Introduction

Harbor is a popular, open-source container image registry that secures images with role-based access control, supports image replication, and integrates with external authentication systems. Like any registry, it’s critical to regularly back up your Harbor instance, including the database, image storage, configuration, and SSL certificates. This guide provides step-by-step instructions to automate Harbor backups and restore them when needed.

Prerequisites

Before proceeding, ensure the following:

• Docker is installed
• Harbor is installed via Docker Compose (e.g., /root/harbor)
• Your data directory is located at /data
• Optional: AWS CLI configured for S3 upload

DNS Configuration

Your Harbour instance should be accessible via a valid domain (e.g., dockerhub.<yourdomain>.com) and DNS A record should point to your server’s public IP.

Backup Strategy Overview

Your backup process should include the following components:

1. PostgreSQL Database
   Harbor stores metadata and configuration in its internal PostgreSQL database (harbor-db). Dumping this database is critical for a full restore.
2. Harbor Configuration Files
   These are typically stored under your Harbor installation directory (e.g., /root/harbor).
3. Image and Artifact Storage
   All image layers and associated files are stored under /data. This folder must be archived during backup.
4. Logs and SSL Certificates
   Include log directories and any SSL certificates stored within Harbor’s directories.
5. Automation
   Create a custom script that compresses the above components into a single archive and optionally uploads it to a cloud storage bucket (e.g., S3).
6. Retention Policy
   Implement a mechanism to retain only the latest few backups (e.g., last 5 backups) to conserve disk space.

Backup Process – Key Steps

You can design a backup script that performs the following actions:

• Create a backup directory (e.g., /opt/harbor/backups)
• Generate a timestamped filename
• Dump the Harbor PostgreSQL database (harbor-db) to a SQL file
• Archive the following:
  1. Harbor configuration directory (/root/harbor)
  2. Image and data storage directory (/data)
  3. Database dump file
  4. Harbor logs (/var/log/harbor) and SSL certs (if applicable)
• (Optional) Upload the archive to AWS S3 or another remote location
• Automatically remove older backups beyond a set limit (e.g., keep only 5 recent archives)

Restore Process – Key Steps

To restore a Harbor instance from backup:

1. Extract Backup Archive
   Unpack the desired backup archive in your backup directory (e.g., /opt/harbor/backups).
2. Restore Database
   1. Start the harbor-db container only using Docker Compose.
   2. Import the previously dumped SQL file back into the database.
3. Restore Configuration and Data
   1. Place the extracted harbor directory back to its original path (/root/harbor)
   2. Replace the /data directory with the backup copy (if necessary)

Verification

• Visit: https://dockerhub.<yourdomain>.com
• Check web UI, repositories, and certs.

Conclusion

With Harbor storing critical container images and metadata, a reliable backup and restore process is non-negotiable. This guide provides a complete approach to safely back up Harbor’s components, automate the process, and ensure fast disaster recovery using Docker Compose. Ensure regular testing of your backups and consider off-site storage (e.g., S3) for production environments.