Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

we can't login into harbor #1696

Open
syslabtech opened this issue Feb 6, 2024 · 2 comments
Open

we can't login into harbor #1696

syslabtech opened this issue Feb 6, 2024 · 2 comments
Labels
Stale

Comments

@syslabtech
Copy link

we have set up the latest version of Harbor 2.10.

we are facing an issue with harbor login ( unauthorized access ). In setup, we have connected external Redis. when we have connected internal Redis the harbor login is properly working but it does not work with external Redis.

In external Redis configure in harbor then login case 4 of 10 successfully login without unauthorized access.

Here is configuration of Redis:
external:
# support redis, redis+sentinel
# addr for redis: <host_redis>:<port_redis>
# addr for redis+sentinel: <host_sentinel1>:<port_sentinel1>,<host_sentinel2>:<port_sentinel2>,<host_sentinel3>:<port_sentinel3>
addr: "redis.ns-harbor.svc.cluster.local:6379"
# The name of the set of Redis instances to monitor, it must be set to support redis+sentinel
sentinelMasterSet: ""
# The "coreDatabaseIndex" must be "0" as the library Harbor
# used doesn't support configuring it
# harborDatabaseIndex defaults to "0", but it can be configured to "6", this config is optional
# cacheLayerDatabaseIndex defaults to "0", but it can be configured to "7", this config is optional
coreDatabaseIndex: "0"
jobserviceDatabaseIndex: "1"
registryDatabaseIndex: "2"
trivyAdapterIndex: "5"
# harborDatabaseIndex: "6"
# cacheLayerDatabaseIndex: "7"
# username field can be an empty string, and it will be authenticated against the default user
username: ""
password: ""
# If using existingSecret, the key must be REDIS_PASSWORD
existingSecret: ""

Additional deployment annotations

podAnnotations: {}

Additional deployment labels

podLabels: {}

we have also checked the logs of Redis it is a proper
Here are the logs of Redis:
1:M 06 Feb 2024 07:50:34.057 * Background saving started by pid 240
240:C 06 Feb 2024 07:50:34.060 * DB saved on disk
240:C 06 Feb 2024 07:50:34.060 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
1:M 06 Feb 2024 07:50:34.158 * Background saving terminated with success
1:M 06 Feb 2024 07:55:35.033 * 10 changes in 300 seconds. Saving...
1:M 06 Feb 2024 07:55:35.034 * Background saving started by pid 241
241:C 06 Feb 2024 07:55:35.037 * DB saved on disk
241:C 06 Feb 2024 07:55:35.037 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
1:M 06 Feb 2024 07:55:35.135 * Background saving terminated with success
1:M 06 Feb 2024 08:00:36.004 * 10 changes in 300 seconds. Saving...
1:M 06 Feb 2024 08:00:36.004 * Background saving started by pid 242
242:C 06 Feb 2024 08:00:36.007 * DB saved on disk
242:C 06 Feb 2024 08:00:36.007 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
1:M 06 Feb 2024 08:00:36.105 * Background saving terminated with success
1:M 06 Feb 2024 08:05:37.011 * 10 changes in 300 seconds. Saving...
1:M 06 Feb 2024 08:05:37.012 * Background saving started by pid 243
243:C 06 Feb 2024 08:05:37.015 * DB saved on disk
243:C 06 Feb 2024 08:05:37.015 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
1:M 06 Feb 2024 08:05:37.113 * Background saving terminated with success

Here are logs of harbor-core

2024-02-06T08:10:03Z [DEBUG] [/core/auth/authenticator.go:145]: Current AUTH_MODE is db_auth
2024-02-06T08:10:03Z [DEBUG] [/core/session/session.go:158]: failed to save sid=994021cef32a51d64b47741ec63f0033, where oldsid=9878d9e3cfc6af990d855393da8ff8b3, error: failed to encode value, key
994021cef32a51d64b47741ec63f0033, error: object type invalid, ""
2024-02-06T08:10:03Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id fa176597-6817-4889-906f-104328258489 to the logger for the request GET /api/v2.0/systeminfo
2024-02-06T08:10:03Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/systeminfo
2024-02-06T08:10:03Z [DEBUG] [/server/middleware/security/session.go:47][requestID="fa176597-6817-4889-906f-104328258489"]: a session security context generated for request GET /api/v2.0/systeminf
o
2024-02-06T08:10:03Z [DEBUG] [/pkg/config/manager.go:142]: failed to get key banner_message, error: the configure value is not set, maybe default value not defined before get
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 2ccd3f07-faff-4b67-a908-06edc8bcf046 to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="2ccd3f07-faff-4b67-a908-06edc8bcf046"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 53cefb6c-1b98-4a95-8c5a-762ebc67f92d to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:06Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="53cefb6c-1b98-4a95-8c5a-762ebc67f92d"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:13Z [DEBUG] [/pkg/task/dao/execution.go:462]: skip to refresh, no outdate execution status found
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id aeddb2a2-d0ae-4ffa-b9a8-0f27754a661e to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="aeddb2a2-d0ae-4ffa-b9a8-0f27754a661e"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 2c4a3512-e36f-402f-8d67-2b19458f8fbd to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:16Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="2c4a3512-e36f-402f-8d67-2b19458f8fbd"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:23Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 322c989c-7ce0-432b-9c13-db15f20d788d to the logger for the request GET /api/v2.0/health
2024-02-06T08:10:23Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/health
2024-02-06T08:10:23Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="322c989c-7ce0-432b-9c13-db15f20d788d"]: an unauthorized security context generated for request GET /api/v2.
0/health
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 8170b38a-ea84-4f09-9482-3b94df1a8211 to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id e29cd4c8-a1ec-4931-927c-b9eaf475e1dd to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="8170b38a-ea84-4f09-9482-3b94df1a8211"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:26Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="e29cd4c8-a1ec-4931-927c-b9eaf475e1dd"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 29f5c15a-ccbb-4d9e-8e9f-a149d0f00399 to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/log/log.go:31]: attach request id 268daa61-279f-4dfd-94fe-a0de820816e2 to the logger for the request GET /api/v2.0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/artifactinfo/artifact_info.go:55]: In artifact info middleware, url: /api/v2.0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="29f5c15a-ccbb-4d9e-8e9f-a149d0f00399"]: an unauthorized security context generated for request GET /api/v2.
0/ping
2024-02-06T08:10:36Z [DEBUG] [/server/middleware/security/unauthorized.go:28][requestID="268daa61-279f-4dfd-94fe-a0de820816e2"]: an unauthorized security context generated for request GET /api/v2.
0/ping

how can we fix this issue on Harbor?
@zyyw
Copy link
Collaborator

zyyw commented Feb 22, 2024

@syslabtech you cannot login via Harbor Portal web UI or cannot docker login ?

@github-actions GitHub Actions
Copy link

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

@github-actions github-actions bot added the Stale label Jun 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zyyw @syslabtech