From c1ab98efd73fdeda9d685d7aaff51717505b847d Mon Sep 17 00:00:00 2001 From: zhaoxinxin <1186037180@qq.com> Date: Fri, 27 Sep 2024 11:33:35 +0800 Subject: [PATCH] docs: preheat add Harbor using self-signed certificates Signed-off-by: zhaoxinxin <1186037180@qq.com> --- docs/advanced-guides/preheat.md | 36 +++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/docs/advanced-guides/preheat.md b/docs/advanced-guides/preheat.md index 2e1fb84..5a80046 100644 --- a/docs/advanced-guides/preheat.md +++ b/docs/advanced-guides/preheat.md @@ -356,3 +356,39 @@ Click the executions `ID` to view the detailed information of the preheating tas The expected output is as follows. ![log](../resource/advanced-guides/preheat/log.png) + +## Harbor using self-signed certificates + +If you use Harbor with a self-signed certificate for preheat, you will need to modify the Manager configuration. + +Configure Manager yaml file, The default path in Linux is `/etc/dragonfly/manager.yaml` in linux, refer to [Manager](../reference/configuration/manager.md). + +> Notice: `yourdomain.crt` is Harbor's ca.crt. + +```shell +job: + # Preheat configuration. + preheat: + # registryTimeout is the timeout for requesting registry to get token and manifest. + registryTimeout: 1m + tls: + # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. + insecureSkipVerify: false + # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. + caCert: /etc/certs/yourdomain.crt +``` + +Skip TLS verification, set `job.preheat.tls.insecureSkipVerify` to true. + +```shell +job: + # Preheat configuration. + preheat: + # registryTimeout is the timeout for requesting registry to get token and manifest. + registryTimeout: 1m + tls: + # insecureSkipVerify controls whether a client verifies the server's certificate chain and hostname. + insecureSkipVerify: true + # # caCert is the CA certificate for preheat tls handshake, it can be path or PEM format string. + # caCert: '' +```