Harness Key Concepts

Get Started with Continuous Efficiency

Built-in App Tour Guide

AWS AMI Quickstart

AWS CodeDeploy Quickstart

AWS ECS Quickstart

AWS Lambda Quickstart

Helm Quickstart

IIS (.NET) Quickstart

Kubernetes Quickstart

Pivotal Cloud Foundry Quickstart

Tour Harness Manager

Supported Platforms and Technologies

Checklist Builder

Harness Delegate Overview

Approve or Reject Harness Delegates

Using the Helm Delegate

Target Delegates to Specific Namespaces

Automate Harness Kubernetes Delegate Setup

Use Custom Helm Binaries on Harness Delegates

Connectors Overview

Add Cloud Providers

Add Kubernetes Cluster Cloud Provider

Add Google Cloud Platform Cloud Provider

Add Amazon Web Services Cloud Provider

Add Microsoft Azure Cloud Provider

Add Pivotal Cloud Foundry Cloud Provider

Add Physical Data Center as Cloud Provider

Add SpotInst Cloud Provider

Add Artifact Servers

Add Azure DevOps Artifact Servers

Add Jenkins Artifact Servers

Add Bamboo Artifact Servers

Add Docker Registry Artifact Servers

Add Nexus Artifact Servers

Add Artifactory Servers

Add Samba Server Artifact Servers

Add SFTP Artifact Servers

Add Helm Repository Artifact Servers

Add Source Repo Providers

Add a GitHub Repo

Add a Bitbucket Repo

Add a GitLab Repo

Add a CodeCommit Repo

Add Collaboration Providers

Add SMTP Collaboration Provider

Add Jira Collaboration Provider

Add ServiceNow Collaboration Provider

Add Verification Providers

Manage User Notifications

Send Notifications Using Slack

Send Slack Messages from Workflows

Send Notifications to Microsoft Teams

Manage Alert Notifications

Migrate to Harness Community

Add Application Stacks

Use Templates

Use Expressions in Workflow and Pipeline Tags

Assign Metadata Using Tags

Apply Filters Using Tags

Manage Tags

Deployments Overview

Filtering Deployments

View the Delegates Used in a Deployment

Export Deployment Logs

Restrict Deployment Access to Specific Environments

AMI Deployments Overview

AMI Basic Deployment

AMI Canary Deployment

AMI Blue/Green Deployment

AMI Spotinst Elastigroup Deployment

ECS Deployments Overview

1 - Harness ECS Delegate

2 - ECS Connectors and Providers Setup

3 - ECS Services

4 - ECS Environments

5 - ECS Workflows

6 - ECS Blue/Green Workflows

7 - ECS Setup in YAML

8 - ECS Troubleshooting

Deploy Multiple ECS Sidecar Containers

AWS Lambda How-tos

AWS Lambda Deployment Overview

Connect to AWS for Lambda Deployments

Add Lambda Functions

Define Your Lambda Target Infrastructure

Create a Basic Lambda Deployment

View Lamba Deployments in the Serverless Functions Dashboard

Build and Deploy Pipelines Overview

1 - Harness Account Setup

2 - Service and Artifact Source

3 - Build Workflow

4 - Environment

5 - Deploy Workflow

6 - Artifact Build and Deploy Pipelines

7 - Triggers

Azure Deployments Overview

1 - Harness Account Setup for Azure

2 - Service and Azure Artifact Source

3 - Azure Environment

4 - Azure Workflows and Deployments

5 - Azure Troubleshooting

Helm Deployment Guide Overview

1 - Delegate, Providers, and Helm Setup

2 - Helm Services

3 - Helm Environments

4 - Helm Workflows and Deployments

5 - Helm Troubleshooting

Upgrade Native Helm 2 Deployments to Helm 3

IIS (.NET) Deployment Overview

1 - Delegate and Connectors for IIS

2 - Services for IIS (.NET)

3 - IIS Environments in AWS and Azure

4 - IIS Workflows and Pipelines

5 - Best Practices and Troubleshooting

Kubernetes How-tos

Connect to Your Target Kubernetes Platform

Add Container Images for Kubernetes Deployments

Pull an Image from a Private Registry for Kubernetes

Define Kubernetes Manifests

Use Go Templating in Kubernetes Manifests

Adding and Editing Inline Kubernetes Manifest Files

Upload Kubernetes Resource Files

Use a Helm Repository with Kubernetes

Link Resource Files or Helm Charts in Git Repos

Using Harness Config Variables in Manifests

Use Harness Config Files in Manifests

Override Values YAML Files

Override Harness Kubernetes Service Settings

Define Your Kubernetes Target Infrastructure

Provision Kubernetes Infrastructures

Create a Kubernetes Canary Deployment

Create a Kubernetes Rolling Deployment

Create a Kubernetes Blue/Green Deployment

Kubernetes Workflow Variables and Expressions

Create Kubernetes Namespaces based on InfraMapping

Create Kubernetes Namespaces with Workflow Variables

Set Up Kubernetes Traffic Splitting

Deploy Manifests Separately using Apply Step

Use Kustomize for Kubernetes Deployments

Ignore a Manifest File During Deployment

Set up Kubernetes Ingress Rules

Scale Kubernetes Pods

Delete Kubernetes Resources

Traffic Splitting Without Istio

Upgrade to Helm 3 Charts in Kubernetes Services

Using OpenShift with Harness Kubernetes

Harness Kubernetes V2 Changes

Use Helm Chart Hooks in Kubernetes Deployments

Run Kubernetes Jobs

Pivotal Cloud Foundry Deployments

1 - Delegate and Connectors for PCF

2 - Services for PCF

3 - PCF Environments

4 - PCF Workflows and Deployments

Using CLI Plugins in Harness PCF Deployments

Traditional Deployments Overview

1 - Delegate, Providers, and Connectors Setup

2 - Services for App Packages

3 - App Stacks and Default Variables

4 - Commands and Scripts

5 - Environments for Traditional Deployments

6 - Traditional Workflows and Deployments

Create an Application

Add a Service

Use Script Based Services

Add Service Config Variables

Add Service Config Files

Using Custom Artifact Sources

Service Types and Artifact Sources

Add a Docker Artifact Source

Add an Azure DevOps Artifact Source

Add an Environment

Add an Infrastructure Definition

Migrating from Service Infrastructures to Infrastructure Definitions

Service Infrastructures

Override a Service Configuration in an Environment

Override Variables at the Infrastructure Definition Level

Workflows

Add a Workflow

Deploy Individual Workflows

Verify Workflow

Add a Workflow Notification Strategy

Define Workflow Failure Strategy

Set Workflow Variables

Use Steps for Different Workflow Tasks

Add Phases to a Workflow

Synchronize Workflow Deployments using Barriers

Templatize a Workflow

Clone a Workflow

Configure Workflows Using YAML

Using the HTTP Command

Using the Shell Script Step

Using the Jenkins Command

Jira Integration

ServiceNow Integration

Resource Restrictions

Workflow Queuing

Target Specific Hosts During Deployment

Using the Terraform Apply Command

Skip Workflow Steps

Rollback Production Deployments

Select Nodes in a Rolling Deployment Workflow

Workflow Steps UI Changes

Integrate Tests into Harness Workflows

Deploy Multiple Services Simultaneously using Barriers

Create a Pipeline

Resume Pipeline Deployments

Create Pipeline Templates

Pipeline Skip Conditions

Terraform How-tos

Set Up Your Harness Account for Terraform

Add Terraform Scripts

Map Terraform Infrastructure

Provision using the Terraform Provisioner Step

Perform a Terraform Dry Run

Remove Provisioned Infra with Terraform Destroy

Use Terraform Outputs in Workflow Steps

CloudFormation How-tos

Set Up Your Harness Account for CloudFormation

Add CloudFormation Templates

Map CloudFormation Infrastructure

Provision using CloudFormation Create Stack

Using CloudFormation Outputs in Workflow Steps

Remove Provisioned Infra with CloudFormation Delete Stack

Shell Script Provisioner

Infrastructure Provisioners Overview

Provision Infrastructure Without Deploying to It

Trigger Workflows and Pipelines

Harness UI Approvals

Jira Approvals

Custom Shell Script Approvals

ServiceNow Approvals

Using Variables in Workflow Approvals

Passing Variables into Workflows and Pipelines from Triggers

Pass Variables between Workflows

Harness GitOps

Onboard Teams Using GitOps

Enable Continuous Efficiency for Kubernetes

Enable Continuous Efficiency for Amazon Web Services (AWS)

Enable Continuous Efficiency for Google Cloud Platform (GCP)

Create a Budget

Analyze Cost Across Applications

Analyze Cost Across Clusters

Analyze Cost for AWS

Analyze Cost for GCP

Perform Root Cost Analysis

Set Up 24/7 Service Guard

Apply Custom Thresholds to 24/7 Service Guard

Add AppDynamics as a Verification Provider

Monitor Applications 24/7 with AppDynamics

Verify Deployments with AppDynamics

Templatize AppDynamics Verification

Set AppDynamics Environment Variables

Connect to Bugsnag

Monitor Applications 24/7 with Bugsnag

Verify Deployments with Bugsnag

Connect to CloudWatch

Monitor Applications 24/7 with CloudWatch

Verify Deployments with CloudWatch

Connect to Datadog

Monitor Applications 24/7 with Datadog Logging

Monitor Applications 24/7 with Datadog Metrics

Verify Deployments with Datadog Logging

Verify Deployments with Datadog Metrics

Connect to Dynatrace

Monitor Applications 24/7 with Dynatrace

Verify Deployments with Dynatrace

Connect to Elasticsearch (ELK)

Monitor Applications 24/7 with Elasticsearch

Verify Deployments with Elasticsearch

Troubleshoot Verification with Elasticsearch

Connect to Logz.io

Verify Deployments with Logz.io

Connect to New Relic

Monitor Applications 24/7 with New Relic

New Relic Deployment Marker

Verify Deployments with New Relic

Troubleshooting New Relic

Connect to Prometheus

Monitor Applications 24/7 with Prometheus

Verify Deployments with Prometheus

Connect to Splunk

Monitor Applications 24/7 with Splunk

Verify Deployments with Splunk

Connect to Stackdriver

Monitor Applications 24/7 with Stackdriver Logging

Monitor Applications 24/7 with Stackdriver Metrics

Verify Deployments with Stackdriver Logging

Verify Deployments with Stackdriver Metrics

Connect to Sumo Logic

Monitor Applications 24/7 with Sumo Logic

Verify Deployments with Sumo Logic

Instana Verification Overview

1 – Instana Connection Setup

2 – 24/7 Service Guard for Instana

3 – Verify Deployments with Instana

Custom Verification Overview

1 - Custom Verification Connection Setup

2 - 24/7 Service Guard for Custom Logs

3 - 24/7 Service Guard for Custom Metrics

4 - Verify Deployments with Custom APMs and Logs

5 - Datadog as a Custom APM

6 – AppDynamics as a Custom APM

File Jira Tickets on Verification Events

Apply Custom Thresholds to Deployment Verification

Refine 24/7 Service Guard Verification Analysis

Refine Deployment Verification Analysis

Add a Secrets Manager

Add Google KMS as a Harness Secrets Manager

Add an AWS KMS Secrets Manager

Add a HashiCorp Vault Secrets Manager

Azure Key Vault Secrets

Add an AWS Secrets Manager

Add a CyberArk Secrets Manager

Migrate Secrets between Secrets Managers

Reference Existing Secret Manager Secrets

Add SSH Keys

Use SSH Key via Kerberos for Server Authentication

Add WinRM Connection Credentials

Use Encrypted Text Secrets

Use Encrypted File Secrets

Managing Harness Secrets

Restrict Secrets Usage

Use Secrets in a Delegate Profile

Managing Users and Groups (RBAC)

Set Up RBAC for Application Release Process

Authentication Settings

SSO Provider Overview

Single Sign-On (SSO) with OAuth 2.0

Single Sign-On (SSO) with LDAP

Single Sign-On (SSO) with SAML

Provisioning Users with Okta (SCIM)

Two-Factor Authentication

Deployment Freeze

IP Whitelist Management

API Keys

Audit Trail

Pipeline Governance

Provision Users and Groups with OneLogin (SCIM)

Provision Azure AD Users and Groups (SCIM)

Custom Dashboards

Share a Custom Dashboard

Kubernetes Connected On-Prem Setup

Docker Connected On-Prem Setup

Docker Connected On-Prem Monitoring

Docker Connected Start/Stop Scripts

Harness Disconnected On-Prem Setup

OpenShift Connected On-Prem Setup

Connected On-Prem Disaster Recovery Strategy (3 Node Architecture)

Connected On-Prem Backup and Restore Strategy

On-Prem Migration

View Harness Git Sync Activity

Introduction to Harness GraphQL API

Harness API Explorer

API Schema and Structure

Building Applications Using Postman

Trigger Workflows or Pipelines Using GraphQL API

Filter Harness Entities using Harness Tags in the API

Fetch Artifact Source Details Using GraphQL APIs

Use Cloud Providers API

Use Harness Applications API

Use Workflows API

Use Services API

Use Pipelines API

Use Users and Groups API

Use Audit Trails API

Use API to Retrieve IDs by Name

Encrypted Text API

Encrypted Files API

SSH Credentials API

WinRM Credentials API

Deprecated API Features

Leverage Harness GraphQL APIs in Automation Scripts

Configuration as Code

Harness YAML Code Reference

What is a Harness Variable Expression?

Availability and Scope of Harness Variables

JSON and XML Functors

Main and Services Dashboards

Serverless Functions Dashboard

Harness Search

Delegate Connection Requirements

Delegate Server Requirements

Common Delegate Profile Scripts

Harness Editions

Nexus Artifact Sources

Kubernetes Versioning and Annotations

Verification Event Classifications

Harness On-Prem Release Notes

Harness SaaS Release Notes

Troubleshooting

Diagnose Issues

Harness Kubernetes Implementation v1 FAQ

Diagnose Git Sync Errors

Deployment Concepts and Strategies

CI/CD with the Build Workflow

Artifact Build and Deploy Pipelines Overview

AWS AMI Deployments Overview

AMI Spotinst Elastigroup Deployments Overview

AWS ECS Deployments Overview

AWS Lambda Deployments Overview

Azure Kubernetes Service (AKS) Deployments Overview

Native Helm Deployments Overview

IIS (.NET) Deployments Overview

Kubernetes Deployments Overview

Pivotal Deployments Overview

Terraform Provisioning with Harness

CloudFormation Provisioning with Harness

Shell Script Provisioning with Harness

Harness HashiCorp Integrations

Continuous Efficiency Overview

Cost Explorer Walkthrough

What Is Continuous Verification (CV)?

Why Perform Continuous Verification?

When Does Harness Verify Deployments?

How Does Harness Perform Continuous Verification?

Who Are Harness' Verification Providers?

Verification Results Overview

Harness Verification Feedback Overview

24/7 Service Guard Overview

CV Strategies, Tuning, and Best Practices

AppDynamics Verification Overview

Bugsnag Verification Overview

CloudWatch Verification Overview

Datadog Verification Overview

Dynatrace Verification Overview

Elasticsearch Verification Overview

Prometheus Verification Overview

Splunk Verification Overview

Stackdriver Verification Overview

New Relic Verification Overview

Sumo Logic Verification Overview

On-Prem Overview

What is Secrets Management?

Customer Case Studies

Overview of Harness

Canary Deployment Video

Create an Application and Service Video

Create an Environment Video

Create a Workflow Video

Create a Pipeline Video

Create a Trigger Video

Overview of Continuous Efficiency

Cost Explorer Overview

All Categories > How-to Guides > Harness On-Prem > Docker Connected On-Prem Setup

Docker Connected On-Prem Setup

Updated 3 months ago by Michael Cretzman

Installation Overview
System Specifications
- Ambassador Virtual Machine Setup
Prepare Your Infrastructure
Set Up Harness Connected On-Prem
Post-Installation Steps
Upgrading Your Installation
Managing Your Installation

This document describes the process for setting up Harness Docker Connected On-Prem. There is also a Kubernetes Connected On-Prem (recommended) option.

In the Docker Connected On-Prem architecture, the Harness Manager runs in your enterprise environment ("on-premises") and Harness manages the installation through a connection to Harness' Cloud.

For more information about Harness Connected On-Prem, see Harness Key Concepts and On-Prem Overview.

In this topic:

Installation Overview
System Specifications
Prepare Your Infrastructure
Set Up Harness Connected On-Prem
Post-Installation Steps
Upgrading Your Installation
Managing Your Installation

Harness on-prem installations do not currently support the Harness Helm Delegate.

Installation Overview

The Harness platform consists of several microservices. These microservices are containerized and spread across the three physical host machines.

Once you are signed up with Harness, you will download and install an Ambassador that acts as a proxy between your data center and the Harness cloud. The Ambassador makes one-way outbound HTTPS calls to the Harness cloud, and installs, upgrades, and manages the Harness Connected On-Prem installation process for you.

Harness Connected On-Prem installation is managed by Harness Support. The high-level steps for installing Harness Connected On-Prem are:

Prepare your on-premises infrastructure for Harness.
Provide Harness with your infrastructure information via email.
Download and run the Ambassador (the tool Harness uses to initiate your Harness Connected On-Prem deployment), and notify Harness that the Ambassador is running.
Harness triggers the installation and notifies you.
Point your browser at the URL for your Connected Harness On-Prem.
Download the Harness Delegate and begin setup.

System Specifications

Harness On-Prem has the following requirements:

Component	Description
Hosts for Harness Microservices	3 Linux Machines: 18 cores, 40 GB Memory, 350 GB Disk Space Packages: Docker, cURL, unzip, sed
Host for Ambassador and Monitoring	1 Linux Machine: 4 cores, 8 GB Memory, 20 GB Disk Space
Load Balancer	SSL Certificates installed
Internal Connectivity
SSH Interconnectivity	Keyless SSH interconnectivity is required among all four hosts. The SSH Key must be present on all machines, so that they may connect to each other.
Firewall Rules
Internal Source: Application Subnet	Destination: Load Balancer Port 443 (HTTPS) Protocol: TCP
Internal Source: Load Balancer (`harness.<your_company>.com`)	Destination: Machines/Subnet Port 7143 Protocol: TCP
Internal Source: Harness Machine/Subnet	Destination: Machines/Subnet (within subnet) Port 7143–7153 Protocol: TCP
Ambassador Outbound Connectivity	Destination: app.harnes.io Port 443 (HTTPS) Protocol: TCP

Ambassador Virtual Machine Setup

The Harness Ambassador is the only required component that needs outbound-only connectivity to app.harness.io:443. The Harness Cloud uses Ambassador to manage the installation of Harness On-Prem. The Ambassador has the following connectivity and access requirements:

Connectivity to the Harness Cloud: Connectivity to the Harness Cloud via hostname app.harness.io and port 443. The following command will check connectivity to the Harness Cloud:

nc -vz app.harness.io 443

Proxy file-size limit: If you have a proxy set up in front of the Ambassador to reach app.harness.io, ensure that your proxy's configuration allows downloads of files as large as 2 GB. This is required to pull the artifacts that the Ambassador will download to install and upgrade Harness microservices. On Apache, set this limit using theLimitRequestBodydirective. On nginx, use the client_max_body_sizedirective.

Prepare Your Infrastructure

Before installation, do the following setup steps:

Configure four machines according to the System Specifications.
Make sure network rules and internal connectivity are configured according to the same section's Firewall Rules.
Make sure the machine dedicated to the Ambassador has outbound connectivity, as outlined in Ambassador Virtual Machine Setup.
Make sure the Docker daemon is running on all four machines, and that the Service Account User can run Docker as a non-root user. For details, see Docker's Post-Installation Steps for Linux.
Make sure the load balancer is configured to redirect URL requests to port 7143 on the three host machines.
Proceed to Set Up Harness Connected On-Prem.

Set Up Harness Connected On-Prem

Once you have prepared and verified your system, using the checks in Prepare Your Infrastructure above:

Send the following information to Harness Support at support@harness.io with the subject Harness On‑Prem Information:

Three Hosts on the Same Subnet:
- Host 1 IP Address (Private IP):
- Host 2 IP Address (Private IP):
- Host 3 IP Address (Private IP):
Load Balancer URL:
SSH User (Service Account User):
SSH Key File Path:
Linux OS Distribution:
Harness Application and Data Installation Directory (Absolute Path):
Harness Support will configure your system based on the information you sent, and then email you an Ambassador URL.

After receiving the Ambassador download URL from Harness Support, perform the following steps on its dedicated machine:
1. Download the Ambassador.
2. Expand the archive.
3. Start the Ambassador: $./start_ambassador.sh
Once the Ambassador is up and running, contact Harness Support (at support@harness.io), or your Harness sales representative, to notify them of your on-prem setup.
Using Ambassador, Harness Support will validate all the infrastructure and pre-install checks.
After validation, Harness Support triggers the installation and deployment of Harness On-Prem onto your infrastructure.
Proceed to Post-Installation Steps.

Post-Installation Steps

After installing Harness On-Prem, create a Harness account and set up your Harness Delegate, as follows;

Go to the onprem-signup URL: <Loadbalancer_URL>/#/onprem-signup
Create a new Harness account. Use the form fields to set your Admin Account email address and password.
You can use this form only once. Subsequent users must be added using an email invite (see Managing Users and Groups (RBAC)).
Log into your Harness account at your <Loadbalancer_URL>.
Start using Harness by downloading and installing a Harness Delegate, as described in Delegate Installation.

Upgrading Your Installation

Harness releases weekly upgrades for on-premise systems. You can check our weekly Release Notes here.

Harness Support will email you each time an upgrade is available. You can then schedule an upgrade window with Harness Support. Based on this window, Harness Support will use the Ambassador to upgrade your setup.

You do not need to download and install a new Delegate. Any existing Delegates will automatically upgrade.

Managing Your Installation

To monitor the ongoing health of your Docker Connected On-Prem setup, see Docker Connected On‑Prem Monitoring.

To stop Harness microservices, or to restart them after a box or its Docker daemon crashes, see Docker Connected Start/Stop Scripts.

Docker Connected On-Prem Setup

Installation Overview

System Specifications

Ambassador Virtual Machine Setup

Prepare Your Infrastructure

Set Up Harness Connected On-Prem

Post-Installation Steps

Upgrading Your Installation

Managing Your Installation

How did we do?

Related Articles Harness Disconnected On-Prem Setup Docker Connected On-Prem Monitoring OpenShift Connected On-Prem Setup

Feedback

Related Articles

Harness Disconnected On-Prem Setup

Docker Connected On-Prem Monitoring

OpenShift Connected On-Prem Setup