Docker私有倉庫Harbor v1.6.1安裝
阿新 • • 發佈:2018-11-13
-
環境
系統: CentOS 7.5.1804
核心: 4.18.7-1.el7.elrepo.x86_64
Docker-ce 18.09
docker-compose 1.23.1
Harbor v1.6.1
Harbor主機IP:192.168.1.3
Docker連線倉庫的時候預設走的是HTTPS協議。
準備一個域名,並且申請個免費的通配證書。
!!!關閉防火牆和SELINUX!!!
-
安裝Docker和docker-compose
#安裝Docker
wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce
mkdir /etc/docker/
cat << EOF > /etc/docker/daemon.json
{ "registry-mirrors": ["https://registry.docker-cn.com"],
"live-restore": true,
"default-shm-size": "128M",
"max-concurrent-downloads": 10,
"oom-score-adjust": -1000,
"debug": false
}
EOF
#配置相關的轉發引數
cat <<EOF > /etc/sysctl.d/docker.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
#安裝docker-compose
yum install -y python-pip
pip install docker-compose
systemctl daemon-reload
systemctl enable docker
systemctl restart docker
###############################################
[ -
下載Harbor
#發行版本:https://github.com/goharbor/harbor/releases #下載online包,可能需要科學上網 cd $HOME wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v1.6.1.tgz #解壓 tar -xf harbor-online-installer-v1.6.1.tgz cd harbor [[email protected] ~]# cd harbor/ [[email protected] harbor]# ll total 1588 drwxr-xr-x 3 root root 23 Nov 13 15:03 common -rw-r--r-- 1 root root 727 Nov 9 13:59 docker-compose.chartmuseum.yml -rw-r--r-- 1 root root 777 Nov 9 13:59 docker-compose.clair.yml -rw-r--r-- 1 root root 1258 Nov 9 13:59 docker-compose.notary.yml -rw-r--r-- 1 root root 3589 Nov 9 13:59 docker-compose.yml drwxr-xr-x 3 root root 136 Nov 9 13:59 ha -rw-r--r-- 1 root root 7913 Nov 9 13:59 harbor.cfg -rwxr-xr-x 1 root root 6162 Nov 9 13:59 install.sh -rw-r--r-- 1 root root 10768 Nov 9 13:59 LICENSE -rw-r--r-- 1 root root 482 Nov 9 13:59 NOTICE -rw-r--r-- 1 root root 1535603 Nov 9 13:59 open_source_license -rwxr-xr-x 1 root root 39496 Nov 9 13:59 prepare ####################################################### harbor.cfg #這就是harbor的配置檔案了 install.sh #安裝指令碼 docker-compose.yml #docker-compose啟動檔案
-
修改harbor.cfg檔案
#配置檔案詳解:https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md#configuring-harbor
#需要修改的有以下幾項:
#hostname設定訪問地址,可以使用ip、域名,不可以設定為127.0.0.1或localhost
hostname = registry.lotbrick.com
#訪問協議,預設是http,也可以設定https
#如果啟用了HTTPS,那麼最好使用一個能夠被瀏覽器認證的ssl證書,否則其他docker不信任該ssl證書,無法通訊
#如果啟用的是HTTP,那麼要在daemon.json配置中配置:insecure-registries欄位,讓docker與該倉庫通訊時使用http協議
ui_url_protocol = https
#啟動Harbor後,管理員UI登入的密碼,預設是Harbor12345
harbor_admin_password = Harbor12345
#倉庫複製時啟動的執行緒數
max_job_workers = 3
#SSL證書的路徑,僅在協議設定為https時應用,宿主機路徑
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
#金鑰儲存路徑,如:倉庫複製的金鑰
secretkey_path = /data
#郵件設定,傳送重置密碼郵件時使用
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = [email protected]
email_password = abc
email_from = admin <[email protected]>
email_ssl = false
#認證方式,這裡支援多種認證方式,如LADP、本次儲存、資料庫認證。預設是db_auth,mysql資料庫認證
auth_mode = db_auth
#是否開啟自注冊
self_registration = on
#Token有效時間,預設30分鐘
token_expiration = 30
#使用者建立專案許可權控制,預設是everyone(所有人),也可以設定為adminonly(只能管理員)
project_creation_restriction = everyone
-
安裝Harbor
#將私鑰和證書重新命名並放入/data/cert資料夾
mkdir -pv /data/cert
####################################################################
[[email protected] cert]# pwd
/data/cert
[[email protected] cert]# ll
total 8
-rw-r--r-- 1 root root 3575 Nov 10 14:43 server.crt
-rw-r--r-- 1 root root 1675 Nov 10 14:43 server.key
[[email protected] cert]#
#執行install.sh安裝
cd $HOME/harbor
docker-compose pull
./install.sh
docker ps -a
#檢查harbor的狀態,確認所有的容器都處於up的狀態
[[email protected] harbor]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1949a6ca748c goharbor/harbor-jobservice:v1.6.1 "/harbor/start.sh" About a minute ago Up About a minute harbor-jobservice
162f83595512 goharbor/nginx-photon:v1.6.1 "nginx -g 'daemon of…" About a minute ago Up About a minute (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
46049917eebc goharbor/harbor-ui:v1.6.1 "/harbor/start.sh" About a minute ago Up About a minute (healthy) harbor-ui
d53e5cf18b05 goharbor/redis-photon:v1.6.1 "docker-entrypoint.s…" 2 minutes ago Up About a minute 6379/tcp redis
7f33cfd0d7ee goharbor/harbor-adminserver:v1.6.1 "/harbor/start.sh" 2 minutes ago Up About a minute (healthy) harbor-adminserver
585f5fd7886d goharbor/registry-photon:v2.6.2-v1.6.1 "/entrypoint.sh /etc…" 2 minutes ago Up About a minute (healthy) 5000/tcp registry
7f6f7925306d goharbor/harbor-db:v1.6.1 "/entrypoint.sh post…" 2 minutes ago Up About a minute (healthy) 5432/tcp harbor-db
927fd00420fe goharbor/harbor-log:v1.6.1 "/bin/sh -c /usr/loc…" 2 minutes ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[[email protected] harbor]#
-
Web頁面配置
#修改windows的hosts檔案,把registry.lotbrick.com指向到harbor主機的IP
#開啟瀏覽器輸入地址
#預設賬號是:admin,密碼是:Harbor12345
#登陸上去建立一個test倉庫做測試
-
測試上傳image到倉庫
#修改harbor主機的hosts,在harbor主機做測試
cat << EOF >> /etc/hosts
192.168.1.3 registry.lotbrick.com
EOF
#pull一個alpine映象下來
docker pull alpine
docker images
#修改alpine映象的tag
#修改後的格式:倉庫地址/倉庫名/映象名:標籤
docker tag alpine:latest registry.lotbrick.com/test/alpine:latest
#登陸倉庫並上傳映象
docker login registry.lotbrick.com
docker push registry.lotbrick.com/test/alpine:latest
#開啟web頁面,檢視映象是否上傳成功
-
換臺機器嘗試pull映象
#同樣,要修改一下hosts檔案
cat << EOF >> /etc/hosts
192.168.1.3 registry.lotbrick.com
EOF
#嘗試pull
docker pull registry.lotbrick.com/test/alpine:latest
