Docker Connected On-Prem Setup
This document describes the process for setting up Harness Docker Connected On-Prem. There is also a Kubernetes Connected On-Prem (recommended).
In the Docker Connected On-Prem architecture, the Harness Manager runs in your enterprise environment ("on-premises") and Harness manages the installation through a connection to Harness' Cloud.
For more information about Harness Connected On-Prem, see Harness Architecture and On-Prem Overview.
In this topic:
- Installation Overview
- Set Up Harness Connected On-Prem
- Verification and Account Set Up
- Harness On-Prem Evaluation Requirements
- Harness On-Prem Production Requirements
Installation Overview
The Harness platform comprises five microservices:
- Proxy/Load Balancer
- User Interface
- Machine Learning Engine
- Manager
- Database
Each microservice is containerized and is deployed on every physical machine.
Once you are signed up with Harness, you download and install an Ambassador that acts as a proxy between your data center and Harness Cloud. The Ambassador makes one-way outbound HTTPS calls to the Harness cloud, initiates the on-prem installation across your physical machines, and automates the Harness Connected On-Prem installation process for you.
Harness Connected On-Prem installation is managed by Harness Support and takes minutes.
The high-level steps for obtaining Harness Connected On-Prem are:
- Prepare your on-premises infrastructure for Harness.
- Provide Harness with your infrastructure information via email.
- Download and run the Ambassador, the tool Harness uses to initiate your Harness Connected On-Prem deployment, and notify Harness that the Ambassador is running.
- Harness triggers the installation and notifies you.
- Point your browser at the URL for your Connected Harness On-Prem.
- Download the Harness Delegate and begin setup.
Set Up Harness Connected On-Prem
To set up Harness Connected On-Prem, do the following:
- Prepare your on-premises infrastructure for Harness. There are separate requirements for Harness Connected On-Prem Evaluation and Harness Connected On-Prem Production.
For the requirements, see Harness On-Prem Evaluation Requirements and Harness On-Prem Production Requirements. - Once your infrastructure is configured, send the infrastructure information to Harness Support at support@harness.io with the subject Harness On-Prem Information.
Use the following list to enter your information and paste it into your email:- Company Name*:
- Account Name:
- Primary Admin Email Address*:
- Host 1 IP Address (Private IP)*:
- Host 2 IP Address (Private IP)**:
- Host 3 IP Address (Private IP)**:
- Load Balancer URL (including https:// scheme)**:
- SSH Username*:
- SSH Key File Path*:
SSH interconnectivity is required among all three hosts. The SSH Key must be present on all machines so they may connect to each other. - Harness support will make an account entry in the Harness cloud based on the information you sent and then provide you with an URL for the Ambassador download.
- Run the Ambassador on any one machine. You do not need to run the Ambassador as root. You can run it using a user account. After receiving the Ambassador download URL from Harness Support, perform the following steps on one or more of the hosts you provided to Harness.
- Download the Ambassador using cURL.
- Expand the archive.
- Edit the
start.ambassador.shfile, setting theDELEGATE_NAMEvariable to the pattern:<your‑company‑name>-ambassador. For example, if installing at Harness, we'd set this to:Harness‑ambassador. - Start the Ambassador:
$./start_ambassador.sh
- Once the Ambassador is up and running, notify Harness Support at support@harness.io or the sales representative you are working with about your on-prem setup.
- Using Ambassador, Harness Support will validate the connectivity of the Ambassador to the Cloud and run pre-install checks.
- After validation, the Harness Team triggers the installation and deployment of your version of Connected Harness On-Prem onto your infrastructure.
Verification and Account Setup
The Harness Team will run a post-install Workflow to verify that Harness On-Prem is working as expected.
Once the Harness Team has verified operation of your new installation, go to the URL <LoadBalancerUrl>/#/onprem-signup and create the account for the organization.
Harness On-Prem Evaluation Requirements
Harness On-Prem Evaluation has the following requirements.
Component | Description |
System | 1 Linux Machine:
|
Firewall Rules | |
Internal Source: Application Subnet |
|
External Source: Harness Machine/Subnet |
|
External Source: Docker Hub |
|
Harness On-Prem Production Requirements
Harness On-Prem Production has the following requirements.
Component | Description |
System | 3 Linux Machine:
|
Load Balancer | SSL Certificates installed |
Firewall Rules | |
Internal Source: Application Subnet |
|
Internal Source: Load Balancer(harness.your_company.com) |
|
Internal Source: Harness Machine/Subnet |
|
External Source: Harness Machine/Subnet |
|
External Source: Docker Hub |
|
Notes
The Harness Delegate is installed in your network and connects to Harness Connected On-Prem. The Delegate has the following requirements:
- Linux/UNIX server.
- Minimum 8GB RAM.
- Minimum 6GB Disk Space.
- Access to artifact servers, deployment environments, and cloud providers.
- If you are using RHEL7, or any other operating system, with the
SELinuxmode on: You must turn off that mode. You can check the mode's state by running thegetenforceterminal command.
The Delegate provides the following flexibility:
- Multiple Delegates can be used and their scope can be managed.
- The Harness Delegate does NOT require root account access. Use a service account for the Harness Delegate.
For more information, see Delegate Installation.