容器技術之Docker私有鏡像倉庫harbor
前文咱們聊到了docker的私有鏡像倉庫docker-distribution的搭建和簡單的使用,回顧請參考http://www.javashuo.com/article/p-foxdfnct-ck.html;從前文的搭建和使用過程來看,docker-distribution搭建的倉庫很是簡陋,它甚至連一個用戶認證都沒有,更別提多用戶;今天咱們來介紹另一款docker倉庫工具harbor;harbor這款工具相對docker-distribution來說功能上豐富了許多;它支持多租戶,可擴展的API和web ui ,支持跨多個harbor實例的鏡像複製,支持身份集成和基於角色的訪問控制等等特徵;接下來咱們來安裝看看harbor吧;html
首先咱們要去官網下載安裝器,目前最新版本是2.0;下載地址https://github.com/goharbor/harbor/releases/tag/v2.0.0;harbor的安裝器有在線和離線兩個版本,在線包一般較小,適用於網絡環境較好地環境中使用,離線包是全部的安裝文件和腳本等等打包在一塊兒的;node
一、上傳已經下載好的安裝器到服務器python
二、解壓安裝器,並進入到解壓後的目錄中nginx
[root@docker_node01 ~]# tar xf harbor-offline-installer-v2.0.0.tgz -C /usr/local/ [root@docker_node01 ~]# ls /usr/local/ bin etc games harbor include lib lib64 libexec sbin share src [root@docker_node01 ~]# cd /usr/local/harbor/ [root@docker_node01 harbor]# ls common.sh harbor.v2.0.0.tar.gz harbor.yml.tmpl install.sh LICENSE prepare [root@docker_node01 harbor]#
三、編輯harbor.yml.tmpl文件,更改必要的配置git
提示:以上我只修改了hostname的值,後面的我都是用默認值;有關這個配置文件的說明,可參考官方文檔說明去配置;這裏須要注意一點使用https須要本身手動的去申請證書,沒有證書文件harbor是不可以正常安裝的;github
四、把harbor.yml.tmpl重命名爲harbor.ymlweb
[root@docker_node01 harbor]# ls common.sh harbor.v2.0.0.tar.gz harbor.yml.tmpl install.sh LICENSE prepare [root@docker_node01 harbor]# mv harbor.yml.tmpl harbor.yml [root@docker_node01 harbor]#
五、運行install.shredis
提示:若是運行install.sh腳本出現以上錯誤,咱們須要先安裝好docker-compose;docker
六、安裝docker-composejson
[root@docker_node01 harbor]# yum install docker-compose -y Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 docker-ce-stable | 3.5 kB 00:00:00 epel | 4.7 kB 00:00:00 extras | 2.9 kB 00:00:00 updates | 2.9 kB 00:00:00 (1/3): updates/7/x86_64/primary_db | 2.1 MB 00:00:00 (2/3): epel/x86_64/updateinfo | 1.0 MB 00:00:01 (3/3): epel/x86_64/primary_db | 6.8 MB 00:00:03 Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirror.bit.edu.cn Resolving Dependencies --> Running transaction check ---> Package docker-compose.noarch 0:1.18.0-4.el7 will be installed --> Processing Dependency: python36-cached_property >= 1.2.0 for package: docker-compose-1.18.0-4.el7.noarch --> Processing Dependency: python36-docker >= 2.6.1 for package: docker-compose-1.18.0-4.el7.noarch ……省略部份內容 Installed: docker-compose.noarch 0:1.18.0-4.el7 Dependency Installed: python36-PyYAML.x86_64 0:3.13-1.el7 python36-cached_property.noarch 0:1.5.1-2.el7 python36-chardet.noarch 0:3.0.4-1.el7 python36-docker.noarch 0:2.6.1-3.el7 python36-docker-pycreds.noarch 0:0.2.1-2.el7 python36-dockerpty.noarch 0:0.4.1-18.el7 python36-docopt.noarch 0:0.6.2-8.el7 python36-idna.noarch 0:2.7-2.el7 python36-jsonschema.noarch 0:2.5.1-4.el7 python36-pysocks.noarch 0:1.6.8-7.el7 python36-requests.noarch 0:2.14.2-2.el7 python36-six.noarch 0:1.14.0-2.el7 python36-texttable.noarch 0:1.6.2-1.el7 python36-urllib3.noarch 0:1.25.6-1.el7 python36-websocket-client.noarch 0:0.47.0-2.el7 Complete! [root@docker_node01 harbor]#
提示:docker-compose是docker容器的單機編排工具;
七、再運行install.sh腳本
[root@docker_node01 harbor]# ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.8 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.18.0 [Step 2]: loading Harbor images ... dbaf2c918102: Loading layer [==================================================>] 34.5MB/34.5MB 1f3458bb7308: Loading layer [==================================================>] 8.435MB/8.435MB 74e91bd5ca15: Loading layer [==================================================>] 6.317MB/6.317MB 82da861dccd3: Loading layer [==================================================>] 14.61MB/14.61MB 8d62f2bfdf94: Loading layer [==================================================>] 28.25MB/28.25MB 40510e398799: Loading layer [==================================================>] 22.02kB/22.02kB 6941a908d292: Loading layer [==================================================>] 49.17MB/49.17MB Loaded image: goharbor/notary-signer-photon:v2.0.0 bd70463b9e5a: Loading layer [==================================================>] 8.441MB/8.441MB d3927e3c53ea: Loading layer [==================================================>] 3.584kB/3.584kB a3b2acbb8f7d: Loading layer [==================================================>] 3.072kB/3.072kB de14f7f144ce: Loading layer [==================================================>] 9.71MB/9.71MB 94c03f31b276: Loading layer [==================================================>] 10.53MB/10.53MB Loaded image: goharbor/clair-adapter-photon:v2.0.0 935e17d700d1: Loading layer [==================================================>] 8.44MB/8.44MB eef8d67e9248: Loading layer [==================================================>] 42.3MB/42.3MB a181769f3c52: Loading layer [==================================================>] 3.072kB/3.072kB 4b801e4d76d7: Loading layer [==================================================>] 3.584kB/3.584kB 7f7c81a33722: Loading layer [==================================================>] 43.12MB/43.12MB Loaded image: goharbor/chartmuseum-photon:v2.0.0 4076b322e7f5: Loading layer [==================================================>] 49.89MB/49.89MB da16bbe3a170: Loading layer [==================================================>] 3.584kB/3.584kB f8967a1d9155: Loading layer [==================================================>] 3.072kB/3.072kB 6b7eaf984fde: Loading layer [==================================================>] 2.56kB/2.56kB 4406aea83cb2: Loading layer [==================================================>] 3.072kB/3.072kB 78566a971bf2: Loading layer [==================================================>] 3.584kB/3.584kB e4e05e2ffdad: Loading layer [==================================================>] 12.29kB/12.29kB f3bcf1de026d: Loading layer [==================================================>] 5.632kB/5.632kB Loaded image: goharbor/harbor-log:v2.0.0 101133a0a2e6: Loading layer [==================================================>] 8.441MB/8.441MB 40eb3ab360dd: Loading layer [==================================================>] 3.584kB/3.584kB 172ace267ace: Loading layer [==================================================>] 20.94MB/20.94MB cb361129c579: Loading layer [==================================================>] 3.072kB/3.072kB f0221c34f9dc: Loading layer [==================================================>] 8.721MB/8.721MB 1880cedc9407: Loading layer [==================================================>] 30.48MB/30.48MB Loaded image: goharbor/harbor-registryctl:v2.0.0 15f399ca8b42: Loading layer [==================================================>] 8.441MB/8.441MB 182251d62618: Loading layer [==================================================>] 3.584kB/3.584kB c72ce5e8bba9: Loading layer [==================================================>] 3.072kB/3.072kB 6cb620513867: Loading layer [==================================================>] 20.94MB/20.94MB 8f68617c13e6: Loading layer [==================================================>] 21.76MB/21.76MB Loaded image: goharbor/registry-photon:v2.0.0 464d98f962d2: Loading layer [==================================================>] 115.2MB/115.2MB 6f577ce93b49: Loading layer [==================================================>] 12.15MB/12.15MB 468b747374fb: Loading layer [==================================================>] 3.072kB/3.072kB c7d4e40274a2: Loading layer [==================================================>] 49.15kB/49.15kB 349c2528bf8f: Loading layer [==================================================>] 3.584kB/3.584kB 50765adb1994: Loading layer [==================================================>] 13.03MB/13.03MB Loaded image: goharbor/clair-photon:v2.0.0 f3ae9281f64f: Loading layer [==================================================>] 16.04MB/16.04MB 79de921bba64: Loading layer [==================================================>] 28.25MB/28.25MB a4826ccd0680: Loading layer [==================================================>] 22.02kB/22.02kB 527c0492bb8a: Loading layer [==================================================>] 50.6MB/50.6MB Loaded image: goharbor/notary-server-photon:v2.0.0 da380ff7675f: Loading layer [==================================================>] 39.44MB/39.44MB 3e72063a3c12: Loading layer [==================================================>] 3.072kB/3.072kB 87063a362784: Loading layer [==================================================>] 59.9kB/59.9kB 12042912d563: Loading layer [==================================================>] 61.95kB/61.95kB Loaded image: goharbor/redis-photon:v2.0.0 497d39fd8ed4: Loading layer [==================================================>] 10.28MB/10.28MB Loaded image: goharbor/nginx-photon:v2.0.0 db89bcd4a7aa: Loading layer [==================================================>] 12.22MB/12.22MB a3c69d8e6487: Loading layer [==================================================>] 3.072kB/3.072kB 22888c961e12: Loading layer [==================================================>] 2.56kB/2.56kB 15c04c0d67b3: Loading layer [==================================================>] 46.5MB/46.5MB 5e59e5738914: Loading layer [==================================================>] 5.632kB/5.632kB 2fb21742e876: Loading layer [==================================================>] 51.2kB/51.2kB ebe005c22385: Loading layer [==================================================>] 47.32MB/47.32MB e91a77a1cc5d: Loading layer [==================================================>] 2.56kB/2.56kB Loaded image: goharbor/harbor-core:v2.0.0 c9ad3414e408: Loading layer [==================================================>] 63.57MB/63.57MB 0aea7ae12d77: Loading layer [==================================================>] 60.58MB/60.58MB c3be2cda3349: Loading layer [==================================================>] 5.632kB/5.632kB 970c1e4372ae: Loading layer [==================================================>] 2.048kB/2.048kB 51e00ddbcdac: Loading layer [==================================================>] 2.56kB/2.56kB 27d44e884cd0: Loading layer [==================================================>] 2.56kB/2.56kB 3086c2ee0489: Loading layer [==================================================>] 2.56kB/2.56kB efd18d9ef79c: Loading layer [==================================================>] 10.24kB/10.24kB Loaded image: goharbor/harbor-db:v2.0.0 ad0a4ed99dd0: Loading layer [==================================================>] 12.22MB/12.22MB 50121125e459: Loading layer [==================================================>] 3.072kB/3.072kB 6d05b39a8c44: Loading layer [==================================================>] 2.56kB/2.56kB 5380ddc5210f: Loading layer [==================================================>] 35.68MB/35.68MB e8053e60aee7: Loading layer [==================================================>] 36.5MB/36.5MB Loaded image: goharbor/harbor-jobservice:v2.0.0 9fefe33a31db: Loading layer [==================================================>] 9.741MB/9.741MB a52a9b417697: Loading layer [==================================================>] 3.584kB/3.584kB 9b6c54642038: Loading layer [==================================================>] 3.072kB/3.072kB 6a32c528face: Loading layer [==================================================>] 20.34MB/20.34MB 526552ecb5a3: Loading layer [==================================================>] 9.317MB/9.317MB bc3e72205f25: Loading layer [==================================================>] 30.48MB/30.48MB Loaded image: goharbor/trivy-adapter-photon:v2.0.0 51193d3ba093: Loading layer [==================================================>] 77.29MB/77.29MB 398b7c3413c0: Loading layer [==================================================>] 48.31MB/48.31MB cb902b44bae6: Loading layer [==================================================>] 2.56kB/2.56kB 11d3bf655c22: Loading layer [==================================================>] 1.536kB/1.536kB 3d373d988076: Loading layer [==================================================>] 18.43kB/18.43kB 755d5115a4fd: Loading layer [==================================================>] 3.751MB/3.751MB 5d456b2e2b47: Loading layer [==================================================>] 249.3kB/249.3kB Loaded image: goharbor/prepare:v2.0.0 2128feaae029: Loading layer [==================================================>] 10.28MB/10.28MB c1e2c6faf4a4: Loading layer [==================================================>] 8.487MB/8.487MB 8728e424e45b: Loading layer [==================================================>] 178.7kB/178.7kB 243de4b81324: Loading layer [==================================================>] 157.2kB/157.2kB 1909dd7d54dc: Loading layer [==================================================>] 33.28kB/33.28kB e91e103cac7d: Loading layer [==================================================>] 17.41kB/17.41kB ef43ac036ce0: Loading layer [==================================================>] 15.36kB/15.36kB 3205feaa4e7b: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: goharbor/harbor-portal:v2.0.0 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ... prepare base dir is set to /usr/local/harbor WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https Clearing the configuration file: /config/log/logrotate.conf Clearing the configuration file: /config/log/rsyslog_docker.conf Clearing the configuration file: /config/nginx/nginx.conf Clearing the configuration file: /config/core/env Clearing the configuration file: /config/core/app.conf Clearing the configuration file: /config/registry/passwd Clearing the configuration file: /config/registry/config.yml Clearing the configuration file: /config/registry/root.crt Clearing the configuration file: /config/registryctl/env Clearing the configuration file: /config/registryctl/config.yml Clearing the configuration file: /config/db/env Clearing the configuration file: /config/jobservice/env Clearing the configuration file: /config/jobservice/config.yml Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/registryctl/config.yml Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Creating harbor-log ... done loaded secret from file: /data/secret/keys/secretkey Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir Creating harbor-db ... done Creating harbor-core ... done [Step 5]: starting Harbor ... Creating nginx ... done Creating registry ... Creating harbor-db ... Creating redis ... Creating harbor-portal ... Creating registryctl ... Creating harbor-core ... Creating harbor-jobservice ... Creating nginx ... ✔ ----Harbor has been installed and started successfully.---- [root@docker_node01 harbor]#
提示:從上面的信息能夠看到harbor導入了不少鏡像,而後基於各個鏡像間的關係提供配置文件,而後按照必定的依賴關係順序啓動爲容器;咱們用docker images 能夠來看看它導入了那些鏡像
[root@docker_node01 harbor]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE goharbor/chartmuseum-photon v2.0.0 4db8d6aa63e9 3 weeks ago 127MB goharbor/redis-photon v2.0.0 c89ea2e53cc0 3 weeks ago 72.2MB goharbor/trivy-adapter-photon v2.0.0 6122c52b7e48 3 weeks ago 103MB goharbor/clair-adapter-photon v2.0.0 dd2210cb7f53 3 weeks ago 62MB goharbor/clair-photon v2.0.0 f7c7fcc52278 3 weeks ago 171MB goharbor/notary-server-photon v2.0.0 983ac10ed8be 3 weeks ago 143MB goharbor/notary-signer-photon v2.0.0 bee1b6d75e0d 3 weeks ago 140MB goharbor/harbor-registryctl v2.0.0 c53c32d58d04 3 weeks ago 102MB goharbor/registry-photon v2.0.0 afdc1b7ada36 3 weeks ago 84.5MB goharbor/nginx-photon v2.0.0 17892f03e56c 3 weeks ago 43.6MB goharbor/harbor-log v2.0.0 5f8ff08e795c 3 weeks ago 82MB goharbor/harbor-jobservice v2.0.0 c68a2495bf55 3 weeks ago 116MB goharbor/harbor-core v2.0.0 3aa3af64baf8 3 weeks ago 138MB goharbor/harbor-portal v2.0.0 e0b1d3c894c4 3 weeks ago 52.4MB goharbor/harbor-db v2.0.0 5c76f0296cec 3 weeks ago 154MB goharbor/prepare v2.0.0 7266d49995ed 3 weeks ago 158MB [root@docker_node01 harbor]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 909486114bab goharbor/nginx-photon:v2.0.0 "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes (healthy) 0.0.0.0:80->8080/tcp nginx 201af4781190 goharbor/harbor-jobservice:v2.0.0 "/harbor/entrypoint.…" 2 minutes ago Up 2 minutes (healthy) harbor-jobservice d926598a1b4b goharbor/harbor-core:v2.0.0 "/harbor/entrypoint.…" 2 minutes ago Up 2 minutes (healthy) harbor-core b655e8bb9da3 goharbor/harbor-portal:v2.0.0 "nginx -g 'daemon of…" 2 minutes ago Up 2 minutes (healthy) 8080/tcp harbor-portal 596d050acf8b goharbor/registry-photon:v2.0.0 "/home/harbor/entryp…" 2 minutes ago Up 2 minutes (healthy) 5000/tcp registry 88a6b3335d25 goharbor/harbor-registryctl:v2.0.0 "/home/harbor/start.…" 2 minutes ago Up 2 minutes (healthy) registryctl cf8db1840524 goharbor/harbor-db:v2.0.0 "/docker-entrypoint.…" 2 minutes ago Up 2 minutes (healthy) 5432/tcp harbor-db 5d522f8f3c38 goharbor/redis-photon:v2.0.0 "redis-server /etc/r…" 2 minutes ago Up 2 minutes (healthy) 6379/tcp redis 020fbf3571a2 goharbor/harbor-log:v2.0.0 "/bin/sh -c /usr/loc…" 2 minutes ago Up 2 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log [root@docker_node01 harbor]#
提示:能夠看到本地倉庫中多了不少鏡像,同時也啓動了不少容器;其中名爲nginx的容器把80端口暴露到數組機上了;到此harbor就安裝好了;接下來咱們訪問宿主機的80端口看看是否可以訪問到harbor
提示:以上就是harbor的web 頁面,默認用戶名是admin密碼是Harbor12345
登陸harbor web頁面
提示:咱們就能夠基於這個web頁面來作管理了;接下來咱們先建立一個用戶和項目,而後在經過docker push上傳鏡像到harbor上
建立用戶
提示:填寫好以上信息,點擊肯定用戶就建立好了;
建立項目
提示:若是建立的項目是私有的,把訪問級別後面的公開對勾取消便可
從別的docker主機上上傳鏡像到harbor
提示:使用非https的倉庫必需要在daemon.json文件中配置insecure-registries來聲明不安全的鏡像倉庫地址;
提示:這裏提示咱們未受權;接下來咱們去web管理頁面受權qiuhom是test項目的成員;
提示:如今咱們把qiuhom這個用戶設置爲test這個項目的管理員,如今咱們在以qiuhom的身份推鏡像到test項目中,看看是否可以成功把進行推送到harbor上?
[root@docker_node02 ~]# docker push node01.docker-registry.io/test/nginx:1.14-alpine The push refers to repository [node01.docker-registry.io/test/nginx] 076c58d2644f: Pushed b2cbae4b8c15: Pushed 5ac9a5170bf2: Pushed a464c54f93a9: Pushed 1.14-alpine: digest: sha256:a3a0c4126587884f8d3090efca87f5af075d7e7ac8308cffc09a5a082d5f4760 size: 1153 [root@docker_node02 ~]#
提示:此次推送鏡像沒有報錯,咱們去web頁面中看看鏡像是否推送到test項目中去了?
驗證:在harborweb界面看看是否有咱們推上去的鏡像?
用其餘docker主機下載harbor上的鏡像
提示:能夠看到如今咱們搭建的harbor是能夠正常下載和上傳鏡像的;管理鏡像咱們能夠經過web頁面管理便可,我這裏就不去演示了;接下來咱們再來講說在命令行用docker-compose啓動harbor和中止harbor吧
中止harbor
提示:用docker-compose中止harbor須要先進入到harbor目錄下,而後執行docker-compose stop 這條命令會去尋找docker-compose.yml文件,根據文件中定義的服務來中止容器;這個有點相似docker build命令,找Dockerfile文件,而docker-compose 是找docker-compose.yml;這裏還須要注意一點的是這個文件名必須是docker-compose.yml;
啓動harbor
提示:啓動huabor同中止harbor同樣都必須在docker-compose.yml文件所在目錄下執行docker-compose start 或docker-compose up -d ;
相關文章
- 1. 私有容器鏡像倉庫harbor
- 2. 容器技術之Docker私有鏡像倉庫docker-distribution
- 3. Harbor 私有鏡像倉庫
- 4. Harbor私有鏡像倉庫
- 5. 私有鏡像倉庫Harbor
- 6. 搭建Harbor鏡像(docker)私有倉庫
- 7. 搭建docker私有鏡像倉庫harbor
- 8. Harbor私有鏡像倉庫(下)
- 9. 私有鏡像倉庫Harbor部署
- 10. Harbor私有鏡像倉庫(上)
- 更多相關文章...
- • Docker 鏡像加速 - Docker教程
- • Docker 鏡像使用 - Docker教程
- • Docker容器實戰(一) - 封神Server端技術
- • Docker容器實戰(七) - 容器眼光下的文件系統
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章