摘要:Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器,harbor使用的是官方的docker registry(v2命名是distribution)服务去完成。harbor在docker distribution的基础上增加了一些安全、访问控制、管理的功能以满足企业对于镜像仓库的需求。安装Harbor之前需要安装docker
一、安装Docker Compose
1.从github仓库中拉取 Docker Compose 版本 1.22.0
bash
curl -L "https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose2.对二进制文件应用可执行权限
bash
chmod +x /usr/local/bin/docker-compose 3.查看docker-compose是否安装成功
bash
[root@node ~]# docker-compose --version
Docker Compose version v2.20.3二、安装docker harbor
1.下载 harbor 的安装包(建议使用本地下载上传比较快一点)
bash
wget https://github.com/goharbor/harbor/releases/download/v2.8.4/harbor-offline-installer-v2.8.4.tgz2.下载完后进行解压
bash
tar -xvf harbor-offline-installer-v2.8.4.tgz -C /usr/local/3.编辑配置文件
bash
[root@node ~]# cd /usr/local/harbor/
# 复制一份harbor的配置文件并改名harbor.yml
[root@node harbor]# cp harbor.yml.tmpl harbor.yml
# vim进入配置文件
[root@node harbor]# vim harbor.yml
hostname: 39.101.73.202 #这里配置的监听地址,也可以是域名
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 8000 #这里配置监听端口(没有配置证书启动后会报错,再13行-18行)4.安装harbor
bash
# Harbor安装环境预处理,安装依赖项、设置权限等
[root@node harbor]# ./prepare
# 安装并启动Harbor
[root@node harbor]# ./install.sh
# 检查是否安装成功(应该是启动9个容器)要在harbor目录下操作,否则docker-compose会有问题;
[root@node harbor]# docker-compose ps -a
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
harbor-core goharbor/harbor-core:v2.8.4 "/harbor/entrypoint...." core 29 seconds ago Up 26 seconds (health: starting)
harbor-db goharbor/harbor-db:v2.8.4 "/docker-entrypoint...." postgresql 29 seconds ago Up 27 seconds (health: starting)
harbor-jobservice goharbor/harbor-jobservice:v2.8.4 "/harbor/entrypoint...." jobservice 29 seconds ago Up 21 seconds (health: starting)
harbor-log goharbor/harbor-log:v2.8.4 "/bin/sh -c /usr/loc..." log 29 seconds ago Up 28 seconds (health: starting) 127.0.0.1:1514->10514/tcp
harbor-portal goharbor/harbor-portal:v2.8.4 "nginx -g 'daemon of..." portal 29 seconds ago Up 27 seconds (health: starting)
nginx goharbor/nginx-photon:v2.8.4 "nginx -g 'daemon of..." proxy 29 seconds ago Up 25 seconds (health: starting) 0.0.0.0:8000->8080/tcp, :::8000->8080/tcp
redis goharbor/redis-photon:v2.8.4 "redis-server /etc/r..." redis 29 seconds ago Up 27 seconds (health: starting)
registry goharbor/registry-photon:v2.8.4 "/home/harbor/entryp..." registry 29 seconds ago Up 27 seconds (health: starting)
registryctl goharbor/harbor-registryctl:v2.8.4 "/home/harbor/start...." registryctl 29 seconds ago Up 27 seconds (health: starting) 5.启动harbor
bash
[root@node harbor]# docker-compose down #停止harbor
[root@node harbor]# docker-compose up -d #启动harbor6.访问harbor页面
访问地址:(ip:端口)39.101.73.202:8000 用户名:admin 密码:Harbor12345 登录进入;
7.修改 docker 配置
bash
vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://ggsypcee.mirror.aliyuncs.com"],
"insecure-registries": ["39.101.73.202:8000"]
}
# 重启docker和harbor容器
[root@node harbor]# systemctl restart docker
[root@node harbor]# docker-compose up -d
# docker登录方式
[root@node harbor]# docker login 39.101.73.202:8000
# 或者
[root@node harbor]# docker login -uadmin -pHarbor12345 39.101.73.202:8000
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded