Creating a Replication Rule
A replication endpoint must exist before you create a replication rule. To create an endpoint, follow the instructions in Creating Replication Endpoints.
-
Log in to the Harbor interface with an account that has Harbor system administrator privileges.
-
Expand Administration, and select Replications.
-
Click New Replication Rule.
-
Provide a name and description for the replication rule.
-
Select Push-based or Pull-based replication, depending on whether you want to replicate artifacts to or from the remote registry.
-
If you are creating a Pull-based rule, use the Soure Registry drop-down menu to select from the configured replication endpoints.
-
For Source resource filter, identify the artifacts to replicate.
- Name: Replicate resources with a given name by entering an artifact name or fragment.
- Tag: Replicate resources with a given tag by entering a tag name or fragment. You can also specify matching/excluding for this filter.
- Label: Replicate resources with a given label by using the drop-down menu to select from the available labels. You can also specify matching/excluding for this filter.
- Resource: Replicate images, artifacts or all. Artifacts contain images and other OCI compatible resources.
The name filter and tag filters support the following patterns:
- *: Matches any sequence of non-separator characters
/
. - **: Matches any sequence of characters, including path separators
/
. Note that the doublestar must appear as a path component by itself. A pattern such as /path** is invalid and will be treated the same as /path*, but /path*/** should achieve the desired result. - ?: Matches any single non-separator character
/
. - {alt1,…}: Matches a sequence of characters if one of the comma-separated alternatives matches.
NOTE: You must add
library
if you want to replicate the official artifacts of Docker Hub. For example,library/hello-world
matches the official hello-world artifacts.Pattern String(Match or not) library/*
library/hello-world
(Y)
library/my/hello-world
(N)library/**
library/hello-world
(Y)
library/my/hello-world
(Y){library,goharbor}/**
library/hello-world
(Y)
goharbor/harbor-core
(Y)
google/hello-world
(N)1.?
1.0
(Y)
1.01
(N) -
If you are creating a Push-based replication rule, use the Destination Registry drop-down menu to select from the configured replication endpoints.
-
For Destination Namespace, enter the name of the namespace in which to replicate resources in the text box. If you do not enter a namespace, resources are placed in the same namespace as in the source registry.
-
Use the Destination Flattening drop-down to select how you want Harbor treat to image hierarchy when replicating images. Depending on what you select, Harbor will remove the same number of levels from the image’s hierarchy, starting from the left, when replicating an image into your chosen destination namespace.
- Flatten All Levels: Remove all hierarchy from the replicated image. For example,
a/b/c/d/img
replicates tonamespace/img
. This is the default behavior of replication in v2.2 and before. All replication rules created before upgrading to v2.3.0 will default to using this flattening option after upgrade. - No Flattening: Use the same hierarchy when replicating an image. For example,
a/b/c/d/img
replicates tonamespace/a/b/c/d/img
. - Flattening 1 level: Remove one level from the image hierarchy. For example,
a/b/c/d/img
replicates tonamespace/b/c/d/img
. This is the default selection. - Flattening 2 levels: Remove two levels from the image hierarchy. For example,
a/b/c/d/img
replicates tonamespace/c/d/img
- Flattening 3 levels: Remove three levels from the image hierarchy. For example,
a/b/c/d/img
replicates tonamespace/d/img
- Flatten All Levels: Remove all hierarchy from the replicated image. For example,
-
Use the Trigger Mode drop-down menu to select how and when to run the rule.
- Manual: Replicate the resources manually when needed. Note: Deletion operations are not replicated.
- Scheduled: Replicate the resources periodically by defining a cron job. Note: Deletion operations are not replicated.
- Event Based: When a new resource is pushed to the project, or an artifact is retagged, it is replicated to the remote registry immediately. If you select the Delete remote resources when locally deleted, if you delete an artifact, it is automatically deleted from the replication target.
You can filter artifacts for replication based on the labels that are applied to the artifacts. However, changing a label on an artifact does not trigger replication. Event-based replication is limited to pushing, retagging, and deleting artifacts. -
Optionally set the maximum network bandwidth for each replication task, please pay attention to the number of concurrent executions, the default value is 10 for each job-service pod. The unit is kilo bytes per second, and -1 stands for unlimited bandwith.
There’s a known issue 15708, that if you limit the bandwidth too slow, and stop the replication job, it may take quite a long time to really release the job worker to run a new job. -
Optionally select the Override checkbox to force replicated resources to replace resources at the destination with the same name.
-
Optionally select the Copy by chunk checkbox to enable the artifact blobs copied by chunks, currently only supported for source and destination registry are both harbor, but you can enable this by calling harbor API manually for other type registries.
Copy by chunk has not been verified officially between harbor and other type registries. The default chunk size is 10MB, you can override it by setting envREPLICATION_CHUNK_SIZE
in the jobservice, the value should be united as bytes, for example10MB=1024*1024*10
then you should setREPLICATION_CHUNK_SIZE=10485760
. -
Click Save to create the replication rule.
What to Do Next
After you create a replication rule, see Running Replication Manually.
On this page
Contributing