Customer is using TKGi 1.9.2 with embbeded Harbor 2.1. Harbor has database auth mode by default.
Now customer wants to integrate the same harbor with OIDC. I was not able to change the auth mode in harbor URL. The drop-down button is disabled.
Solution:
SSH into Harbor VM and Access PostgreSQL Database
~$ bosh -e pks vms
Using environment '10.193.121.11' as user 'director' (bosh.*.read, openid, bosh.*.admin, bosh.read, bosh.admin)
Task 186. Done
:
Deployment 'harbor-container-registry-74b44adfd44a90f27cb3'
Instance Process State AZ IPs VM CID VM Type
harbor-app/57d51b5a-cd39-4b71-bb66-a08184ae9842 running AZ1 10.193.121.13 vm-c5eb38a5-acd7-4769-a731-617b0de04dd5 large.disk
:
~$ bosh -e pks -d harbor-container-registry-74b44adfd44a90f27cb3 ssh harbor-app/57d51b5a-cd39-4b71-bb66-a08184ae9842
harbor-app/57d51b5a-cd39-4b71-bb66-a08184ae9842:~$ sudo -i
harbor-app/57d51b5a-cd39-4b71-bb66-a08184ae9842:~# alias docker='/var/vcap/packages/docker/bin/docker -H unix:///var/vcap/sys/run/docker/dockerd.sock'
Clear out all users except admin/anonymous. If there is any foreign key association, it is also necessary to remove the association
harbor-app/57d51b5a-cd39-4b71-bb66-a08184ae9842:/# docker exec -it harbor-db bash
root [ / ]# psql -U postgres
\c registry
select * from harbor_user;
delete from harbor_user where user_id > 2;
Refresh the Harbor web console-> Configurations, then you can change the auth_mode to OIDC.
No comments:
Post a Comment