部署Docker私有镜像仓库Harbor

Harbor介绍

Harbor 是为企业用户设计的开源镜像仓库项目,包括了权限管理(RBAC)、LDAP、审计、安全漏洞扫描、镜像验真、管理界面、自我注册、HA等企业必需的功能,同时针对中国用户的特点,设计镜像复制和中文支持等功能。

官网:https://goharbor.io/

Harbor安装部署

bash 复制代码
# 1.harbor安装的环境要求
# 安装Harbor必须有docker环境和docker-compose环境
yum install -y docker-ce
yum install -y docker-compose

# 2.解压harbor安装包
[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
[root@docker ~]# tar xf harbor-offline-installer-v2.10.0.tgz

[root@docker ~]cd harbor
[root@docker ~/harbor]# ll
total 605144
-rw-r--r-- 1 root root 619632806 Sep  4  2019 harbor.v1.9.0.tar.gz
-rw-r--r-- 1 root root      5805 Sep  4  2019 harbor.yml.tmpl
-rwxr-xr-x 1 root root      5088 Sep  4  2019 install.sh
-rw-r--r-- 1 root root     11347 Sep  4  2019 LICENSE
-rwxr-xr-x 1 root root      1748 Sep  4  2019 prepare

# 3.复制配置模版并修改harbor配置
[root@docker ~/harbor]# cp -a harbor.yml.tmpl harbor.yml
[root@docker ~/harbor]# vim harbor.yml
hostname: hub.if010.com
harbor_admin_password: Harbor12345

# 4.执行安装脚本
[root@docker ~/harbor]# sh install.sh
[Step 1]: loading Harbor images ...
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

# 5.启动docker
[root@docker ~/harbor]# systemctl start docker
[root@docker ~/harbor]# sh install.sh
[Step 0]: checking installation environment ...
Note: docker version: 24.0.7
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
...
...
[Step 2]: preparing environment ...
...
...
Creating redis ... done
Creating harbor-core ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-db ...
Creating registryctl ...
Creating harbor-portal ...
Creating redis ...
Creating registry ...
Creating harbor-core ...
Creating nginx ...
Creating harbor-jobservice ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://10.0.0.200.
For more details, please visit https://github.com/goharbor/harbor .

浏览器访问 https://hub.if010.com

默认用户名:admin

密码:Harbor12345

bash 复制代码
// 看下,拉了一堆镜像
[root@docker ~]# docker images 
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
goharbor/harbor-exporter        v2.10.0   1d3fdd3d102d   2 months ago   106MB
goharbor/redis-photon           v2.10.0   5083850c5206   2 months ago   165MB
goharbor/trivy-adapter-photon   v2.10.0   5873942a56be   2 months ago   478MB
goharbor/harbor-registryctl     v2.10.0   7a3b7d7d972c   2 months ago   149MB
goharbor/registry-photon        v2.10.0   9baecb934ded   2 months ago   83.4MB
goharbor/nginx-photon           v2.10.0   d1010aed334c   2 months ago   154MB
goharbor/harbor-log             v2.10.0   518f000ddf00   2 months ago   164MB
goharbor/harbor-jobservice      v2.10.0   4960b98063d3   2 months ago   140MB
goharbor/harbor-core            v2.10.0   00c9a2f5729c   2 months ago   168MB
goharbor/harbor-portal          v2.10.0   f3d83a4e7733   2 months ago   163MB
goharbor/harbor-db              v2.10.0   8215768668f6   2 months ago   269MB
goharbor/prepare                v2.10.0   2ac2fd8f7595   2 months ago   208MB

Harbor的使用

harbor新建项目

新建一个if010项目,在里面可以看到相关推送镜像的命令。

harbor上传镜像

将本地镜像上传至harbor的if010项目仓库中

bash 复制代码
# 1.修改镜像名称
# 查看镜像
[root@docker ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
nginx                           latest    e4720093a3c1   9 days ago     187MB
# 给镜像改名(会生成一个新的镜像,与原镜像同一个ID)
[root@docker ~]# docker tag nginx:latest hub.if010.com/if010/nginx:latest
[root@docker ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
nginx                           latest    e4720093a3c1   9 days ago     187MB
hub.if010.com/if010/nginx       latest    e4720093a3c1   9 days ago     187MB

###命名规则###
照着上面截图命名即可:
harbor服务器地址/项目名称/镜像名称:标签
hub.if010.com/if010/nginx:latest

# 2.修改docker配置文件,信任harbor仓库地址
# 如果证书是真实有效的话可以不进行该项配置
[root@docker /etc/docker]# vim daemon.json
{
 "bip": "192.168.10.1/24",
 "registry-mirrors": ["https://pgz00k39.mirror.aliyuncs.com"],
 "insecure-registries": ["https://hub.if010.com"]
}
[root@docker01 ~]# systemctl restart docker


# 3.登录harbor
[root@docker ~]# docker login hub.if010.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded


# 4.推送镜像
[root@docker ~]# docker push hub.if010.com/if010/nginx:latest
Using default tag: latest
The push refers to repository [hub.if010.com/if010/nginx:latest]
61a7fb4dabcd: Pushed 
bcc6856722b7: Pushed 
188d128a188c: Pushed 
7d52a4114c36: Pushed 
3137f8f0c641: Pushed 
84619992a45b: Pushed 
ceb365432eec: Pushed 
latest: digest: sha256:678226242061e7dd8c007c32a060b7695318f4571096cbeff81f84e50787f581 size: 1778

刷新查看:

相关推荐
追风林2 小时前
mac 本地docker-mysql主从复制部署
mysql·macos·docker
城南vision4 小时前
Docker学习—Docker核心概念总结
java·学习·docker
wclass-zhengge4 小时前
Docker篇(Docker Compose)
运维·docker·容器
梦魇梦狸º8 小时前
腾讯轻量云服务器docker拉取不到镜像的问题:拉取超时
docker·容器·github
鬼才血脉8 小时前
docker+mysql配置
mysql·adb·docker
詹姆斯爱研究Java8 小时前
Docker 的基本概念和优势
docker
南猿北者10 小时前
docker镜像仓库常用命令
运维·docker·容器
杨浦老苏10 小时前
Docker可视化管理面板DPanel的安装
运维·docker·群晖
航月12 小时前
FTP、ISCSI、CHRONY、DNS、NFS、DOCKER、MARIADB、NGINX、PHP、CA各服务开启方法
nginx·docker·mariadb
微刻时光12 小时前
Docker镜像分成
java·运维·开发语言·docker·容器·镜像