IPV6 support

[bizhao]

Is your feature request related to a problem? Please describe. Current Harbor cannot work in an IPV6 environment.

Describe the solution you'd like A clear and concise description of what you want to happen. Support IPV6 in the full life cycle of Harbor.

Describe the main design/architecture of your solution A clear and concise description of what does your solution look like. Rich text and diagrams are preferred. Support static and DHCP ipv6 address for all supported installation methods (standalone and Kubernetes).

Describe the development plan you've considered Need some evaluation the development efforts and see how to proceed.

Additional context

[xaleeks]

K8s upstream doesn’t have full support for it either, Ipv6 dual stack in upstream is alpha https://github.com/kubernetes/kubernetes/blob/master/pkg/features/kube_features.go#L492-L496

[DennisGlindhart]

K8s upstream doesn’t have full support for it either, Ipv6 dual stack in upstream is alpha https://github.com/kubernetes/kubernetes/blob/master/pkg/features/kube_features.go#L492-L496

K8S has been running IPv6 fine since 1.9 (2017/2018). DualStack-support is what is being worked on currently (running both IPv4 and IPv6 protocols at the same time), but people have been running IPv6 single-stack clusters fine for years.

We've been running IPv6 only for a few years now, but cannot migrate to Harbor until this is handled.

[liy516]

Is Harbor IPv6 support in the plan?

[shwill]

For a docker installation you can enable it by:

1) Stop the registry: docker-compose down 2) Add another ipv6-enabled network to the proxy service:

proxy:
    ...
    networks:
      - ...
      - expose
...
networks:
 ...
  expose:
    external: false
    enable_ipv6: true
    ipam:
      config:
        - subnet: "fdc8:5111:a111::/64" # adjust the subnet according to your configuration

3) Edit the nginx configuration to actually listen on ipv6: common/config/nginx/nginx.conf. Add a line for all server { ... } blocks:

server {
      listen 8443;
      listen [::]:8443;
      ...
}
...
server {
      listen 8080;
      listen [::]:8080;
      ...
}
...
server {
      listen 9090;
      listen [::]:9090;
      ...
}

4) Start the registry again docker-compose up -d

I would recommend a change to streamline this process a bit better, though.

[github-actions[bot]]

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

[muralisankar32]

Could you please confirm whether harbor is now supported for pure IPv6 with docker-compose setup or any additional customizations needs to be done.

[dk-tgz]

With config from @shwill I was able to enable ipv6 but it doesn't work for s3 storage. I was able to use docker login to log into harbor, portal worked fine. However, I could not pull any image I got:

x1: Retrying in 1 second
x2: Retrying in 1 second
x3: Retrying in 1 second
x4: Waiting
x5: Waiting
x6: Waiting
x7: Waiting
error pulling image configuration: download failed after attempts=6: dial tcp <aws ipv4 s3 address>:443: i/o timeout 

Inside storage_service I specified usedualstack: true but got ipv4 address to s3 anyway.