Automated VMware Harbor Registry Deployment With GitLab, Terraform And Ansible

Automated VMware Harbor Registry Deployment With GitLab, Terraform And Ansible

I have involved with a project which needed an automated VMware Harbor registry deployment with GitLab automation, Terraform and Ansible. I thought to writeup for those who are interested with some similar automation work. Actually, this was a sub part of the full project and, I only focus on the VMware Harbor registry deployment in this post. You can find the GitLab repository I created for this from here.

Cloud Platform Configuration

AWS used as the cloud platform for this deployment and, basic VPC setup configured with two public subnets and a private subnet. Again, I focus only the harbor deployment here and use the shared GitLab runners to deploy the application and automation. So, Harbor is deploying to one of the Public subnets of the VPC. GitLab runners are accessing the deployed EC2 from its public IP.

Read More: VMware Kubernetes Academy – A Free Education Platform

Terraform Configuration

Terraform used to build up the backend Cloud platform and EC2 Instance was created to install the Harbor Registry. In this article, I want to add the public IP address of the instance to the “harbor.yml” file to customize the deployment. These configurations should be changed according to the actual requirement of the Harbor registry. All other configurations are with the default settings. I have created a dynamic Ansible inventory file called “harbor_hosts” and updated the “harbor.yml” configuration file with the instance details using Terraform Provisioner local-exec.

Here is the sample Terraform EC2 configuration and entire GitLab repository can be found here.

Ansible Configuration For Harbor Deployment

Ansible playbooks used to install Docker, Docker compose and, perform the harbor configuration and installation on the deployed EC2 instance. You can find my previous post to see how to install Docker and Docker compose with Ansible.

In the Harbor installation, I followed below steps using the Ansible playbook.

  • Downloading Harbor
  • Unzip Habor File
  • Copy Habor Configuration
  • Install Harbor

Here is my Ansible Playbook for the above tasks

- name: Habor ansible playbook
  become: yes
  gather_facts: false
  hosts: all
  - name: Downloading Harbor
    remote_user: ubuntu
      dest: /tmp
      mode: '0777'
  - name: Unzip Habor File
    remote_user: ubuntu
      src: /tmp/harbor-offline-installer-v1.10.0-rc1.tgz
      dest: /tmp
      remote_src: yes
  - name: Copy Habor Configuration
    remote_user: ubuntu
      src: harbor.yml
      dest: /tmp/harbor
      backup: yes
  - name: Install Harbor
    remote_user: ubuntu
    shell: /tmp/harbor/

GitLab CI For The Harbor Deployment

When executing the GitLab Job I used my customized Ubuntu based Docker image to with installed Terraform and Ansible, which I always use for my deployments.

VMware Harbor Automated Deployment GitLab Custom docker image

In order to use GitLab CI AWS authentication, “Access Key ID” and “Secret Access Key ID” and, custom “Keypair” (private and public keys) to deploy the AWS EC2 instance used as the CI/CD Variables in the GitLab repository. My Custom Keys encoded to the base64 values and stored.

VMware Harbor Automated Deployment GitLab variables

These variables directly used in the GitLab CI workflow for the deployment in my “gitlab-ci.yml” file. Single stage, “instance deploy” used as I didn’t want to go forward with multiple stages in this deployment, and few scripting steps followed to achieve the ultimate success of the job.

Here is my “gitlab-ci.yml” file for the deployment

  name: arunalakmal/terransible-aws:1.0
    - '/usr/bin/env'
    - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
    - ‘PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}'


  - mkdir -p ~/.ssh
  - chmod 700 ~/.ssh
  - echo $IRONMANSSH | base64 -di > ~/.ssh/ironman
  - chmod 700 ~/.ssh/ironman
  - echo $IRONMANPUBSSH | base64 -di > ~/.ssh/
  - chmod 700 ~/.ssh/
  - eval $(ssh-agent -s)
  - ssh-add ~/.ssh/ironman
  - rm -rf .terraform
  - terraform --version
  - terraform init

  - instance deploy
instance deploy:
  stage: instance deploy
    - terraform validate 
    - terraform plan -out "hbrdeploy"
    - terraform apply -input=false "hbrdeploy"
    - ansible-playbook -i harbor_hosts ansible-docker-deploy.yaml
    - ansible-playbook -i harbor_hosts harbor-ansible-playbook.yaml

Once the pipeline triggered, deployment will automatically deployed the infrastructure and the Harbor registry in an EC2 Instance.

VMware Harbor Automated Deployment Stage
VMware Harbor Automated Deployment workflow completed

So Harbor registry can be accessible with the Public IP address

VMware Harbor Automated Deployment Deployed

There are many tweaks can be made and different approaches can be used for similar deployment. This is the way I achieved my VMware Harbor registry deployment with GitLab, Terraform and Ansible.

Click to rate this post!
[Total: 8 Average: 5]

Leave a Reply

Your email address will not be published. Required fields are marked *