Harbor介绍
Harbor 是为企业用户设计的开源镜像仓库项目,包括了权限管理(RBAC)、LDAP、审计、安全漏洞扫描、镜像验真、管理界面、自我注册、HA等企业必需的功能,同时针对中国用户的特点,设计镜像复制和中文支持等功能。
Harbor安装部署
bash
# 1.harbor安装的环境要求
# 安装Harbor必须有docker环境和docker-compose环境
yum install -y docker-ce
yum install -y docker-compose
# 2.解压harbor安装包
[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
[root@docker ~]# tar xf harbor-offline-installer-v2.10.0.tgz
[root@docker ~]cd harbor
[root@docker ~/harbor]# ll
total 605144
-rw-r--r-- 1 root root 619632806 Sep 4 2019 harbor.v1.9.0.tar.gz
-rw-r--r-- 1 root root 5805 Sep 4 2019 harbor.yml.tmpl
-rwxr-xr-x 1 root root 5088 Sep 4 2019 install.sh
-rw-r--r-- 1 root root 11347 Sep 4 2019 LICENSE
-rwxr-xr-x 1 root root 1748 Sep 4 2019 prepare
# 3.复制配置模版并修改harbor配置
[root@docker ~/harbor]# cp -a harbor.yml.tmpl harbor.yml
[root@docker ~/harbor]# vim harbor.yml
hostname: hub.if010.com
harbor_admin_password: Harbor12345
# 4.执行安装脚本
[root@docker ~/harbor]# sh install.sh
[Step 1]: loading Harbor images ...
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
# 5.启动docker
[root@docker ~/harbor]# systemctl start docker
[root@docker ~/harbor]# sh install.sh
[Step 0]: checking installation environment ...
Note: docker version: 24.0.7
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
...
...
[Step 2]: preparing environment ...
...
...
Creating redis ... done
Creating harbor-core ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-db ...
Creating registryctl ...
Creating harbor-portal ...
Creating redis ...
Creating registry ...
Creating harbor-core ...
Creating nginx ...
Creating harbor-jobservice ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://10.0.0.200.
For more details, please visit https://github.com/goharbor/harbor .
浏览器访问 https://hub.if010.com
默认用户名:admin
密码:Harbor12345
bash
// 看下,拉了一堆镜像
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.10.0 1d3fdd3d102d 2 months ago 106MB
goharbor/redis-photon v2.10.0 5083850c5206 2 months ago 165MB
goharbor/trivy-adapter-photon v2.10.0 5873942a56be 2 months ago 478MB
goharbor/harbor-registryctl v2.10.0 7a3b7d7d972c 2 months ago 149MB
goharbor/registry-photon v2.10.0 9baecb934ded 2 months ago 83.4MB
goharbor/nginx-photon v2.10.0 d1010aed334c 2 months ago 154MB
goharbor/harbor-log v2.10.0 518f000ddf00 2 months ago 164MB
goharbor/harbor-jobservice v2.10.0 4960b98063d3 2 months ago 140MB
goharbor/harbor-core v2.10.0 00c9a2f5729c 2 months ago 168MB
goharbor/harbor-portal v2.10.0 f3d83a4e7733 2 months ago 163MB
goharbor/harbor-db v2.10.0 8215768668f6 2 months ago 269MB
goharbor/prepare v2.10.0 2ac2fd8f7595 2 months ago 208MB
Harbor的使用
harbor新建项目
新建一个if010项目,在里面可以看到相关推送镜像的命令。
harbor上传镜像
将本地镜像上传至harbor的if010项目仓库中
bash
# 1.修改镜像名称
# 查看镜像
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest e4720093a3c1 9 days ago 187MB
# 给镜像改名(会生成一个新的镜像,与原镜像同一个ID)
[root@docker ~]# docker tag nginx:latest hub.if010.com/if010/nginx:latest
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest e4720093a3c1 9 days ago 187MB
hub.if010.com/if010/nginx latest e4720093a3c1 9 days ago 187MB
###命名规则###
照着上面截图命名即可:
harbor服务器地址/项目名称/镜像名称:标签
hub.if010.com/if010/nginx:latest
# 2.修改docker配置文件,信任harbor仓库地址
# 如果证书是真实有效的话可以不进行该项配置
[root@docker /etc/docker]# vim daemon.json
{
"bip": "192.168.10.1/24",
"registry-mirrors": ["https://pgz00k39.mirror.aliyuncs.com"],
"insecure-registries": ["https://hub.if010.com"]
}
[root@docker01 ~]# systemctl restart docker
# 3.登录harbor
[root@docker ~]# docker login hub.if010.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# 4.推送镜像
[root@docker ~]# docker push hub.if010.com/if010/nginx:latest
Using default tag: latest
The push refers to repository [hub.if010.com/if010/nginx:latest]
61a7fb4dabcd: Pushed
bcc6856722b7: Pushed
188d128a188c: Pushed
7d52a4114c36: Pushed
3137f8f0c641: Pushed
84619992a45b: Pushed
ceb365432eec: Pushed
latest: digest: sha256:678226242061e7dd8c007c32a060b7695318f4571096cbeff81f84e50787f581 size: 1778
刷新查看: