Docker: 企業級鏡像倉庫Harbor的使用
上一節,演示了Harbor的安裝部署php
此次咱們來說解 Harbor的使用。html
咱們須要瞭解到:java
1. 如何推鏡像到鏡像倉庫mysql
2. 如何從鏡像倉庫拉取鏡像 nginx
3. 如何運行從私有倉庫拉取的鏡像redis
# 查看 harbor服務狀態,都是up說明 harbor服務狀態正常
[root@192 harbor]# docker-compose ps
若是狀態不對,使用docker-compose restart重啓,或者使用docker-compose up -d 啓動容器,並後臺運行sql
瀏覽器打開 http://192.168.1.30 用戶名:admin 密碼:Harbor123456(在harbor.cfg配置的默認密碼,在部署harbor過程當中沒有修改過,因此用默認密碼登陸)docker
能夠經過[新建項目]來建立項目,json
訪問級別:公開,表明不須要登錄帳號就拉取(下載)鏡像; 私有,表明必須有登錄帳號和帳號的項目權限正確才能夠拉取(下載)鏡像; 無論什麼訪問級別,推送(上傳)鏡像到harbor倉庫,必須先登錄帳號,而且登錄帳號的項目權限正確。 centos
新建了一個用戶:testuser1,密碼:Test12345567;
給用戶testuser1添加library項目的權限
docker和harbor之間交互的基本使用:
一、配置http鏡像倉庫可信任(docker默認是經過https訪問harbor的,可是私有倉庫是在公司內網的話,沒有必要配置https, 因此咱們要在daemon.json配置harbor服務器地址被docker認爲是可信任的站點;若是docker經過https訪問harbor,就不須要進行以下設置)
# vi /etc/docker/daemon.json
{"insecure-registries":["192.168.1.30"]}
格式不能寫錯,修改該配置後,須要重啓docker服務,若是寫錯,重啓docker會有問題。
# systemctl restart docker #重啓docker的話,要留意一下,經過docker啓動的容器是否正常運行, harbor就啓動在docker容器裏的,因此須要用docker-compose ps查看harbor服務狀態,若是harbor狀態不全是Up狀態,那麼使用 docker-compose up -d 再次啓動全部
二、打標籤
# docker tag centos:6 192.168.1.30/library/centos:6
三、上傳
# docker push 192.168.1.30/library/centos:6
四、下載
# docker pull 192.168.1.30/library/centos:6
#修改docker的配置文件daemon.json(docker經過http訪問harbor的話,須要配置harbor的服務器地址爲可信任;若是經過https方式訪問harbor,這裏不須要修改) [root@192 harbor]# vi /etc/docker/daemon.json [root@192 harbor]# cat /etc/docker/daemon.json {"registry-mirrors": ["http://f1361db2.m.daocloud.io"], "insecure-registries":["192.168.1.30"] } #重啓docker [root@192 harbor]# systemctl restart docker #重啓查看harbor狀態,由於harbor也是運行在docker容器裏的,容器服務重啓,相應的容器也要檢查一下狀態是否正常 [root@192 harbor]# docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------- harbor-adminserver /harbor/start.sh Exit 137 harbor-db /entrypoint.sh postgres Exit 255 harbor-jobservice /harbor/start.sh Exit 137 harbor-log /bin/sh -c /usr/local/bin/ ... Up (health: starting) 127.0.0.1:1514->10514/tcp harbor-ui /harbor/start.sh Up (health: starting) nginx nginx -g daemon off; Exit 128 redis docker-entrypoint.sh redis ... Exit 128 registry /entrypoint.sh /etc/regist ... Up (health: starting) 5000/tcp #(沒有的)建立和有的直接啓動容器,-d參數表明在後臺運行服務 [root@192 harbor]# docker-compose up -d harbor-log is up-to-date Starting harbor-db ... registry is up-to-date Starting harbor-adminserver ... Starting redis ... harbor-ui is up-to-date Starting harbor-jobservice ... Starting nginx ... #查看harbor服務狀態 [root@192 harbor]# docker-compose ps Name Command State Ports ----------------------------------------------------------------------------------------------------------------- harbor-adminserver /harbor/start.sh Up (health: starting) harbor-db /entrypoint.sh postgres Up (health: starting) 5432/tcp harbor-jobservice /harbor/start.sh Up harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp harbor-ui /harbor/start.sh Up (health: starting) nginx nginx -g daemon off; Up (health: starting) 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp redis docker-entrypoint.sh redis ... Up 6379/tcp registry /entrypoint.sh /etc/regist ... Up (healthy) 5000/tcp #列出docker鏡像 [root@192 harbor]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat v1 5f8fe4ca82ba 7 hours ago 427MB php v1 d48e00d7de94 7 hours ago 514MB nginx v1 a5412fe37cac 7 hours ago 361MB nginx latest 881bd08c0b08 9 days ago 109MB mysql 5.7 ee7cbd482336 9 days ago 372MB busybox latest d8233ab899d4 3 weeks ago 1.2MB centos 7 1e1148e4cc2c 3 months ago 202MB centos latest 1e1148e4cc2c 3 months ago 202MB goharbor/chartmuseum-photon v0.7.1-v1.6.1 f0a2dbee1ff1 4 months ago 350MB goharbor/harbor-migrator v1.6.1 60e8be845b35 4 months ago 798MB goharbor/redis-photon v1.6.1 6a67380bb061 4 months ago 210MB goharbor/clair-photon v2.0.6-v1.6.1 c4fcdbae7df2 4 months ago 302MB goharbor/notary-server-photon v0.5.1-v1.6.1 f1afd44d9f9b 4 months ago 209MB goharbor/notary-signer-photon v0.5.1-v1.6.1 83aa51867207 4 months ago 207MB goharbor/registry-photon v2.6.2-v1.6.1 f4cb5e83f0a4 4 months ago 196MB goharbor/nginx-photon v1.6.1 9ca888fe33b2 4 months ago 132MB goharbor/harbor-log v1.6.1 9b1ea3f29465 4 months ago 198MB goharbor/harbor-jobservice v1.6.1 9ca6fd371ca6 4 months ago 192MB goharbor/harbor-ui v1.6.1 305ee5b8952c 4 months ago 215MB goharbor/harbor-adminserver v1.6.1 a3e95f74984e 4 months ago 181MB goharbor/harbor-db v1.6.1 3bea3bff0190 4 months ago 219MB java 8 d23bdf5b1b1b 2 years ago 643MB # 配置 php:v1這個鏡像,推送到哪裏去,這裏推送到私有倉庫地址
[root@192 harbor]# docker tag php:v1 192.168.1.30/library/php:v1 # docker登錄鏡像倉庫,成功 [root@192 harbor]# docker login 192.168.1.30 username:testuser1 password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store # 下次再登錄,不須要重複輸入用戶名,密碼 [root@192 harbor]# docker login 192.168.1.30 Authenticating with existing credentials... WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded #推送到Harbor鏡像倉庫 [root@192 harbor]# docker push 192.168.1.30/library/php:v1 The push refers to repository [192.168.1.30/library/php] v1: digest: sha256:dff46139f7bbcaf014ef2f1b9a564b99fdf0fd6cedbce965d01e6ad4091566bb size: 1370 # 將nginx:v1打上推送到鏡像倉庫的地址標籤,並推送 [root@192 harbor]# docker tag nginx:v1 192.168.1.30/library/nginx:v1 [root@192 harbor]# docker push 192.168.1.30/library/nginx:v1 The push refers to repository [192.168.1.30/library/nginx] v1: digest: sha256:4b4183c9fc6af4479c0b9632f13076c4276c83ccdc32784b521225f878963c74 size: 1159 # 將tomcat:v1打上推送到鏡像倉庫的地址標籤,並推送 [root@192 harbor]# docker tag tomcat:v1 192.168.1.30/library/tomcat:v1 [root@192 harbor]# docker push 192.168.1.30/library/tomcat:v1 The push refers to repository [192.168.1.30/library/tomcat] v1: digest: sha256:37a025411fc5250673100c51cc60a48878695c9f1f59c953a6751f21b9db18df size: 952 #從鏡像倉庫拉取nginx:v1 [root@192 harbor]# docker pull 192.168.1.30/library/nginx:v1 v1: Pulling from library/nginx Digest: sha256:4b4183c9fc6af4479c0b9632f13076c4276c83ccdc32784b521225f878963c74 Status: Image is up to date for 192.168.1.30/library/nginx:v1 [root@192 harbor]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.1.30/library/tomcat v1 5f8fe4ca82ba 7 hours ago 427MB tomcat v1 5f8fe4ca82ba 7 hours ago 427MB 192.168.1.30/library/php v1 d48e00d7de94 8 hours ago 514MB php v1 d48e00d7de94 8 hours ago 514MB 192.168.1.30/library/nginx v1 a5412fe37cac 8 hours ago 361MB nginx v1 a5412fe37cac 8 hours ago 361MB nginx latest 881bd08c0b08 9 days ago 109MB mysql 5.7 ee7cbd482336 9 days ago 372MB busybox latest d8233ab899d4 3 weeks ago 1.2MB centos 7 1e1148e4cc2c 3 months ago 202MB centos latest 1e1148e4cc2c 3 months ago 202MB goharbor/chartmuseum-photon v0.7.1-v1.6.1 f0a2dbee1ff1 4 months ago 350MB goharbor/harbor-migrator v1.6.1 60e8be845b35 4 months ago 798MB goharbor/redis-photon v1.6.1 6a67380bb061 4 months ago 210MB goharbor/clair-photon v2.0.6-v1.6.1 c4fcdbae7df2 4 months ago 302MB goharbor/notary-server-photon v0.5.1-v1.6.1 f1afd44d9f9b 4 months ago 209MB goharbor/notary-signer-photon v0.5.1-v1.6.1 83aa51867207 4 months ago 207MB goharbor/registry-photon v2.6.2-v1.6.1 f4cb5e83f0a4 4 months ago 196MB goharbor/nginx-photon v1.6.1 9ca888fe33b2 4 months ago 132MB goharbor/harbor-log v1.6.1 9b1ea3f29465 4 months ago 198MB goharbor/harbor-jobservice v1.6.1 9ca6fd371ca6 4 months ago 192MB goharbor/harbor-ui v1.6.1 305ee5b8952c 4 months ago 215MB goharbor/harbor-adminserver v1.6.1 a3e95f74984e 4 months ago 181MB goharbor/harbor-db v1.6.1 3bea3bff0190 4 months ago 219MB java 8 d23bdf5b1b1b 2 years ago 643MB
有個規則:給鏡像打好標籤後,用docker images是看不到鏡像的變化的, 只有經過dockor push 把鏡像推送到harbor倉庫後, docker images纔會看到有新增的鏡像
驗證結果:
下面演示如何從私有鏡像倉庫Harbor拉取鏡像並運行 nginx, php, 假設 Docker: 快速搭建LNMP網站平臺 裏面建立的容器,刪除掉,只保留lnmp_mysql
[root@192 nginx]# docker container rm -f lnmp_nginx lnmp_nginx [root@192 nginx]# docker container rm -f lnmp_php lnmp_php
#運行沒什麼特別,就是把鏡像名和標籤換成私有倉庫的就能夠 [root@192 nginx]# docker run -d --name lnmp_php --net lnmp --mount src=wwwroot,dst=/wwwroot 192.168.1.30/library/php:v1 c3624fb185f93351af97bea35a604155b52b2e4eca600d5be4e4e5be93b1ee7f [root@192 nginx]# docker run -d --name lnmp_nginx --net lnmp -p 88:80 --mount type=bind,src=$(pwd)/nginx.conf,dst=/usr/local/nginx/conf/nginx.conf --mount src=wwwroot,dst=/wwwroot 192.168.1.30/library/nginx:v1 3cc9715ef1f0bb9b4039c3aa58a3508d14f3825e8b275e2a50467b7e037709b6 [root@192 nginx]# docker container ls -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 11 seconds ago Up 9 seconds 0.0.0.0:88->80/tcp lnmp_nginx [root@192 nginx]# docker container ls -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 22 seconds ago Up 20 seconds 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" About a minute ago Up About a minute 9000/tcp lnmp_php 9b2acdc4e0d4 192.168.1.30/library/php:v1 "--name lnmp_php" 9 minutes ago Created 9000/tcp gracious_borg 31416cb93251 192.168.1.30/library/php:v1 "-name lnmp_php" 10 minutes ago Created 9000/tcp vigorous_wiles 679f5aa83443 5f8fe4ca82ba "catalina.sh run" 15 hours ago Up 15 hours 0.0.0.0:99->8080/tcp gifted_gates ce152fffc931 goharbor/harbor-jobservice:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours harbor-jobservice d5a971fcf319 goharbor/nginx-photon:v1.6.1 "nginx -g 'daemon of…" 29 hours ago Up 28 hours (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx 197b6f639c4b goharbor/harbor-ui:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours (healthy) harbor-ui 443fd0c18620 goharbor/harbor-db:v1.6.1 "/entrypoint.sh post…" 29 hours ago Up 28 hours (healthy) 5432/tcp harbor-db 4943f885123b goharbor/harbor-adminserver:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours (healthy) harbor-adminserver d29f080f8615 goharbor/redis-photon:v1.6.1 "docker-entrypoint.s…" 29 hours ago Up 28 hours 6379/tcp redis 5130724e6c5b goharbor/registry-photon:v2.6.2-v1.6.1 "/entrypoint.sh /etc…" 29 hours ago Up 28 hours (healthy) 5000/tcp registry 737c956d3c64 goharbor/harbor-log:v1.6.1 "/bin/sh -c /usr/loc…" 29 hours ago Up 28 hours (healthy) 127.0.0.1:1514->10514/tcp harbor-log 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql f4f3056e14b6 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Exited (1) 34 hours ago objective_wozniak [root@192 nginx]# docker container ls -a|grep lnmp 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 29 seconds ago Up 27 seconds 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" About a minute ago Up About a minute 9000/tcp lnmp_php 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql [root@192 nginx]# docker container ls -a|grep lnmp 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" About a minute ago Up About a minute 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" 2 minutes ago Up 2 minutes 9000/tcp lnmp_php 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql
打開瀏覽器看一下:
到此,測試從私有倉庫harbor上拉取鏡像,並運行,測試經過。
這裏須要注意的是, php,nginx運行是有順序的,須要先運行 php,在運行nginx.
由於nginx.cnf配置文件裏,配置了轉發到lnmp_php,找不到這個服務器, nginx服務就會退出 。
做者: 梅梅~
出處: https://www.cnblogs.com/keeptesting
關於做者:專一軟件測試,測試運維相關工做,請多多賜教!
本文版權歸做者和博客園共有,歡迎轉載,但未經做者贊成必須保留此段聲明,且在文章頁面明顯位置給出, 原文連接 歡迎溝通交流加微信聯繫。 微信:yangguangkg20140901 暗號:博客園.
相關文章
- 1. 181. docker企業級鏡像倉庫harbor
- 2. 07:企業級鏡像倉庫Harbor
- 3. 企業級鏡像倉庫Harbor
- 4. 企業級Docker鏡像倉庫harbor的部署和使用
- 5. Docker: 企業級鏡像倉庫Harbor的使用
- 6. 企業級Docker鏡像倉庫Harbor部署與使用
- 7. 使用docker搭建「企業級鏡像倉庫」Harbor
- 8. 企業級docker鏡像倉庫----Harbor高可用部署
- 9. 企業級私有倉庫鏡像倉庫Harbor
- 10. 企業級Docker容器鏡像倉庫Harbor的搭建
- 更多相關文章...
- • Docker 鏡像使用 - Docker教程
- • Docker 鏡像加速 - Docker教程
- • TiDB 在摩拜單車在線數據業務的應用和實踐
- • Composer 安裝與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. No provider available from registry 127.0.0.1:2181 for service com.ddbuy.ser 解決方法
- 2. Qt5.7以上調用虛擬鍵盤(支持中文),以及源碼修改(可拖動,水平縮放)
- 3. 軟件測試面試- 購物車功能測試用例設計
- 4. ElasticSearch(概念篇):你知道的, 爲了搜索…
- 5. redux理解
- 6. gitee創建第一個項目
- 7. 支持向量機之硬間隔(一步步推導,通俗易懂)
- 8. Mysql 異步複製延遲的原因及解決方案
- 9. 如何在運行SEPM配置嚮導時將不可認的複雜數據庫密碼改爲簡單密碼
- 10. windows系統下tftp服務器使用
歡迎關注本站公眾號,獲取更多信息
