchedule"
extra_binds:
# Bind /data to a persistent volume for Harbor data storage
- "/mnt/data/harbor:/data"
# Harbor-specific environment variables
env:
- name: SECRET_KEY
value: "mysecretpassword"
- name: ROOT_PASSWORD
value: "mypassword"
- name: HARBOR_ADMIN_PASSWORD
value: "myadminpassword"
# Ingress configuration for Harbor
ingress-nginx:
enabled: true
options:
--set controller.publishService.enabled=false
--set controller.metrics.enabled=true
--set-string ssl-passthrough.enabled=true
--set-string ssl-passthrough.hostname=my-k3s-harbor.example.com
harbor:
enabled: true
image: harbor/harbor:v2.3.0
expose:
type: ingress
tls:
hosts:
- my-k3s-harbor.example.com
secretName: harbor-tls-secret
database:
password: mydbpassword
redis:
password: myredispassword
上述配置文件中,我们指定了k3s server的TLS证书信息和Harbor的相关配置,包括kubelet参数,taint节点标记,数据挂载点,环境变量以及Ingress和Harbor的相关设置。可以根据实际需要进行更改。