How to Deploy Harbor Across Zones
search cancel

How to Deploy Harbor Across Zones

book

Article ID: 319383

calendar_today

Updated On: 11-02-2023

Products

VMware vSphere ESXi VMware vSphere with Tanzu

Issue/Introduction

This article details how to equally distribute Harbor Registry deployment pods across three Zones, with one of each pod type for the Harbor deployment (Registry, Trivy, Core, Portal, Jobservice, Exporter) residing on each of the three Zones.


Environment

VMware vSphere 8.0 with Tanzu

Resolution

Harbor Registry Deployment Requirements:
 

1.    vCenter version must be on 8.0a or above if using vSphere Zones.
2.    If using vSphere Zones, a designated cluster for the Harbor Registry deployment must be provisioned on Supervisor that is deployed across vSphere Zones. More information about Supervisor clusters deployed across vSphere Zones can be found here.
3.    The Harbor Registry deployment must point to an external storage for Registry PV's, this KB uses an S3 Bucket.
4.    The associated storage class for the Harbor Registry deployment must be set to *-latebinding edition. More information about *-latebinding storage classes can be found here.
5.    The Harbor deployment must have podAntiAffinity set to preferredDuringSchedulingIgnoredDuringExecution.
6.    The deployment must include the label topology.kubernetes.io/zone for nodeAffinity, with the values section including each zone for the Harbor pods to be scheduled on. 

 

Example of required annotations for nodeAffinity and podAntiAffinity:
 

spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: topology.kubernetes.io/zone
                operator: In
                values:
                - zone-1
                - zone-2
                - zone-3
        podAntiAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: app
                operator: In
                values:
                - nginx
            topologyKey: topology.kubernetes.io/zone


 


Additional Information

Deploy StatefulSet Application Across vSphere Zones with Late Binding Volume Attachment
Kubernetes.io documentation for topology.kubernetes.io/zone