Below is table that highlights the required fields for the Harbor data values file.
| Property | Value | Description |
|---|---|---|
| hostname | FQDN | The FQDN that you have designated to access the Harbor UI and for referencing the registry in client applications. The domain should be configured in an external DNS server such that it resolves to the Envoy Service IP created by Contour. |
| tlsCertificate.tlsSecretLabels | {"managed-by": "vmware-vRegistry"} | The certificate that Tanzu Kubernetes Grid uses to install the Harbor CA as a trusted root on Tanzu Kubernetes Grid clusters. |
| persistence.persistentVolumeClaim.registry.storageClass | A storage policy name. | A storage class that is used for the Harbor registry PVCs. |
| persistence.persistentVolumeClaim.jobservice.jobLog.storageClass | A storage policy name. | A storage class that is used for the Harbor jobservice PVCs. |
| persistence.persistentVolumeClaim.database.storageClass | A storage policy name. | A storage class that is used for the Harbor database PVCs. |
| persistence.persistentVolumeClaim.redis.storageClass | A storage policy name. | A storage class that is used for the Harbor redis PVCs. |
| persistence.persistentVolumeClaim.trivy.storageClass | A storage policy name. | A storage class that is used for Harbor trivy PVCs. |
| enableNginxLoadBalancer | true or false | Use a K8s Service of type LoadBalancer to expose Harbor's endpoints when it's set to true. This requires a Supervisor cluster to be configured with a load balancer. enableNginxLoadBalancer and enableContourHttpProxy can't be true at the same time. When they are both set to false an Ingress will be created to expose Harbor's endpoints. |
| enableContourHttpProxy | true or false | When true, uses Contour's httpproxy resources to expose Harbor's endpoint. Ensure enableNginxLoadBalancer and enableContourHttpProxy are not both set true. |