MinerYang
commented
2 weeks ago Hi @srad760 ,
Could you check if your are using correct ca.crt for verification by using the s3fs cli without -o no_check_certificate and identifying the same crt you configured in harbor.yml
s3fs harbor-test-stor /s3 -o url=https://10.71.165.28/ -o passwd_file=.passwd-s3fs -o allow_other -o no_check_certificate -o dbglevel=info -o use_path_request_styleyou could also check other settings of your s3/miniio, for your reference: https://github.com/goharbor/harbor/issues/16437
srad760
Hello, I have HARBOR configured with MINIO. Everything works correctly when I refer to S3 (on MINIO) using the http protocol. When I configured HARBOR to communicate with S3 on MINIO via https, I get the error "received unexpected HTTP status: 500 Internal Server Error"
root@AOPTAPP01HARBORPOC:~/harbor/ Using default tag: latest The push refers to repository [aoptapp01harborpoc.local:443/minio02/nginx] 9fd54926bcae: Layer already exists 175aa66db4cc: Layer already exists e6380a7057a5: Layer already exists 1db2242fc1fa: Layer already exists b09347a1aec6: Layer already exists bbde741e108b: Layer already exists 52ec5a4316fa: Layer already exists received unexpected HTTP status: 500 Internal Server Error root@AOPTAPP01HARBORPOC:~/harbor#
However, I can easily mount the s3 resource directly on the Harbor server and list all the files. s3fs harbor-test-stor /s3 -o url=https://10.71.165.28 -o passwd_file=.passwd-s3fs -o allow_other -o no_check_certificate -o dbglevel=info -o use_path_request_style
root@AOPTAPP01HARBORPOC:~# ls /s3/docker/registry/v2/repositories/ minio02 minio03 root@AOPTAPP01HARBORPOC:~# Below I paste part od secion configuration file STORE_SERVICE
storage_service: s3: ca_bundle: /data/certs/s3certs/harbor.lab.crt bucket: harbor-bucket accesskey: luEf4hsoqISyXRuUh2Gh secretkey: ***** regionendpoint: https://10.71.165.28:9443/ region: LAB rootdirectory: / v4auth: true encrypt: false secure: true chunksize: 5242880 ca_bundle: /data/certs/s3certs/harbor.lab.crt skipverify: true
I tried with different settings of all parameters but the result was always the same INTERNAL ERROR 500
[Step 5]: starting Harbor ... WARN[0000] /root/harbor/docker-compose.yml:
versionis obsolete [+] Running 9/9 ✔ Network harbor_harbor Created 0.1s ✔ Container harbor-log Started 0.0s ✔ Container redis Started 0.1s ✔ Container registry Started 0.1s ✔ Container registryctl Started 0.1s ✔ Container harbor-portal Started 0.1s ✔ Container harbor-core Started 0.0s ✔ Container harbor-jobservice Started 0.0s ✔ Container nginx Started 0.0s ✔ ----Harbor has been installed and started successfully.----root@AOPTAPP01HARBORPOC:~/harbor# /root/.docker/cli-plugins/docker-compose ps WARN[0000] /root/harbor/slawol/harbor/docker-compose.yml:
versionis obsolete NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS harbor-core goharbor/harbor-core:v2.10.2 "/harbor/entrypoint.…" core About a minute ago Up About a minute (healthy) harbor-jobservice goharbor/harbor-jobservice:v2.10.2 "/harbor/entrypoint.…" jobservice About a minute ago Up About a minute (healthy) harbor-log goharbor/harbor-log:v2.10.2 "/bin/sh -c /usr/loc…" log About a minute ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp harbor-portal goharbor/harbor-portal:v2.10.2 "nginx -g 'daemon of…" portal About a minute ago Up About a minute (healthy) nginx goharbor/nginx-photon:v2.10.2 "nginx -g 'daemon of…" proxy About a minute ago Up About a minute (healthy) 0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp redis goharbor/redis-photon:v2.10.2 "redis-server /etc/r…" redis About a minute ago Up About a minute (healthy) registry goharbor/registry-photon:v2.10.2 "/home/harbor/entryp…" registry About a minute ago Up About a minute (healthy) registryctl goharbor/harbor-registryctl:v2.10.2 "/home/harbor/start.…" registryctl About a minute ago Up About a minute (healthy) root@AOPTAPP01HARBORPOC:~/harbor#I would like to mention that all commands are executed from the host where HARBIOR is installed
Version of hartbor : harbor-offline-installer-v2.10.1
Regards Slawomir