search

goharbor / harbor

An open source trusted cloud native registry project that stores, signs, and scans content.
https://goharbor.io
Apache License 2.0
22.84k stars 4.63k forks source link

Openshift cluster1 harbor to another openshift cluster2 harbor integration for replication issue #20312

Open SubhashKumardkalwal opened 1 month ago

SubhashKumardkalwal commented 1 month ago

We have installed harbor with helm in OpenShift cluster1 and In another OpenShift cluster2 we have installed harbor too, we want to integrate endpoint of cluster1 harbor to other cluster harbor for replication setup but its failing with Failed to ping endpoint.(New Registry Endpoint)

I have unselected Verify Remote Cert even its not establishing the connection, i could see both the clusters subnet reachable from each other.

We have ingress created in each cluster, what else we can do? , does it support?

Can you give me step by steps, either any dns need to be added in dns forwarder??

chlins commented 1 month ago

Please provide the harbor-core logs of two harbor instances.

zyyw commented 1 month ago

could you please check the harbor1 FQDN defined in clusters from cluster2? For example, maybe you can try to pull an image from harbor1 (cluster1) within cluster2 to check if the network connectivity is setup successfully or not.

SubhashKumardkalwal commented 1 month ago

Thanks @zyyw and @chlins : I have made dns farwarder changes in cluster1, added cluster2 dns name server in cluster1 dfault dns its failing with dns lookup, as i wanted to add cluster2 harbor2 integration with cluster1 harbor1

2024-04-22T06:18:40Z [ERROR] [/lib/http/error.go:57]: {"errors":[{"code":"UNKNOWN","message":"unknown: Get \"https://harbor2/api/version\": dial tcp: lookup harbor2 on 172.30.0.10:53: server misbehaving"}]} 2024-04-22T06:18:42Z [ERROR] [/lib/http/error.go:57]: {"errors":[{"code":"UNKNOWN","message":"unknown: Get \"https://harbor2/api/version\": dial tcp: lookup harbor2 on 172.30.0.10:53: server misbehaving"}]} :53: server misbehaving"}]}

When i do the chart push from cluster2 one of the node it is working

helm registry login -u -p https://harbor1 --insecure Login Succeeded

helm push harbor-1.14.0.tgz oci://harbor1/cal --insecure-skip-tls-verify

Pushed: harbor1/cal/harbor:1.14.0 Digest: sha256:c0a7672bf5acd626b71af9d86954fdefc28aca95a8c3657c013da6bbca9d760a

chlins commented 1 month ago

From your description, it is resolved normally on node, but not on harbor. It may be that the DNS of the pod cannot be resolved normally. You may need to apply some configurations to the CoreDNS.