docker私库harbor的搭建

时间:2023-01-09 04:44:11

1、文件下载

# wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v1.5.1.tgz

docker私库harbor的搭建

安装官网参考

https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md

docker私库harbor的搭建

2、安装docker-compose(pip方式)

yum添加源

# yum install epel-release -y

docker私库harbor的搭建

docker私库harbor的搭建

清空yum缓存文件

# yum clean all

docker私库harbor的搭建

安装python-pip

# yum install python-pip -y

docker私库harbor的搭建

docker私库harbor的搭建

安装docker-compost

# pip install -U docker-compose

查看docker-compose版本

# docker-compose -v

docker私库harbor的搭建

解压

# tar zxvf harbor-online-installer-v1.5.1.tgz

docker私库harbor的搭建

docker私库harbor的搭建

修改Harbor的配置文件

# vi harbor.cfg

只修改hostname选项其他不需要改动

## Configuration file of Harbor

# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost
hostname = 172.16.1.146 # 访问协议,默认是http,也可以设置https,如果设置https,则nginx ssl需要设置on
ui_url_protocol = http # mysql数据库root用户默认密码root123,实际使用时修改下
db_password = root123 # 是否开启自注册,on开启,off关闭,可以关闭掉。
self_registration = off # 启动Harbor后,管理员UI登录的密码,默认是Harbor12345
harbor_admin_password = Harbor12345 #镜像同步job数量
max_job_workers = customize_crt = on #https时候使用
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA # 邮件设置,发送重置密码邮件时使用
email_identity =
email_server = smtp.mydomain.com
email_server_port =
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false # 认证方式,这里支持多种认证方式,如LADP、本次存储、数据库认证。默认是db_auth,mysql数据库认证
auth_mode = db_auth # LDAP认证时配置项
#ldap_url = ldaps://ldap.mydomain.com
#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com
#ldap_search_pwd = password
#ldap_basedn = ou=people,dc=mydomain,dc=com
#ldap_filter = (objectClass=person)
#ldap_uid = uid
#ldap_scope =
#ldap_timeout = # Token有效时间,默认30分钟
token_expiration = # 用户创建项目权限控制,默认是everyone(所有人),也可以设置为adminonly(只能管理员)
project_creation_restriction = everyone verify_remote_cert = on #日志数量
log_rotate_count = #单个日志大小
log_rotate_size = 200M

docker-compost配置修改(视情况修改)

修改页面端口

# vi docker-compose.yml

proxy:
image: vmware/nginx-photon:v1.5.1
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
#如果需要,可以修改对外端口为
# - 8888:80
- :
- :
- :
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"

修改common/templates/registry/onfig.yml

# cd common/templates/registry/

# vi config.yml

docker私库harbor的搭建

注意:不需要做任何改动

version: 0.1
log:
level: info
fields:
service: registry
storage:
cache:
layerinfo: inmemory
$storage_provider_info
maintenance:
uploadpurging:
enabled: false
delete:
enabled: true
http:
addr: :
secret: placeholder
debug:
addr: localhost:
auth:
token:
issuer: harbor-token-issuer
#如果需要,可以添加端口8888
#realm: $public_url/service/token
rootcertbundle: /etc/registry/root.crt
service: harbor-registry
notifications:
endpoints:
- name: harbor
disabled: false
url: $ui_url/service/notifications
timeout: 3000ms
threshold:
backoff: 1s

修改docker-compose.yml

# vi docker-compose.yml

docker私库harbor的搭建

version: ''
services:
log:
image: vmware/harbor-log:v1.5.1
container_name: harbor-log
restart: always
volumes:
#harbor日志目录
- /var/log/harbor/:/var/log/docker/:z
- ./common/config/log/:/etc/logrotate.d/:z
ports:
- 127.0.0.1::
networks:
- harbor
registry:
image: vmware/registry-photon:v2.6.2-v1.5.1
container_name: registry
restart: always
volumes:
#registry存储目录
- /data/registry:/storage:z
- ./common/config/registry/:/etc/registry/:z
networks:
- harbor
ports:
   - 5000:5000
environment:
- GODEBUG=netdns=cgo
command:
["serve", "/etc/registry/config.yml"]
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "registry"
mysql:
image: vmware/harbor-db:v1.5.1
container_name: harbor-db
restart: always
volumes:
- /data/database:/var/lib/mysql:z
networks:
- harbor
env_file:
- ./common/config/db/env
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "mysql"
adminserver:
image: vmware/harbor-adminserver:v1.5.1
container_name: harbor-adminserver
env_file:
- ./common/config/adminserver/env
restart: always
volumes:
- /data/config/:/etc/adminserver/config/:z
- /data/secretkey:/etc/adminserver/key:z
- /data/:/data/:z
networks:
- harbor
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "adminserver"
ui:
image: vmware/harbor-ui:v1.5.1
container_name: harbor-ui
env_file:
- ./common/config/ui/env
restart: always
volumes:
- ./common/config/ui/app.conf:/etc/ui/app.conf:z
- ./common/config/ui/private_key.pem:/etc/ui/private_key.pem:z
- ./common/config/ui/certificates/:/etc/ui/certificates/:z
- /data/secretkey:/etc/ui/key:z
- /data/ca_download/:/etc/ui/ca/:z
- /data/psc/:/etc/ui/token/:z
networks:
- harbor
depends_on:
- log
- adminserver
- registry
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "ui"
jobservice:
image: vmware/harbor-jobservice:v1.5.1
container_name: harbor-jobservice
env_file:
- ./common/config/jobservice/env
restart: always
volumes:
- /data/job_logs:/var/log/jobs:z
- ./common/config/jobservice/config.yml:/etc/jobservice/config.yml:z
networks:
- harbor
depends_on:
- redis
- ui
- adminserver
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "jobservice"
redis:
image: vmware/redis-photon:v1.5.1
container_name: redis
restart: always
volumes:
- /data/redis:/data
networks:
- harbor
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "redis"
proxy:
image: vmware/nginx-photon:v1.5.1
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
#如果需要,可以修改对外端口为
# - 8888:80
- :
- :
- :
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"
networks:
harbor:
external: false

安装

[root@localhost harbor]# sudo ./install.sh  --with-clair

docker私库harbor的搭建

docker私库harbor的搭建

# docker-compose ps

docker私库harbor的搭建

由于是http,直接登录会报错

[root@localhost harbor]# docker login 192.168.100.117
Username: admin
Password:
Error response from daemon: Get https://192.168.100.117/v2/: dial tcp 192.168.100.117:443: connect: connection refused

docker私库harbor的搭建

客户端配置修改

免https修改

修改/etc/docker/daemon.json,添加{"insecure-registries":["192.168.100.117"]}

# echo '{"insecure-registries":["192.168.100.117"]}' >> /etc/docker/daemon.json

# cat /etc/docker/daemon.json

# systemctl daemon-reload

# systemctl restart docker

docker私库harbor的搭建

再次登录

# docker-compose ps

docker私库harbor的搭建

# docker login 192.168.100.117

[root@localhost harbor]# docker login 192.168.100.117
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded

docker私库harbor的搭建

页面访问

启动完成后,我们访问刚设置的hostname即可http://192.168.100.117/,默认是80端口,如果端口占用,我们可以去修改docker-compose.yml文件中,对应服务的端口映射。

http://192.168.100.117/harbor/sign-in

docker私库harbor的搭建

页面正常访问

用户名:admin 
密码:Harbor12345

docker私库harbor的搭建

新建一个项目

docker私库harbor的搭建

查看如何push镜像到demo-project

docker私库harbor的搭建

# docker images

docker私库harbor的搭建

打标签并且上传

给镜像打tag

# docker tag centos:latest 192.168.100.117/demo-project/centos:latest

docker私库harbor的搭建

push到仓库

# docker push 192.168.100.117/demo-project/centos:latest

docker私库harbor的搭建

# docker images

docker私库harbor的搭建

查看是否成功

docker私库harbor的搭建

删除本地镜像,重新下载

# docker rmi 192.168.100.117/demo-project/centos

docker私库harbor的搭建

# docker pull 192.168.100.117/demo-project/centos

docker私库harbor的搭建

启动之后停止或启动harbor的话,可以使用命令:

$ sudo docker-compose -f ./docker-compose.yml -f ./docker-compose.chartmuseum.yml [ up|down|ps|stop|start ]

# sudo docker-compose -f /root/harbor/docker-compose.yml -f /root/harbor/docker-compose.clair.yml start

docker私库harbor的搭建

# sudo docker-compose -f /root/harbor/docker-compose.yml -f /root/harbor/docker-compose.clair.yml stop

docker私库harbor的搭建

更多使用说明参考:

https://github.com/vmware/harbor/blob/master/docs/user_guide.md

参考博客:

harbor安装和简单使用

https://blog.csdn.net/qq_30062125/article/details/82772087

docker私库harbor的搭建

https://www.cnblogs.com/smilezgy/p/9545553.html

docker镜像仓库harbor之搭建及配置

https://blog.csdn.net/aixiaoyang168/article/details/73549898

centos7.3搭建harbor
https://blog.csdn.net/qq12547345/article/details/79482468