In Harbor the preheat action is policy driven, and is scoped to the project within which it’s created. This means when a
project administrator creates a preheat policy under a specified project, that policy only applies to images managed
under that project.
Create Preheat Policy
To preheat images, you need to create a preheat policy first.
Go to Projects and open your project from the project list.
Open the P2P Preheat tab and then click + NEW POLICY button to open the policy creation dialog.
For the Provider, select a pre-configured preheat provider instance as target from the dropdown list.
Input a suitable name and description(optional) for the policy to identify and describe your creating policy.
Optionally, set the labels filter. Only images with matching labels will be put into the candidate list. Use comma
to split multiple labels, e.g.: label1,label2,labeln and the relationship among multiple labels is AND.
Under certain conditions(deployment security is configured), more criteria may be visible in the policy.
The criteria Only signed images and No vulnerability severity of [severity] and above are directly inherited
from corresponding settings of the project configuration. They cannot be changed in the preheat policy, and the only
way to change them is via project configuration. If they’re configured, they will be visible in the preheat policy
and taken into account when calculating the phreating candidates, otherwise, they will be hidden and no influences to the policy.
If a Notary server is installed and the Deployment Security configuration option Enable content trust is set,
Only signed images will also be available as a criteria for the preheating policy. This means that only images
with valid signatures will be preheated.
If a vulnerability scanner is configured and the Deployment Security configuration option
Prevent vulnerable images from pulling is set, No vulnerability severity of [severity] and above
will also be available as a preheating criteria. With this criteria, only the images whose vulnerability severity match the
criteria can be taken into account.
For the policy trigger, there are multiple ways supported, choose the proper one based on your use case.
Manual: manually start the preheating process.
Schedule: set CRON style schedule to periodically start the preheating process.
some pre-defined cron schedule patterns are provided: Hourly,Daily and Weekly.
customize your own cron schedule by following the
e.g.: */15 0 * * *, execute policy every 15 minutes at every midnight
Event-based: check if the image should be preheated when the related events occurred, the events includes:
OnPush: when the image has been pushed to Harbor
OnScanComplete: when the image has been scanned successfully (no action when scan failed)
OnLabel: when the image has been marked with labels (no action when a label is removed)
When an event occurs, the preheating process is not started immediately. Instead an evaluation process is launched.
The evaluation process will traverse the existing event-based preheat policies under the project where the target
image bound in the event is pushed. If the target image matches the pre-defined filters and criteria of some
event-based preheat policies, then the matched event-based preheat policies with fixed source image will be executed
to complete the preheating process.
Click ADD button to save the policy.
Manage Preheat Policy
Go to Projects and open your project from the project list.
Open the P2P Preheat tab, all the existing preheat policies are listed in the datagrid view.
Select the policy by checking the checkbox at front of the row, click ACTIONS to open the drop down menu.
Click Execute to start the execution of the selected policy immediately.
Click Disable/Enable to disable/enable the selected policy.
A disabled policy cannot bee executed.
Click Edit to open the edit dialog and do modifications to the selected policy.
Click Delete to delete the selected policy.
If the executions of the selected policy are still in progress, the deletion will be rejected.
Manage Executions of Preheat Policy
Select the policy by clicking the radio button at the front of the row. If the policy has been executed before, the
relevant executions will be listed in the execution data grid.
For each execution, you can find the following data:
ID: identity of the execution with a hyperlink pointing to the detailed page
Status: Success,Error and Running
Trigger: the trigger way of the execution, it can be Manual,Scheduled and Event-based
Start Time: the start time of the execution (rendered as local time format)
Duration: the overall duration of the execution
Success Rate: each execution may contain multiple tasks, the percent of the success ones over the total
For the Error status, there will be a small info icon with tooltip that containing the error message next to it.
For the Success status, if there are no images matching the filters and criteria defined in the policy, a small
info icon with tooltip which indicates that no images to preheat will be placed next to it.
Click the ID hyperlink to open the detailed page of the execution.
An execution record may contain multiple preheating tasks because multiple images may meet the policy’s criteria.
Besides the general info, you can also find a simple metrics grouped by the status of tasks:
SUCCESS: how many tasks have been finished
FAILURE: how many tasks are failed to complete
IN PROGRESS: how many tasks are under running
STOPPED: how many tasks have been stopped
All the related tasks of the execution are listed in the task data grid. You can find more detailed info of the task:
Artifact: which artifact is preheating
Status: the status of this preheating task
Digest: the digest of the preheating image
Type: the artifact type of the preheating artifact
Start Time: the start time of this preheating task
Duration: the overall duration of this preheating task
Logs: a hyperlink to open the task logs for checking more details of this preheating task
Harbor only supports preheating images so the value of Type will always be image.