Closed allaboutopensource closed 5 days ago
Seems a dup of #13461
Hi guys :)
If you look at prepare script you will see
docker run ... -v /:/hostfs
change it to docker run ... -v /pathOfYourCert/certs:/hostfs
docker run --rm -v $input_dir:/input \ -v $data_path:/data \ -v $harbor_prepare_path:/compose_location \ -v $config_dir:/config \ -v /:/hostfs \ --privileged \ goharbor/prepare:v2.1.5 prepare $@
docker run --rm -v $input_dir:/input \ -v $data_path:/data \ -v $harbor_prepare_path:/compose_location \ -v $config_dir:/config \ -v /pathOfYourCert/certs:/hostfs \ --privileged \ goharbor/prepare:v2.1.5 prepare $@
That will fix the problem :)
Hi @sahramelissa, this did not work for me. I am trying to install Harbor v2.3.2.
I changed the file to: docker run ... -v /pathOfYourCert/certs:/hostfs/pathOfYourCert/certs and it worked for me!
Looks like this is still broken. Here is the log:
Generated configuration file: /config/log/rsyslog_docker.conf cron.hourly landscape PackageKit sysctl.conf │Traceback (most recent call last): cron.monthly ldap pam.conf sysctl.d │ File "/usr/src/app/main.py", line 15, in <module> crontab ld.so.cache pam.d systemd │ cli() cron.weekly ld.so.conf passwd terminfo │ File "/usr/lib/python3.9/site-packages/click/core.py", line 1137, in __call__ cryptsetup-initramfs ld.so.conf.d passwd- thermald │ return self.main(*args, **kwargs) crypttab legal perl timezone │ File "/usr/lib/python3.9/site-packages/click/core.py", line 1062, in main dbus-1 letsencrypt pki tmpfiles.d │ rv = self.invoke(ctx) dconf libaudit.conf pm ubuntu-advantage │ File "/usr/lib/python3.9/site-packages/click/core.py", line 1668, in invoke debconf.conf libblockdev polkit-1 ucf.conf │ return _process_result(sub_ctx.command.invoke(sub_ctx)) debian_version libnl-3 pollinate udev │ File "/usr/lib/python3.9/site-packages/click/core.py", line 1404, in invoke default locale.alias popularity-contest.conf udisks2 │ return ctx.invoke(self.callback, **ctx.params) deluser.conf locale.gen profile ufw │ File "/usr/lib/python3.9/site-packages/click/core.py", line 763, in invoke depmod.d localtime profile.d update-manager │ return __callback(*args, **kwargs) dhcp logcheck protocols update-motd.d │ File "/usr/src/app/commands/prepare.py", line 47, in prepare docker login.defs python3 update-notifier │ prepare_nginx(config_dict) dpkg logrotate.conf python3.8 UPower │ File "/usr/src/app/utils/nginx.py", line 23, in prepare_nginx e2scrub.conf logrotate.d rc0.d vim │ render_nginx_template(config_dict) environment lsb-release rc1.d vmware-tools │ File "/usr/src/app/utils/nginx.py", line 56, in render_nginx_template ethertypes ltrace.conf rc2.d vtrgb │ prepare_nginx_certs(config_dict['cert_key_path'], config_dict['cert_path']) fonts lvm rc3.d wgetrc │ File "/usr/src/app/utils/nginx.py", line 42, in prepare_nginx_certs fstab machine-id rc4.d X11 │ shutil.copy2(host_ngx_cert_key_path, real_key_path) fuse.conf magic rc5.d xattr.conf │ File "/usr/lib/python3.9/shutil.py", line 435, in copy2 fwupd magic.mime rc6.d xdg │ copyfile(src, dst, follow_symlinks=follow_symlinks) gai.conf mailcap rcS.d zsh_command_not_found │ File "/usr/lib/python3.9/shutil.py", line 264, in copyfile sanjay@harbor:/etc$ cd.. │ with open(src, 'rb') as fsrc, open(dst, 'wb') as fdst: cd..: command not found │FileNotFoundError: [Errno 2] No such file or directory: '/hostfs/etc/docker/certs.d/harbor.xeroloop.com/ha sanjay@harbor:/etc$ cd .. │rbor.xeroloop.key'
Hello, I'm having this issue to install Harbor 2.4.1, interestingly, I was able to install Harbor 1.10 fine and the cert and key were on the exacly same path. I've attempted all solutions proposed on this thread, no luck. Any idea ? Thanks in advance for your time.
The following is the output of /.install.sh
[Step 3]: preparing harbor configs ...
prepare base dir is set to /usr/local/src/harbor
Traceback (most recent call last):
File "/usr/src/app/main.py", line 15, in
This is the section of certs on my harbor.yml file:
certificate: /etc/letsencrypt/live/myserver.com/fullchain.pem private_key: /etc/letsencrypt/live/myserver.com/privkey.pem
Please notice that both paths are sym links to the "real" files generated by cerbot
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
I ran into this issue as well, after much frustration, I determined that it appears to be an issue when docker is installed from snap (how it's installed from Ubuntu live disk). My workaround was to remove docker from snap (snap remove docker) and then follow the official docker install instructions, afterwards I was able to install without modifying the prepare script.
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
I also have same doubt, but it resolved..... we need to create a data/cert directory and move our certificate inside that.
And in harbor/prepare add :-
docker run --rm -v $input_dir:/input \ -v $data_path:/data \ -v $harbor_prepare_path:/compose_location \ -v $config_dir:/config \ -v /home/ubuntu/data/cert:/hostfs/home/ubuntu/data/cert \ --privileged \ goharbor/prepare:v2.1.5 prepare $@
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
Got the same error when run install, and finally found that there is a directory /hostfs
already exist in the VM, after removed this directory, install script works.
We are running v2.5.0 of Harbor on Ubuntu Linux, and faced the same issue when attempting to run the install.sh
script. When running the script we would get the error and have the certificates we were providing deleted from the directory passed to the $data_path
parameter (specifically /data/secret/cert/
).
[Step 4]: preparing harbor configs ...
prepare base dir is set to /etc/harbor/harbor
Traceback (most recent call last):
File "/usr/src/app/main.py", line 15, in <module>
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/portal/nginx.conf
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
cli()
File "/usr/lib/python3.10/site-packages/click/core.py", line 1137, in __call__
return self.main(*args, **kwargs)
File "/usr/lib/python3.10/site-packages/click/core.py", line 1062, in main
rv = self.invoke(ctx)
File "/usr/lib/python3.10/site-packages/click/core.py", line 1668, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/lib/python3.10/site-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/lib/python3.10/site-packages/click/core.py", line 763, in invoke
return __callback(*args, **kwargs)
File "/usr/src/app/commands/prepare.py", line 47, in prepare
prepare_nginx(config_dict)
File "/usr/src/app/utils/nginx.py", line 23, in prepare_nginx
render_nginx_template(config_dict)
File "/usr/src/app/utils/nginx.py", line 56, in render_nginx_template
prepare_nginx_certs(config_dict['cert_key_path'], config_dict['cert_path'])
File "/usr/src/app/utils/nginx.py", line 42, in prepare_nginx_certs
shutil.copy2(host_ngx_cert_key_path, real_key_path)
File "/usr/lib/python3.10/shutil.py", line 434, in copy2
copyfile(src, dst, follow_symlinks=follow_symlinks)
File "/usr/lib/python3.10/shutil.py", line 254, in copyfile
with open(src, 'rb') as fsrc:
FileNotFoundError: [Errno 2] No such file or directory: '/hostfs/data/secret/cert/server.key'
EDIT: We were able to trace the issue back to directory passed to the https.certificate
and https.private_key
keys in the harbor.yml
. It would not accept /data/secret/cert/
but would accept /data/cert/
(note that we still have to keep a copy of the same cert / key in the /data/secret/cert/
directory for all containers to come up).
We have been running Harbor for several years but only observed this issue when rebuilding the host, and wiping both the directory passed to $data_path
parameter as well as the install directory /etc/harbor/
.
Run prepare script with the right Path docker run --rm -v $input_dir:/input -v $data_path:/data -v $harbor_prepare_path:/compose_location -v $config_dir:/config -v /pathOfYourCert/certs:/hostfs --privileged goharbor/prepare:v2.1.5 prepare $@
I was able to resolve the issue with the solution provided by @sahramelissa.
My certs and key files were present in /dir/certs
and I mounted that directory to /hostfs
-> -v /dir/certs:/hostfs
.
In harbor.yml, you just simply need to point to the location of certificates wrt directory /dir/certs
.
However this works for image goharbor/prepare:v2.11.0
.
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
This issue was closed because it has been stalled for 30 days with no activity. If this issue is still relevant, please re-open a new issue.
After inserting the SSL certificate using the cert and key parameter in the harbor.yaml file and when i run the prepare script i get this error:
Traceback (most recent call last): File "main.py", line 15, in
cli()
File "/usr/lib/python3.6/site-packages/click/core.py", line 829, in call
return self.main(args, kwargs)
File "/usr/lib/python3.6/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/usr/lib/python3.6/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, ctx.params)
File "/usr/lib/python3.6/site-packages/click/core.py", line 610, in invoke
return callback(args, **kwargs)
File "/usr/src/app/commands/prepare.py", line 49, in prepare
prepare_nginx(config_dict)
File "/usr/src/app/utils/nginx.py", line 23, in prepare_nginx
render_nginx_template(config_dict)
File "/usr/src/app/utils/nginx.py", line 56, in render_nginx_template
prepare_nginx_certs(config_dict['cert_key_path'], config_dict['cert_path'])
File "/usr/src/app/utils/nginx.py", line 42, in prepare_nginx_certs
shutil.copy2(host_ngx_cert_key_path, real_key_path)
File "/usr/lib/python3.6/shutil.py", line 263, in copy2
copyfile(src, dst, follow_symlinks=follow_symlinks)
File "/usr/lib/python3.6/shutil.py", line 120, in copyfile
with open(src, 'rb') as fsrc:
FileNotFoundError: [Errno 2] No such file or directory: '/hostfs/root/certs/abc.key'
SSL certificate paths is : /root/certs/ not sure why is it picking /hostfs/root/certs I checked the dns setting and they are fine too. Able to restart the harbor service using the docker-compose.
harbor Version v2.1.1-5f52168e CentOS Linux release 7.8.2003 (Core)