This article details how to equally distribute Harbor Registry deployment pods across three Zones, with one of each pod type for the Harbor deployment (Registry, Trivy, Core, Portal, Jobservice, Exporter) residing on each of the three Zones.
Harbor Registry Deployment Requirements:
1. vCenter version must be on 8.0a or above if using vSphere Zones.
2. If using vSphere Zones, a designated cluster for the Harbor Registry deployment must be provisioned on Supervisor that is deployed across vSphere Zones. More information about Supervisor clusters deployed across vSphere Zones can be found here.
3. The Harbor Registry deployment must point to an external storage for Registry PV's, this KB uses an S3 Bucket.
4. The associated storage class for the Harbor Registry deployment must be set to *-latebinding edition. More information about *-latebinding storage classes can be found here.
5. The Harbor deployment must have podAntiAffinity set to preferredDuringSchedulingIgnoredDuringExecution.
6. The deployment must include the label topology.kubernetes.io/zone for nodeAffinity, with the values section including each zone for the Harbor pods to be scheduled on.
Example of required annotations for nodeAffinity and podAntiAffinity:
spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: topology.kubernetes.io/zone operator: In values: - zone-1 - zone-2 - zone-3 podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - nginx topologyKey: topology.kubernetes.io/zone