企業級私有registry Harbor經過https訪問的詳細配置
Harbor安裝請參考https://my.oschina.net/u/1762991/blog/1204555
根據文檔https://github.com/vmware/harbor/blob/0.5.0/docs/installation_guide.md
Harbor配置經過https訪問須要修改配置文件
To change Harbor's configuration, first stop existing Harbor instance, update harbor.cfg, and then run install.sh again:
1.中止docker-compose
$ sudo docker-compose down
2.編輯配置文件
$ vim harbor.cfg
3.執行install.sh
$ sudo install.shmysql
添加一個步驟,就是建立私有CA,經過CA來簽署證書,此步驟在1以後進行nginx
1.中止docker-compose
[docker@c7ks1 harbor]$ docker-compose ps
Name Command State Ports
-----------------------------------------------------------------------------------------------------
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 0.0.0.0:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
[docker@c7ks1 harbor]$ docker-compose down
Stopping nginx ... done
Stopping harbor-jobservice ... done
Stopping harbor-db ... done
Stopping registry ... done
Stopping harbor-ui ... done
Stopping harbor-log ... done
Removing nginx ... done
Removing harbor-jobservice ... done
Removing harbor-db ... done
Removing registry ... done
Removing harbor-ui ... done
Removing harbor-log ... done
Removing network harbor_defaultgit
2.建立私有CA及簽署證書(這裏CA服務器給本身發證書)
A、生成密鑰對
[root@c7ks1 ~]# (umask 077;openssl genrsa -out /etc/pki/CA/private/cakey.pem 4096)
Generating RSA private key, 4096 bit long modulus
....................................................................................................................................................................................++
............................................................................................................................................................................................................++
e is 65537 (0x10001)
B、自簽證書,從私鑰中抽取中公鑰信息
req: 生成證書籤署請求
-news: 生成新請求
-key /path/to/keyfile: 指定私鑰文件
-out /path/to/somefile: 【自籤時】證書存放位置
-x509: 生成自簽署證書
-days n: 有效天數
[root@c7ks1 ~]# openssl req -new -x509 -key /etc/pki/CA/private/cakey.pem -out /etc/pki/CA/cacert.pem -days 365
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:zhejiangsheng
Locality Name (eg, city) [Default City]:hangzhuo
Organization Name (eg, company) [Default Company Ltd]:c7ks1
Organizational Unit Name (eg, section) []:tech
Common Name (eg, your name or your server's hostname) []:c7ks1
Email Address []:deliwucn@qq.com
C、初始化工做環境
[root@c7ks1 ~]# touch /etc/pki/CA/{index.txt,serial}
[root@c7ks1 ~]# echo 01 > /etc/pki/CA/serial
D、建立Harbor存放證書的目錄
[root@c7ks1 ~]# mkdir /data/source/harbor/ssl
E、生成證書籤署請求
[root@c7ks1 ~]# (umask 077;openssl genrsa -out /data/source/harbor/ssl/harbor.key 4096)
Generating RSA private key, 4096 bit long modulus
.................................................................................................................................................................................................................................................++
....................................................................................................++
e is 65537 (0x10001)
[root@c7ks1 ~]# openssl req -new -key /data/source/harbor/ssl/harbor.key -out /data/source/harbor/ssl/harbor.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:zhejiangsheng
Locality Name (eg, city) [Default City]:hangzhuo
Organization Name (eg, company) [Default Company Ltd]:c7ks1
Organizational Unit Name (eg, section) []:tech
Common Name (eg, your name or your server's hostname) []:c7ks1
Email Address []:deliwu@qq.comgithub
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
F、把簽署請求發送給CA服務器(因爲是同一個機器,因此不須要發送)
G、簽署證書
[root@c7ks1 ~]# openssl ca -in /data/source/harbor/ssl/harbor.csr -out /data/source/harbor/ssl/harbor.crt -days 265
Using configuration from /etc/pki/tls/openssl.cnf
Check that the request matches the signature
Signature ok
Certificate Details:
Serial Number: 1 (0x1)
Validity
Not Before: Jul 10 14:45:30 2017 GMT
Not After : Apr 1 14:45:30 2018 GMT
Subject:
countryName = CN
stateOrProvinceName = zhejiangsheng
organizationName = c7ks1
organizationalUnitName = tech
commonName = c7ks1
emailAddress = deliwu@qq.com
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
D0:65:52:77:7E:73:CA:A1:B0:E2:46:C8:63:06:03:12:27:F1:C9:7C
X509v3 Authority Key Identifier:
keyid:41:BB:A7:DE:71:FF:E7:6D:40:4C:D0:6A:D2:B1:34:9F:2F:17:F0:CDsql
Certificate is to be certified until Apr 1 14:45:30 2018 GMT (265 days)
Sign the certificate? [y/n]:ydocker
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
[root@c7ks1 ~]#
把證書文件/data/source/harbor/ssl/harbor.crt發送給請求者,若是是Windows機器,則直接雙擊進行安裝證書便可,把證書放到安全的位置vim
3.編輯配置文件
#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = https
......
#The path of cert and key files for nginx, they are applied only the protocol is set to https
ssl_cert = /data/source/harbor/ssl/harbor.crt
ssl_cert_key = /data/source/harbor/ssl/harbor.key
錯誤作法:
因爲看到https://github.com/vmware/harbor/blob/0.5.0/docs/installation_guide.md
For HTTPS protocolapi
1.Enable HTTPS in Harbor by following this guide.
2.Modify docker-compose.yml
Replace the first "443" to a customized port, e.g. 4443:443.安全
proxy:
image: library/nginx:1.11.5
restart: always
volumes:
- ./config/nginx:/etc/nginx
ports:
- 80:80
- 4443:443
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"服務器
3.Modify templates/registry/config.yml
Add the customized port, e.g. ":4443", after "$ui_url".
auth:
token:
issuer: registry-token-issuer
realm: $ui_url:4443/service/token
rootcertbundle: /etc/registry/root.crt # 這裏有一個證書文件,我修改成了我剛纔存放的位置
service: token-service
4.Run install.sh to update and start Harbor.
$ sudo docker-compose down
$ sudo install.sh
[root@c7ks1 harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 1.10.2
Note: docker-compose version: 1.8.0
[Step 1]: loading Harbor images ...
[Step 2]: preparing environment ...
loaded secret key
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/cert/harbor.crt
Clearing the configuration file: ./common/config/nginx/cert/harbor.key
Clearing the configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/ui/app.conf
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/private_key.pem
Generated configuration file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
[Step 4]: starting Harbor ...
Creating network "harbor_default" with the default driver
Creating harbor-log
Creating registry
Creating harbor-db
Creating harbor-ui
Creating nginx
Creating harbor-jobservice
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at https://192.168.40.113.
For more details, please visit https://github.com/vmware/harbor .
[root@c7ks1 harbor]# docker-compose ps
Name Command State Ports
----------------------------------------------------------------------------------------------------------
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 0.0.0.0:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
registry /entrypoint.sh serve /etc/ ... Restarting 5000/tcp
查看日誌一直報錯
[root@c7ks1 harbor]# tail -100 /var/log/harbor/2017-07-10/docker_ui.log
Jul 10 23:04:39 c7ks1 docker/ui[11221]: 2017-07-10T15:04:39Z [INFO] User id: 1 already has its encrypted password.
Jul 10 23:04:39 c7ks1 docker/ui[11221]: 2017-07-10T15:04:39Z [DEBUG] [utils.go:245]: Start syncing repositories from registry to DB...
Jul 10 23:04:39 c7ks1 docker/ui[11221]: 2017-07-10T15:04:39Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:41 c7ks1 docker/ui[11221]: 2017-07-10T15:04:41Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:43 c7ks1 docker/ui[11221]: 2017-07-10T15:04:43Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:45 c7ks1 docker/ui[11221]: 2017-07-10T15:04:45Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:47 c7ks1 docker/ui[11221]: 2017-07-10T15:04:47Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:49 c7ks1 docker/ui[11221]: 2017-07-10T15:04:49Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:51 c7ks1 docker/ui[11221]: 2017-07-10T15:04:51Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:53 c7ks1 docker/ui[11221]: 2017-07-10T15:04:53Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:55 c7ks1 docker/ui[11221]: 2017-07-10T15:04:55Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:57 c7ks1 docker/ui[11221]: 2017-07-10T15:04:57Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:04:59 c7ks1 docker/ui[11221]: 2017-07-10T15:04:59Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:01 c7ks1 docker/ui[11221]: 2017-07-10T15:05:01Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:03 c7ks1 docker/ui[11221]: 2017-07-10T15:05:03Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:05 c7ks1 docker/ui[11221]: 2017-07-10T15:05:05Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:07 c7ks1 docker/ui[11221]: 2017-07-10T15:05:07Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:09 c7ks1 docker/ui[11221]: 2017-07-10T15:05:09Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:11 c7ks1 docker/ui[11221]: 2017-07-10T15:05:11Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:13 c7ks1 docker/ui[11221]: 2017-07-10T15:05:13Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:15 c7ks1 docker/ui[11221]: 2017-07-10T15:05:15Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:17 c7ks1 docker/ui[11221]: 2017-07-10T15:05:17Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:19 c7ks1 docker/ui[11221]: 2017-07-10T15:05:19Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:23 c7ks1 docker/ui[11221]: 2017-07-10T15:05:23Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:25 c7ks1 docker/ui[11221]: 2017-07-10T15:05:25Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:27 c7ks1 docker/ui[11221]: 2017-07-10T15:05:27Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:29 c7ks1 docker/ui[11221]: 2017-07-10T15:05:29Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:31 c7ks1 docker/ui[11221]: 2017-07-10T15:05:31Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:33 c7ks1 docker/ui[11221]: 2017-07-10T15:05:33Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:35 c7ks1 docker/ui[11221]: 2017-07-10T15:05:35Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:37 c7ks1 docker/ui[11221]: 2017-07-10T15:05:37Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:39 c7ks1 docker/ui[11221]: panic: Failed to connect to registry client after 60 seconds
Jul 10 23:05:39 c7ks1 docker/ui[11221]:
Jul 10 23:05:39 c7ks1 docker/ui[11221]: goroutine 1 [running]:
Jul 10 23:05:39 c7ks1 docker/ui[11221]: panic(0xacbec0, 0xc820242580)
Jul 10 23:05:39 c7ks1 docker/ui[11221]: #011/usr/local/go/src/runtime/panic.go:481 +0x3e6
Jul 10 23:05:39 c7ks1 docker/ui[11221]: github.com/vmware/harbor/src/ui/api.initRegistryClient(0xab5220, 0x0, 0x0)
Jul 10 23:05:39 c7ks1 docker/ui[11221]: #011/go/src/github.com/vmware/harbor/src/ui/api/utils.go:450 +0x45a
Jul 10 23:05:39 c7ks1 docker/ui[11221]: github.com/vmware/harbor/src/ui/api.catalog(0x0, 0x0, 0x0, 0x0, 0x0)
Jul 10 23:05:39 c7ks1 docker/ui[11221]: #011/go/src/github.com/vmware/harbor/src/ui/api/utils.go:314 +0x72
Jul 10 23:05:39 c7ks1 docker/ui[11221]: github.com/vmware/harbor/src/ui/api.SyncRegistry(0x0, 0x0)
Jul 10 23:05:39 c7ks1 docker/ui[11221]: #011/go/src/github.com/vmware/harbor/src/ui/api/utils.go:247 +0x7b
Jul 10 23:05:39 c7ks1 docker/ui[11221]: main.main()
Jul 10 23:05:39 c7ks1 docker/ui[11221]: #011/go/src/github.com/vmware/harbor/src/ui/main.go:84 +0x290
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [INFO] token expiration: 30 minutes
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [INFO] Config path: /etc/ui/app.conf
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [INFO] initializing database: type-MySQL host-mysql port-3306 user-root database-registry
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [INFO] User id: 1 already has its encrypted password.
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [DEBUG] [utils.go:245]: Start syncing repositories from registry to DB...
Jul 10 23:05:39 c7ks1 docker/ui[11221]: 2017-07-10T15:05:39Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:41 c7ks1 docker/ui[11221]: 2017-07-10T15:05:41Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:43 c7ks1 docker/ui[11221]: 2017-07-10T15:05:43Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:45 c7ks1 docker/ui[11221]: 2017-07-10T15:05:45Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:47 c7ks1 docker/ui[11221]: 2017-07-10T15:05:47Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refused
Jul 10 23:05:49 c7ks1 docker/ui[11221]: 2017-07-10T15:05:49Z [ERROR] [utils.go:442]: failed to connect to registry client, retry after 2 seconds :dial tcp 172.18.0.3:5000: getsockopt: connection refuse
後面我查找了一下config.yml文件,發現有兩個
[root@c7ks1 harbor]# find ./ -name "config.yml"
./common/templates/registry/config.yml
./common/config/registry/config.yml
[root@c7ks1 harbor]# diff common/config/registry/config.yml common/templates/registry/config.yml
24c24
< realm: https://192.168.40.113/service/token
---
> realm: $ui_url/service/token
發現他們的配置都不同
我就把$ui_url改成https://192.168.40.113,重試上面修改配置的步驟,可是仍是報一樣的錯
這時,我把
./common/templates/registry/config.yml
./common/config/registry/config.yml
都改成最初的配置
即:
./common/templates/registry/config.yml
。。
auth:
token:
issuer: registry-token-issuer
realm: $ui_url:/service/token
rootcertbundle: /etc/registry/root.crt
service: token-service
。。
./common/config/registry/config.yml
auth:
token:
issuer: registry-token-issuer
realm: https://192.168.40.113:/service/token
rootcertbundle: /etc/registry/root.crt
service: token-service
從新執行install.sh
[root@c7ks1 harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 1.10.2
Note: docker-compose version: 1.8.0
[Step 1]: loading Harbor images ...
[Step 2]: preparing environment ...
loaded secret key
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/nginx/cert/harbor.crt
Clearing the configuration file: ./common/config/nginx/cert/harbor.key
Clearing the configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/ui/app.conf
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/private_key.pem
Generated configuration file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
Note: stopping existing Harbor instance ...
Removing nginx ... done
Removing harbor-jobservice ... done
Removing harbor-ui ... done
Removing harbor-db ... done
Removing registry ... done
Removing harbor-log ... done
Removing network harbor_default
[Step 4]: starting Harbor ...
Creating network "harbor_default" with the default driver
Creating harbor-log
Creating harbor-ui
Creating harbor-db
Creating registry
Creating harbor-jobservice
Creating nginx
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at https://192.168.40.113.
For more details, please visit https://github.com/vmware/harbor .
發現容器都正常up了
[root@c7ks1 harbor]# docker-compose ps
Name Command State Ports
-----------------------------------------------------------------------------------------------------
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 0.0.0.0:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
能夠訪問了
- 1. 經過harbor搭建私有docker registry
- 2. Harbor配置https訪問
- 3. Harbor 企業級 Docker Registry
- 4. Harbor:私有企業級Registry倉庫--快速搭建
- 5. Harbor - 企業級 Docker 私有倉庫
- 6. Harbor: 企業級Registry的構建利器
- 7. Docker 私有Registry
- 8. 企業級Registry服務器(harbor)部署
- 9. (一)Harbor安裝 -- 企業級Registry倉庫
- 10. docker——7、Docker私有Registry(Harbor)
- 更多相關文章...
- • MyBatis配置文件詳解 - MyBatis教程
- • Swift 訪問控制 - Swift 教程
- • IDEA下SpringBoot工程配置文件沒有提示
- • 爲了進字節跳動,我精選了29道Java經典算法題,帶詳細講解
-
每一个你不满意的现在,都有一个你没有努力的曾经。