Docker Connected On-Prem Setup

Updated 1 month ago by Michael Cretzman

This document describes the process for setting up Harness Docker Connected On-Prem. There is also a Kubernetes Connected On-Prem (recommended).

In the Docker Connected On-Prem architecture, the Harness Manager runs in your enterprise environment ("on-premises") and Harness manages the installation through a connection to Harness' Cloud.

For more information about Harness Connected On-Prem, see Harness Architecture and On-Prem Overview.

In this topic:

Installation Overview

The Harness platform comprises five microservices:

  • Proxy/Load Balancer
  • User Interface
  • Machine Learning Engine
  • Manager
  • Database

Each microservice is containerized and is deployed on every physical machine.

Once you are signed up with Harness, you download and install an Ambassador that acts as a proxy between your data center and Harness Cloud. The Ambassador makes one-way outbound HTTPS calls to the Harness cloud, initiates the on-prem installation across your physical machines, and automates the Harness Connected On-Prem installation process for you.

Harness Connected On-Prem installation is managed by Harness Support and takes minutes.

The high-level steps for obtaining Harness Connected On-Prem are:

  1. Prepare your on-premises infrastructure for Harness.
  2. Provide Harness with your infrastructure information via email.
  3. Download and run the Ambassador, the tool Harness uses to initiate your Harness Connected On-Prem deployment, and notify Harness that the Ambassador is running.
  4. Harness triggers the installation and notifies you.
  5. Point your browser at the URL for your Connected Harness On-Prem.
  6. Download the Harness Delegate and begin setup.

Set Up Harness Connected On-Prem

To set up Harness Connected On-Prem, do the following:

  1. Prepare your on-premises infrastructure for Harness. There are separate requirements for Harness Connected On-Prem Evaluation and Harness Connected On-Prem Production.

    For the requirements, see Harness On-Prem Evaluation Requirements and Harness On-Prem Production Requirements.
  2. Once your infrastructure is configured, send the infrastructure information to Harness Support at support@harness.io with the subject Harness On-Prem Information.

    Use the following list to enter your information and paste it into your email:
    • Company Name*:
    • Account Name:
    • Primary Admin Email Address*:
    • Host 1 IP Address (Private IP)*:
    • Host 2 IP Address (Private IP)**:
    • Host 3 IP Address (Private IP)**:
    • Load Balancer URL (including https:// scheme)**:
    • SSH Username*:
    • SSH Key File Path*:
    SSH interconnectivity is required among all three hosts. The SSH Key must be present on all machines so they may connect to each other.
  3. Harness support will make an account entry in the Harness cloud based on the information you sent and then provide you with an URL for the Ambassador download.
  4. Run the Ambassador on any one machine. You do not need to run the Ambassador as root. You can run it using a user account. After receiving the Ambassador download URL from Harness Support, perform the following steps on one or more of the hosts you provided to Harness.
    1. Download the Ambassador using cURL.
    2. Expand the archive.
    3. Start the Ambassador: $./start.sh
  5. Once the Ambassador is up and running, notify Harness Support at support@harness.io or the sales representative you are working with about your on-prem setup.
  6. Using Ambassador, Harness Support will validate the connectivity of the Ambassador to the Cloud and run pre-install checks.
  7. After validation, the Harness Team triggers the installation and deployment of your version of Connected Harness On-Prem onto your infrastructure.

Verification and Account Set Up

The Harness Team will run a post-install Workflow to verify that Harness On-Prem is working as expected.

Once the Harness Team has verified operation of your new installation, go to the URL <LoadBalancerUrl>/#/onprem-signup and create the account for the organization.

Harness On-Prem Evaluation Requirements

Harness On-Prem Evaluation has the following requirements.

Component

Description

System

1 Linux Machine:

  • 8 cores, 32GB Memory, 250GB Disk
  • Packages: Docker, cURL, unzip, sed

Firewall Rules

Internal Source: Application Subnet

  • Destination: Harness Machine/Subnet
  • Port 7143 (HTTPS)
  • Protocol: TCP

External Source: Harness Machine/Subnet

  • Destination: app.harnes.io
  • Port 443 (HTTPS)
  • Protocol: TCP

External Source: Docker Hub

  • Destination: hub.docker.com
  • Port 443 (HTTPS)
  • Protocol: TCP

Harness On-Prem Production Requirements

Harness On-Prem Production has the following requirements.

Component

Description

System

3 Linux Machine:

  • 16 cores, 32GB Memory, 250GB Disk
  • Packages: Docker, cURL, unzip, sed
  • SSH Keyless setup among machines

Load Balancer

SSL Certificates installed

Firewall Rules

Internal Source: Application Subnet

  • Destination: Load Balancer
  • Port 443 (HTTPS)
  • Protocol: TCP

Internal Source: Load Balancer(harness.your_company.com)

  • Destination: Machines/Subnet
  • Port 7143 (HTTPS)
  • Protocol: TCP

Internal Source: Harness Machine/Subnet

  • Destination: Machines/Subnet (within subnet)
  • Port 7143-7153 (HTTPS)
  • Protocol: TCP

External Source: Harness Machine/Subnet

  • Destination: app.harnes.io
  • Port 443 (HTTPS)
  • Protocol: TCP

External Source: Docker Hub

  • Destination: hub.docker.com
  • Port 443 (HTTPS)
  • Protocol: TCP

Notes

The Harness Delegate is installed in your network and connects to Harness Connected On-Prem. The Delegate has the following requirements:

  • Linux/UNIX server.
  • Minimum 8GB RAM.
  • Minimum 6GB Disk Space.
  • Access to artifact servers, deployment environments, and cloud providers.
  • Multiple delegates can be used and their scope can be managed.
  • The Harness Delegate does NOT require root account access. Use a service account for the Harness Delegate.

For more information, see Delegate Installation.

How did we do?