harbor

安裝docker，官網，這裏主要是docker-compose.
yum install epel-release
yum install python-pip -y
pip install --upgrade pip
pip install docker-compose
docker-compose -v
wget http://harbor.orientsoft.cn/harbor-v1.4.0/harbor-offline-installer-v1.4.0.tgz
1 採用HTTPS，這裏主要是證書的生成過程。
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt -subj "/C=CN/L=shenzhen/O=we2tu/CN=harbor-registry"
openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.we2tu.com.key -out server.csr -subj "/C=CN/L=shenzhen/O=we2tu/CN=harbor.we2tu.com"
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out harbor.we2tu.com.crt

2 關於配置文件的修改：
vim harbor.cfg
1 hostname
2 證書位置：上述搭建完畢後，須要在客戶端設置倉庫地址，並加載證書：
[root@node200 harbor.we2tu.com]# scp root@172.17.0.207:/data/cert/harbor.we2tucom.crt .
The authenticity of host '172.17.0.207 (172.17.0.207)' can't be established.
ECDSA key fingerprint is SHA256:HQSZIXbDyL10+dSUzcN+rgvPVFA8gnmixkIpnZDG9NY.
ECDSA key fingerprint is MD5:1b:48:82:27:a4:97:19:9e:80:b0:c4:69:69:e8:45:60.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.207' (ECDSA) to the list of known hosts.
root@172.17.0.207's password:
harbor.we2tucom.crt 100% 1818 836.6KB/s 00:00
[root@node200 harbor.we2tu.com]# ls
harbor.we2tucom.crt，
[root@node200 harbor.we2tu.com]# docker login harbor.we2tu.com
#docker login -u admin -p Harbor12345 ip地址這個是無交互的操做，也是一種方式。
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@node200 harbor.we2tu.com]# pwd
/etc/docker/certs.d/harbor.we2tu.com 證書的位置，注意此目錄沒有須要建立，我這裏是centos7.5
[root@node200 harbor.we2tu.com]# ls
harbor.we2tucom.crt
演示上傳下載鏡像：
[root@node206 ~]# docker tag nginx:latest harbor.we2tu.com/java/nginx:latest
[root@node206 ~]# docker push harbor.we2tu.com/java/nginx:latest
The push refers to repository [harbor.we2tu.com/java/nginx]
579c75bb43c0: Pushed
67d3ae5dfa34: Pushed
8b15606a9e3e: Pushed
latest: digest: sha256:c0b69559d28fb325a64c6c8f47d14c26b95aa047312b29c699da10380e90b4d7 size: 948

若是是docker 原生registry,客戶端須要編輯文檔：
xtadmin@docker960:~$ vim /etc/docker/daemon.json 這個是ubuntu安裝的docker

{

"bip":"192.168.39.1/24",
"insecure-registries": [
"git.we2tu.com:5000"
],

"registry-mirrors": [
"http://04be47cf.m.daocloud.io"
]

}

參考連接

http://www.javashuo.com/article/p-fuvqjedt-kg.html

https://github.com/goharbor/harbor/blob/master/docs/configure_https.md
http://www.javashuo.com/article/p-qmexxcdp-ch.html

https://blog.51cto.com/10880347/2326146 kubernetes 1.13 的安裝和部署過程