Docker(四)私有倉庫Harbor安裝和配置
(一)、概述
Harbor是開源registry倉庫,相比docker官方擁有更豐富的權限權利和完善的架構設計,適用大規模docker集羣部署提供倉庫服務。 下載地址:https://github.com/goharbor/harbor/releaseslinux
(二)、安裝和配置。因爲harbor包括docker,docker-composere和client只需安裝docker便可
一、Dcker安裝nginx
[root@localhost ~]#sudo yum install -y yum-utils device-mapper-persistent-data lvm2 [root@localhost ~]# sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo [root@localhost ~]#yum -y install docker-ce [root@localhost ~]# systemctl enable docker [root@localhost ~]# systemctl start docker [root@localhost ~]# systemctl status docker
二、Docker Composere安裝。直接yum安裝git
[root@localhost ~]#yum install epel-release [root@localhost ~]#yum -y install docker-compose
三、下載Harbor最新版本的離線安裝包並解壓出來。https://github.com/goharbor/harbor/releasesgithub
[root@otrs004097 ~]# wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.2.tgz [root@otrs004097 opt]# tar xf harbor-offline-installer-v1.8.2.tgz [root@otrs004097 opt]# cd harbor/ [root@otrs004097 harbor]# ls harbor.v1.8.2.tar.gz harbor.yml install.sh LICENSE prepare
四、修改harbor.yml文件。修改下hostname爲本機的ip,harbor_admin_password web頁面的密碼。配置下httpsweb
[root@otrs004097 harbor]# grep "^[^#]" harbor.yml hostname: 192.168.4.97 http: # port for http, default is 80. If https enabled, this port will redirect to https port port: 80 https: port: 443 certificate: /opt/dcerts/kjdow.crt private_key: /opt/dcerts/kjdow.key harbor_admin_password: Harbor12345 database: # The password for the root user of Harbor DB. Change this before any production use. password: root123 data_volume: /data clair: # The interval of clair updaters, the unit is hour, set to 0 to disable the updaters. updaters_interval: 12 # Config http proxy for Clair, e.g. http://my.proxy.com:3128 # Clair doesn't need to connect to harbor internal components via http proxy. http_proxy: https_proxy: no_proxy: 127.0.0.1,localhost,core,registry jobservice: # Maximum number of job workers in job service max_job_workers: 4 chart: # Change the value of absolute_url to enabled can enable absolute url in chart absolute_url: disabled log: # options are debug, info, warning, error, fatal level: info # Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated. rotate_count: 50 # Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes. # If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G # are all valid. rotate_size: 200M # The directory on your host that store log location: /var/log/harbor _version: 1.8.0
五、運行安裝腳本。出現下邊即爲安裝成功。redis
[root@otrs004097 harbor]# sh install.sh ✔ ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at https://192.168.4.97. For more details, please visit https://github.com/goharbor/harbor .
六、使用剛纔的帳號進行登陸sql
七、若是想要中止,或者是服務器重啓了,須要手動重啓,在harbor的安裝目錄,裏執行命令docker
[root@otrs004097 harbor]# ll total 564660 drwxr-xr-x 3 root root 20 Aug 20 14:42 common -rw-r--r-- 1 root root 5387 Aug 21 12:00 docker-compose.yml -rw-r--r-- 1 root root 578167000 Aug 8 15:51 harbor.v1.8.2.tar.gz -rw-r--r-- 1 root root 4507 Aug 20 14:39 harbor.yml -rwxr-xr-x 1 root root 5088 Aug 8 15:51 install.sh -rw-r--r-- 1 root root 11347 Aug 8 15:51 LICENSE -rwxr-xr-x 1 root root 1654 Aug 8 15:51 prepare [root@otrs004097 harbor]# docker-compose stop Stopping nginx ... done Stopping harbor-portal ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping registry ... done Stopping redis ... done Stopping harbor-db ... done Stopping registryctl ... done Stopping harbor-log ... done [root@otrs004097 harbor]# docker-compose start Starting log ... done Starting registry ... done Starting registryctl ... done Starting postgresql ... done Starting core ... done Starting portal ... done Starting redis ... done Starting jobservice ... done Starting proxy ... done [root@otrs004097 harbor]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 2705ee8ed36c goharbor/nginx-photon:v1.8.2 "nginx -g 'daemon of…" 3 hours ago Up 24 seconds (health: starting) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx 6972e89dab43 goharbor/harbor-portal:v1.8.2 "nginx -g 'daemon of…" 3 hours ago Up 24 seconds (health: starting) 80/tcp harbor-portal 406675543ea6 goharbor/harbor-jobservice:v1.8.2 "/harbor/start.sh" 3 hours ago Up 24 seconds harbor-jobservice 1ca5a5d63008 goharbor/harbor-core:v1.8.2 "/harbor/start.sh" 3 hours ago Up 25 seconds (health: starting) harbor-core 9edbf02eaef2 goharbor/registry-photon:v2.7.1-patch-2819-v1.8.2 "/entrypoint.sh /etc…" 3 hours ago Up 26 seconds (health: starting) 5000/tcp registry 1456773e7464 goharbor/redis-photon:v1.8.2 "docker-entrypoint.s…" 3 hours ago Up 26 seconds 6379/tcp redis c8616d9d70bf goharbor/harbor-db:v1.8.2 "/entrypoint.sh post…" 3 hours ago Up 26 seconds (health: starting) 5432/tcp harbor-db 6c06883e32b7 goharbor/harbor-registryctl:v1.8.2 "/harbor/start.sh" 3 hours ago Up 26 seconds (health: starting) registryctl cb0c83c37ec1 goharbor/harbor-log:v1.8.2 "/bin/sh -c /usr/loc…" 3 hours ago Up 27 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log d24e185404a8 lqb1:v1.0 "/bin/bash" 5 days ago Up 43 hours lqb1
八、解決登陸報錯json
[root@DEV004019 ~]# docker login 192.168.4.97 Username: admin Password: Error response from daemon: Get https://192.168.4.97/v2/: x509: cannot validate certificate for 192.168.4.97 because it doesn't contain any IP SANs
解決方法:
8.一、在安裝harbor那臺服務器的安裝目錄,在registry模塊上添加ports: - 5000:5000
registry:
image: goharbor/registry-photon:v2.7.1-patch-2819-v1.8.2
container_name: registry
restart: always
cap_drop:
- ALL
cap_add:
- CHOWN
- SETGID
- SETUID
volumes:
- /data/registry:/storage:z
- ./common/config/registry/:/etc/registry/:z
- type: bind
source: /data/secret/registry/root.crt
target: /etc/registry/root.crt
networks:
- harbor
ports:
- 5000:5000
dns_search: .
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "registry"
8.二、同時在harbor和client的docker配置添加 insecure-registries: harbor_IP
[root@DEV004019 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"insecure-registries": ["192.168.4.97:80"]
8.三、重啓harbor 的 docker-compose
[root@otrs004097 harbor]# docker-compose start
Starting log ... done
Starting registry ... done
Starting registryctl ... done
Starting postgresql ... done
Starting core ... done
Starting portal ... done
Starting redis ... done
Starting jobservice ... done
Starting proxy ... done
[root@otrs004097 harbor]# docker-compose ps
Name Command State Ports
-----------------------------------------------------------------------------------------------------
harbor-core /harbor/start.sh Up
harbor-db /entrypoint.sh postgres Up 5432/tcp
harbor-jobservice /harbor/start.sh Up
harbor-log /bin/sh -c /usr/local/bin/ ... Up 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Up 80/tcp
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
redis docker-entrypoint.sh redis ... Up 6379/tcp
registry /entrypoint.sh /etc/regist ... Up 5000/tcp
registryctl /harbor/start.sh Up
8.四、client端登陸私有倉庫
[root@DEV004019 ~]# docker login 192.168.4.97
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
九、經過push上傳鏡像vim
[root@DEV004019 ~]# docker tag nginx:latest 192.168.4.97/lqb/mysq-nginx-v1.0:v1.0 [root@DEV004019 ~]# docker push 192.168.4.97/lqb/mysq-nginx-v1.0:v1.0 The push refers to repository [192.168.4.97/lqb/mysq-nginx-v1.0] 12fdf55172df: Pushed 002a63507c1c: Pushed 1c95c77433e8: Pushed v1.0: digest: sha256:099019968725f0fc12c4b69b289a347ae74cc56da0f0ef56e8eb8e0134fc7911 size: 948
十、pull命令
[root@DEV004019 ~]# docker pull 192.168.4.97/lqb/mysq-nginx-v1.0:v1.0 v1.0: Pulling from lqb/mysq-nginx-v1.0 Digest: sha256:099019968725f0fc12c4b69b289a347ae74cc56da0f0ef56e8eb8e0134fc7911 Status: Downloaded newer image for 192.168.4.97/lqb/mysq-nginx-v1.0:v1.0 192.168.4.97/lqb/mysq-nginx-v1.0:v1.0 [root@DEV004019 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE lqb1 v1.0 add4aac9e719 5 days ago 369MB 192.168.4.97/lqb/mysq-nginx-v1.0 v1.0 5a3221f0137b 5 days ago 126MB
相關的推送和tag的命令可在harbor查找
相關文章
- 1. docker 配置私有倉庫 harbor
- 2. Docker--Harbor私有倉庫
- 3. Docker Registry(私有倉庫)安裝配置
- 4. centos 7 下安裝Docker私有倉Harbor
- 5. Docker私服倉庫Harbor安裝
- 6. 【Docker】搭建 Docker 私有倉庫 harbor
- 7. docker+harbor—搭建Docker私有倉庫
- 8. Docker配置私有倉庫
- 9. Docker 配置私有倉庫
- 10. Harbor私有倉庫配置與部署
- 更多相關文章...
- • Git 安裝配置 - Git 教程
- • Docker 倉庫管理 - Docker教程
- • IDEA下SpringBoot工程配置文件沒有提示
- • Composer 安裝與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. Duang!超快Wi-Fi來襲
- 2. 機器學習-補充03 神經網絡之**函數(Activation Function)
- 3. git上開源maven項目部署 多module maven項目(多module maven+redis+tomcat+mysql)後臺部署流程學習記錄
- 4. ecliple-tomcat部署maven項目方式之一
- 5. eclipse新導入的項目經常可以看到「XX cannot be resolved to a type」的報錯信息
- 6. Spark RDD的依賴於DAG的工作原理
- 7. VMware安裝CentOS-8教程詳解
- 8. YDOOK:Java 項目 Spring 項目導入基本四大 jar 包 導入依賴,怎樣在 IDEA 的項目結構中導入 jar 包 導入依賴
- 9. 簡單方法使得putty(windows10上)可以免密登錄樹莓派
- 10. idea怎麼用本地maven
歡迎關注本站公眾號,獲取更多信息
