harbor镜像仓库-01-搭建部署
harbor的https配置参考另一章节
1. 安装docker和docker-compse
已安装的检查版本后跳过这一步
系统要求docker 17.03.0-ce +docker-compose 1.10.0+ 1.1 安装docker
###### 1.1.1 下载并安装阿里的docker-ce的yum仓库wget -O /etc/yum.repos.d/docker-ce.repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo###### 1.1.2 下载dockeryum install -y docker-ce###### 1.1.3 启动dockersystemctl enable dockersystemctl restart docker[root@docker centos]# docker versionClient: Version: 18.09.5 API version: 1.39 Go version: go1.10.8 Git commit: e8ff056 Built: Thu Apr 11 04:43:34 2019 OS/Arch: linux/amd64 Experimental: falseServer: Docker Engine - Community Engine: Version: 18.09.5 API version: 1.39 (minimum version 1.12) Go version: go1.10.8 Git commit: e8ff056 Built: Thu Apr 11 04:13:40 2019 OS/Arch: linux/amd64 Experimental: false
1.2 安装docker-compose
github上地址https://github.com/docker/compose
curl -L https://github.com/docker/compose/releases/download/1.16.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-compose[root@docker ~]# docker-compose versiondocker-compose version 1.16.1, build 6d1ac21docker-py version: 2.5.1CPython version: 2.7.13OpenSSL version: OpenSSL 1.0.1t 3 May 2016
2 安装harbor
项目地址https://github.com/goharbor/harbor
2.1 下载harbor安装包并解压
harbor安装分两种方式在线安装和离线安装,这里选在线安装
[root@docker ~]# wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installe-v1.5.1.tgz[root@docker ~]# tar xf harbor-offline-installer-v1.5.1.tgz -C /usr/share/[root@docker ~]# ll /usr/share/harbor/总用量 72drwxr-xr-x 4 root root 37 4月 15 14:25 common-rw-r--r-- 1 root root 1185 5月 7 2018 docker-compose.clair.yml-rw-r--r-- 1 root root 1725 5月 7 2018 docker-compose.notary.yml-rw-r--r-- 1 root root 3596 4月 16 13:14 docker-compose.ymldrwxr-xr-x 3 root root 136 5月 7 2018 ha-rw-r--r-- 1 root root 6678 4月 16 18:26 harbor.cfg-rwxr-xr-x 1 root root 5773 5月 7 2018 install.sh-rw-r--r-- 1 root root 10771 5月 7 2018 LICENSE-rw-r--r-- 1 root root 482 5月 7 2018 NOTICE-rwxr-xr-x 1 root root 27379 5月 7 2018 prepare
2.2 修改harbor配置文件harbor.cfg
在刚才解压完的目录下有harbor配置文件: harbor.cfg, 这里有几处必要配置需要修改:
# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhosthostname = 192.168.1.109# 访问协议,默认是http,也可以设置https,如果设置https,则nginx ssl需要设置onui_url_protocol = http# mysql数据库root用户默认密码root123,实际使用时修改下db_password = root123# 启动Harbor后,管理员UI登录的密码,默认是Harbor12345harbor_admin_password = Harbor12345123456# 是否开启自注册self_registration = on# Token有效时间,默认30分钟token_expiration = 30
2.3 开始安装
harbor安装只需要修改harbor配置文件后执行解压目录下的install.sh就可以,会根据dockerr-compose.yml开始自动下载依赖镜像,开始安装
[root@docker harbor]# ./install.sh[root@docker harbor]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEvmware/redis-photon v1.5.0 7c03076402d9 11 months ago 207MBvmware/registry-photon v2.6.2-v1.5.0 3059f44f4b9a 11 months ago 198MBvmware/nginx-photon v1.5.0 e100456182fc 11 months ago 135MBvmware/harbor-log v1.5.0 62bb6b8350d9 11 months ago 200MBvmware/harbor-jobservice v1.5.0 aca9fd2e867f 11 months ago 194MBvmware/harbor-ui v1.5.0 1055166068d0 11 months ago 212MBvmware/harbor-adminserver v1.5.0 019bc4544829 11 months ago 183MBvmware/harbor-db v1.5.0 82354dcf564f 11 months ago 526MB[root@docker harbor]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES4a822e918b86 vmware/nginx-photon:v1.5.0 "nginx -g 'daemon of…" 6 hours ago Up 5 hours (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx241c5199601f vmware/harbor-jobservice:v1.5.0 "/harbor/start.sh" 6 hours ago Up 5 hours harbor-jobservice81dda90b47dc vmware/harbor-ui:v1.5.0 "/harbor/start.sh" 6 hours ago Up 5 hours (healthy) harbor-ui3ccc6d78ded1 vmware/harbor-adminserver:v1.5.0 "/harbor/start.sh" 6 hours ago Up 5 hours (healthy) harbor-adminserverd2757eb19bc7 vmware/registry-photon:v2.6.2-v1.5.0 "/entrypoint.sh serv…" 6 hours ago Up 5 hours (healthy) 5000/tcp registry07e42e684e7b vmware/harbor-db:v1.5.0 "/usr/local/bin/dock…" 6 hours ago Up 5 hours (healthy) 3306/tcp harbor-db1e17cdf359cd vmware/redis-photon:v1.5.0 "docker-entrypoint.s…" 6 hours ago Up 5 hours 6379/tcp redis1a3c1227f448 vmware/harbor-log:v1.5.0 "/bin/sh -c /usr/loc…" 6 hours ago Up 5 hours (healthy) 127.0.0.1:1514->10514/tcp harbor-log
此时harbor进项仓库搭建成功,访问仓库
3 harbor镜像仓库的使用
3.1 配置docker客户端使用harbor
因为harbor默认是http,我们也没有配置https,所以修改下docker的配置,添加参数insecure-registries,使docker信任http地址:
所有使用harbor仓库的客户端都需要配置[root@docker ~]# cat /etc/docker/daemon.json{ "insecure-registries": ["192.168.1.109"]}然后重启docker服务[root@docker ~]# systemctl daemon-reload[root@docker ~]# systemctl restart docker 3.2 镜像的push与pull
###给镜像打标签:docker tag centos:latest 192.168.1.109/library/centos:latest###登陆仓库docker login -u admin -p admin 192.168.1.109###上传镜像docker push 192.168.1.109/library/centos:latest###下载镜像docker pull 192.168.1.109/library/centos:latest