部署 harbor`私有仓库

部署 harbor 私有仓库

下载 docker-compose-1.12.0

# wget https://github.com/docker/compose/releases/download/1.12.0/docker-compose-Linux-x86_64
# mv docker-compose-Linux-x86_64 /usr/bin/docker-compose
# chmod a+x  /usr/bin/docker-compose

下载 harbor-1.1.2

# wget  --continue https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-offline-installer-v1.1.2.tgz
# tar -xzvf harbor-offline-installer-v1.1.2.tgz
# cd harbor

导入离线安装包中 harbor 相关的 docker images

# docker load -i harbor.v1.1.2.tar.gz
dd60b611baaa: Loading layer [==================================================>]  133.2MB/133.2MB
0bfc226dc2e8: Loading layer [==================================================>]  1.536kB/1.536kB
66c3231118d2: Loading layer [==================================================>]  17.69MB/17.69MB
fe2c778bb727: Loading layer [==================================================>]  17.69MB/17.69MB
Loaded image: vmware/harbor-jobservice:v1.1.2
fe4c16cbf7a4: Loading layer [==================================================>]  128.9MB/128.9MB
c4a8b7411af4: Loading layer [==================================================>]  60.57MB/60.57MB
3f117c44afbb: Loading layer [==================================================>]  3.584kB/3.584kB
3569f62067e2: Loading layer [==================================================>]  17.86MB/17.86MB
Loaded image: vmware/nginx:1.11.5-patched
Loaded image: photon:1.0
4a050fccec52: Loading layer [==================================================>]  12.16MB/12.16MB
d918d73369ec: Loading layer [==================================================>]   17.3MB/17.3MB
22898836924e: Loading layer [==================================================>]  15.87kB/15.87kB
Loaded image: vmware/notary-photon:server-0.5.0
a39bd6a7f897: Loading layer [==================================================>]  10.95MB/10.95MB
6f79b8337a1f: Loading layer [==================================================>]   17.3MB/17.3MB
74bbd0e81dd0: Loading layer [==================================================>]  15.87kB/15.87kB
Loaded image: vmware/notary-photon:signer-0.5.0
2df722677b4c: Loading layer [==================================================>]  7.062MB/7.062MB
e5338f288c70: Loading layer [==================================================>]  7.062MB/7.062MB
Loaded image: vmware/harbor-adminserver:v1.1.2
b79e6c985050: Loading layer [==================================================>]  21.26MB/21.26MB
568e827ac2db: Loading layer [==================================================>]  7.168kB/7.168kB
e120e08d1ae8: Loading layer [==================================================>]  12.92MB/12.92MB
c678c146825f: Loading layer [==================================================>]  9.728kB/9.728kB
835ee5702bce: Loading layer [==================================================>]   2.56kB/2.56kB
eaf7ac0e9e24: Loading layer [==================================================>]  21.26MB/21.26MB
Loaded image: vmware/harbor-ui:v1.1.2
c8ef72937018: Loading layer [==================================================>]  67.93MB/67.93MB
01e57c31fb31: Loading layer [==================================================>]  3.584kB/3.584kB
ae8312f0516f: Loading layer [==================================================>]  3.072kB/3.072kB
47b646017cc6: Loading layer [==================================================>]  3.072kB/3.072kB
Loaded image: vmware/harbor-log:v1.1.2
5d6cbe0dbcf9: Loading layer [==================================================>]  129.2MB/129.2MB
435f2dfbd884: Loading layer [==================================================>]  344.6kB/344.6kB
814d7b59f0cc: Loading layer [==================================================>]  4.657MB/4.657MB
aae399245bd0: Loading layer [==================================================>]  1.536kB/1.536kB
21e2ae955f72: Loading layer [==================================================>]  33.84MB/33.84MB
a2d0f7b84059: Loading layer [==================================================>]  25.09kB/25.09kB
819fa6af55b8: Loading layer [==================================================>]  3.584kB/3.584kB
78914c99a468: Loading layer [==================================================>]  167.7MB/167.7MB
36e79c658afb: Loading layer [==================================================>]  6.144kB/6.144kB
f73503aca003: Loading layer [==================================================>]  9.216kB/9.216kB
a21b39f6da59: Loading layer [==================================================>]  1.536kB/1.536kB
2f0fcce131fa: Loading layer [==================================================>]   7.68kB/7.68kB
cbf999ad70ad: Loading layer [==================================================>]  4.608kB/4.608kB
8005207f317c: Loading layer [==================================================>]  4.608kB/4.608kB
Loaded image: vmware/harbor-db:v1.1.2
69c25b821c78: Loading layer [==================================================>]  22.79MB/22.79MB
5b403ac6f7ea: Loading layer [==================================================>]  3.584kB/3.584kB
9e2e304b5fe5: Loading layer [==================================================>]  2.048kB/2.048kB
Loaded image: vmware/registry:2.6.1-photon
78dbfa5b7cbc: Loading layer [==================================================>]  130.9MB/130.9MB
5f70bf18a086: Loading layer [==================================================>]  1.024kB/1.024kB
8deec01122be: Loading layer [==================================================>]  344.6kB/344.6kB
574ab36807f2: Loading layer [==================================================>]  1.536kB/1.536kB
d8f2cde2eef8: Loading layer [==================================================>]  20.48kB/20.48kB
eaa3924b054e: Loading layer [==================================================>]   5.12kB/5.12kB
8aa2c772121c: Loading layer [==================================================>]  184.3MB/184.3MB
c3014bbccb0b: Loading layer [==================================================>]  8.704kB/8.704kB
978a35efaa8c: Loading layer [==================================================>]  4.608kB/4.608kB
c2385ae7d6e5: Loading layer [==================================================>]   16.6MB/16.6MB
Loaded image: vmware/harbor-notary-db:mariadb-10.1.10

创建证书

# cd /etc/pki/CA
# vim /etc/pki/tls/openssl.cnf
countryName_default             = CN
stateOrProvinceName_default     = GuangDong
localityName_default            = ShenZhen
0.organizationName_default      = k8s
organizationalUnitName_default  = System
创建根证书
# openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt

harbor证书签名请求
# openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.key -out harbor.csr
# touch index.txt
# echo ‘01‘ > serial

解决x509: certificate signed by unknown authority
# echo subjectAltName = IP:192.168.22.137 > extfile.cnf

颁发证书
# openssl ca -in harbor.csr -out harbor.crt -cert ca.crt -keyfile ca.key -extfile extfile.cnf -outdir .
# mkdir /etc/harbor/ssl -p
# cp harbor.crt harbor.key /etc/harbor/ssl

配置 harbor

# vim harbor.cfg
hostname = 192.168.22.137 # 修改为本机IP或者域名
ui_url_protocol = https
ssl_cert = /etc/harbor/ssl/harbor.crt
ssl_cert_key = /etc/harbor/ssl/harbor.key
verify_remote_cert = off

加载和启动 harbor 镜像

# ./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 17.12.1

Note: docker-compose version: 1.12.0

[Step 1]: loading Harbor images ...
Loaded image: vmware/harbor-jobservice:v1.1.2
Loaded image: vmware/nginx:1.11.5-patched
Loaded image: photon:1.0
Loaded image: vmware/notary-photon:server-0.5.0
Loaded image: vmware/notary-photon:signer-0.5.0
Loaded image: vmware/harbor-adminserver:v1.1.2
Loaded image: vmware/harbor-ui:v1.1.2
Loaded image: vmware/harbor-log:v1.1.2
Loaded image: vmware/harbor-db:v1.1.2
Loaded image: vmware/registry:2.6.1-photon
Loaded image: vmware/harbor-notary-db:mariadb-10.1.10

[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/nginx.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.

[Step 3]: checking existing instance of Harbor ...

Note: stopping existing Harbor instance ...
Stopping harbor-jobservice ... done
Stopping harbor-ui ... done
Stopping registry ... done
Stopping harbor-adminserver ... done
Stopping harbor-db ... done
Stopping harbor-log ... done
Removing nginx ... done
Removing harbor-jobservice ... done
Removing harbor-ui ... done
Removing registry ... done
Removing harbor-adminserver ... done
Removing harbor-db ... done
Removing harbor-log ... done
Removing network harbor_harbor

[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log
Creating harbor-adminserver
Creating registry
Creating harbor-db
Creating harbor-ui
Creating harbor-jobservice
Creating nginx

? ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at https://192.168.22.137.
For more details, please visit https://github.com/vmware/harbor .

访问管理界面

浏览器访问 https://192.168.22.137

帐号:admin
密码:Harbor12345 (在harbor.cfg配置文件中)

修改 docker 启动项

解决x509: certificate signed by unknown authority
# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry=192.168.22.137
# systemctl daemon-reload
# systemctl restart docker

登录 docker registry

# docker login -u admin 192.168.22.137
Password:
Login Succeeded

贴标签
# docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.8.3 192.168.22.137/library/kubernetes-dashboard-amd64:v1.8.3

转存image到仓库
# docker push 192.168.22.137/library/kubernetes-dashboard-amd64:v1.8.3
The push refers to repository [192.168.22.137/library/kubernetes-dashboard-amd64]
23ddb8cbb75a: Pushed
v1.8.3: digest: sha256:050620264fb56824b1bc1b9876f9c17875d96bb9fb96d5c34027ddbf65786f62 size: 529

参考文章:
配置Harbor私有Docker镜像服务使用HTTPS请添加链接描述

原文地址:http://blog.51cto.com/hzde0128/2090317

时间: 2024-08-29 22:32:38

部署 harbor`私有仓库的相关文章

11.部署 harbor 私有仓库

11.部署 harbor 私有仓库 本文档介绍使用 docker-compose 部署 harbor 私有仓库的步骤,你也可以使用 docker 官方的 registry 镜像部署私有仓库(部署 Docker Registry). 使用的变量 本文档用到的变量定义如下: $ export NODE_IP=10.64.3.7 # 当前部署 harbor 的节点 IP $ 下载文件 从 docker compose 发布页面下载最新的 docker-compose 二进制文件 $ wget http

Harbor私有仓库中如何彻底删除镜像释放存储空间?

简介: Harbor私有仓库运行一段时间后,仓库中存有大量镜像,会占用太多的存储空间.直接通过Harbor界面删除相关镜像,并不会自动删除存储中的文件和镜像.需要停止Harbor服务,执行垃圾回收命令,进行存储空间清理和回收. 相关资料: 1.Harbor用户手册中的相关说明: Next, delete the actual files of the repository using the registry's garbage collection(GC). Make sure that no

Docker以https访问Harbor私有仓库(二)

1 说明 前文Centos7搭建Harbor私有仓库(二)中,我们以https方式搭建了Harbor,本篇我们主要配置Docker以https方式访问Harbor私有仓库 2 Docker配置 2.1 Mac系统 2.1.1 配置Docker Mac系统中只需配置Proferences -> Proxies使用System Proxy即可,如下: 2.1.2 登录私服验证 docker login registry.anxminise.cc #登录私服 2.2 Windows系统 待补充 2.3

NPM私有包部署到私有仓库

NPM私有包部署到私有仓库1.项目部署到NPM2.私有仓库的搭建1,项目部署到NPM注册NPM账号注册地址:https://www.npmjs.com/ 注册完成后进入邮箱验证 账号登录 npm login 登录成功用 npm who am i 进行验证 初始化npm库 npm init 然后依次输入相应的参数,其中version必填,最后生成的pagkage如下图 在pagkage同级写一个测试文件,向外暴露接口 至此,一个npm包创建完成 发布共有NPM包 npm publish 发布成功之

CentOS部署Harbor镜像仓库

关于Harbor Harbor是用于存储和分发Docker镜像的镜像仓库服务,相比Docker Registry,Harbor在安全.标识.管理等方面做了增强,更适合企业使用: 官方网站:https://goharbor.io/ 官方开源:https://github.com/goharbor/harbor 环境信息 今天要部署的Harbor版本是1.9.0,本次部署用的机器信息如下: 操作系统:CentOS Linux release 7.7.1908 Docker:19.03.2 docke

Centos 7.x部署Harbor镜像仓库

一.环境准备 OS:CentOS Linux release 7.5.1804 (Core)?IP:172.16.8.46 安装要求如下: 二.docker安装 参考https://blog.csdn.net/xiegh2014/article/details/80454019 三.安装docker-compose curl -L https://github.com/docker/compose/releases/download/1.21.0/docker-compose-$(uname -

Centos7搭建Harbor私有仓库(一)

1 说明 前文Centos7搭建DockerRegistry介绍了DockerRegistry的搭建,但它没有UI页面,因此选择Harbor 以下基于镜像CentOS-7-x86_64-Minimal-1804进行搭建 均已root用户进行操作 2 安装docker和docker-compose 参见Centos7安装DockerCE安装Docker引擎 2.1 安装docker-compose 1.下载docker-compose的最新版本 curl -L "https://github.co

Docker部署私有仓库(registry&Harbor)

仓库(Repository)是集中存放镜像的地方.一个容易混淆的概念是注册服务器(registry).实际上注册服务器是管理仓库的具体服务器,每个服务器上可以有多个仓库,而每个仓库下面有多个镜像.从这方面来说,仓库可以被认为是一个具体的项目或目录.例如对于仓库地址docker.sina.com.cn/centos:centos7来说,docekr.sian.com.cn是注册服务器地址,centos是仓库名,centos7是仓库的tag(标签). Docker Hub 官方仓库目前docker官

Docker私有仓库部署和管理

Docker私有仓库部署和管理 本章结构: Harbor介绍 部署Harbor所依赖的Docker Compose服务 部署Harbor服务 Harbor日常操作管理 Harbor管理生命周期 Harbor介绍 Harbor是VMware公司开源的企业级Docker Registry项目 Harbor的优势 基于角色控制 基于镜像的复制策略 支持LDAP目录服务/AD域服务 图像删除和垃圾收集 图形UI(可以访问Web界面) 审计 RESTful API Harbor架构组成 Proxy: 通过