阿里云主机使用 docker-compose 部署 harbor 镜像仓库

### 文章目录

  • [@[toc]](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [docker-compose 安装](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [harbor 安装](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [修改配置文件](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [导入离线镜像](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [部署前预处理](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [开始安装](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [开通安全策略组](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)
  • [docker 配置](#文章目录 @[toc] docker-compose 安装 harbor 安装 修改配置文件 导入离线镜像 部署前预处理 开始安装 开通安全策略组 docker 配置)

现在国内 dockerhub 镜像加速多多少少都有问题,这里采用离线包的方式来部署

harbor-github 下载地址

找到对应的版本,下载带有 offline 字眼的包,我这里部署的是 2.9.4 版本

docker-compose 安装

这里就默认大家都有 docker 环境

docker-compose-github 下载地址

我这里下载的是 v2.26.0 版本

shell 复制代码
cp docker-compose-linux-x86_64 /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose

验证 docker-compose 命令

shell 复制代码
docker-compose --version

正常返回版本号

shell 复制代码
Docker Compose version v2.26.0

harbor 安装

下载完成后,解压安装包

shell 复制代码
tar xvf harbor-offline-installer-v2.9.4.tgz
cd harbor

修改配置文件

shell 复制代码
cp harbor.yml.tmpl harbor.yml

我只修改了下面几个配置,然后注释了 https 的配置

yaml 复制代码
# 如果只是内网访问,设置为内网 IP,别用 127.0.0.1 或者 localhost 这种地址
# 如果需要外网访问,就必须设置为外网域名或 IP
hostname: core.harbor.domain.com
# 浏览器访问的端口,默认是 80,看自己的需要调整
http:
  port: 8888
# 没考虑 ssl,就注释了下面 https 相关的配置
#https:
#  # https port for harbor, default is 443
#  port: 443
#  # The path of cert and key files for nginx
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path
# harbor 的 admin 密码
harbor_admin_password: CN@harbor
# harbor 的数据持久化目录,选一个自己磁盘充足的目录
data_volume: /data/harbor-2.9.4/harbor-data

导入离线镜像

离线包的好处就是镜像都打包好了,直接导入就可以了

shell 复制代码
docker load -i harbor.v2.9.4.tar.gz

部署前预处理

./prepare

返回下面这些内容,说明预处理完成了

预处理就是把 harbor.yml 的内容,生成 harbor 的配置文件

prepare base dir is set to /data/harbor-2.9.4
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir

开始安装

./install.sh

一顿输出,看到 successfully 说明安装完成了

shell 复制代码
[Step 0]: checking if docker is installed ...

Note: docker version: 25.0.4

[Step 1]: checking docker-compose is installed ...

Note: Docker Compose version v2.24.7

[Step 2]: loading Harbor images ...
Loaded image: goharbor/nginx-photon:v2.9.4
Loaded image: goharbor/trivy-adapter-photon:v2.9.4
Loaded image: goharbor/harbor-portal:v2.9.4
Loaded image: goharbor/harbor-core:v2.9.4
Loaded image: goharbor/harbor-log:v2.9.4
Loaded image: goharbor/harbor-jobservice:v2.9.4
Loaded image: goharbor/harbor-exporter:v2.9.4
Loaded image: goharbor/prepare:v2.9.4
Loaded image: goharbor/harbor-db:v2.9.4
Loaded image: goharbor/harbor-registryctl:v2.9.4
Loaded image: goharbor/redis-photon:v2.9.4
Loaded image: goharbor/registry-photon:v2.9.4


[Step 3]: preparing environment ...

[Step 4]: preparing harbor configs ...
prepare base dir is set to /data/harbor-2.9.4
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir


Note: stopping existing Harbor instance ...


[Step 5]: starting Harbor ...
[+] Running 9/10
 ⠸ Network harbor-294_harbor    Created                                                                                                                                                   2.3s
 ✔ Container harbor-log         Started                                                                                                                                                   0.6s
 ✔ Container harbor-portal      Started                                                                                                                                                   1.2s
 ✔ Container registryctl        Started                                                                                                                                                   1.2s
 ✔ Container harbor-db          Started                                                                                                                                                   1.3s
 ✔ Container redis              Started                                                                                                                                                   1.0s
 ✔ Container registry           Started                                                                                                                                                   1.3s
 ✔ Container harbor-core        Started                                                                                                                                                   1.5s
 ✔ Container nginx              Started                                                                                                                                                   2.0s
 ✔ Container harbor-jobservice  Started                                                                                                                                                   1.9s
✔ ----Harbor has been installed and started successfully.----

查看服务

docker-compose ps

STATUS 这块都是 Up 就说明起来了

NAME                IMAGE                                COMMAND                  SERVICE       CREATED              STATUS                        PORTS
harbor-core         goharbor/harbor-core:v2.9.4          "/harbor/entrypoint...."   core          About a minute ago   Up About a minute (healthy)
harbor-db           goharbor/harbor-db:v2.9.4            "/docker-entrypoint...."   postgresql    About a minute ago   Up About a minute (healthy)
harbor-jobservice   goharbor/harbor-jobservice:v2.9.4    "/harbor/entrypoint...."   jobservice    About a minute ago   Up 58 seconds (healthy)
harbor-log          goharbor/harbor-log:v2.9.4           "/bin/sh -c /usr/loc..."   log           About a minute ago   Up About a minute (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       goharbor/harbor-portal:v2.9.4        "nginx -g 'daemon of..."   portal        About a minute ago   Up About a minute (healthy)
nginx               goharbor/nginx-photon:v2.9.4         "nginx -g 'daemon of..."   proxy         About a minute ago   Up About a minute (healthy)   0.0.0.0:9999->8080/tcp, :::9999->8080/tcp
redis               goharbor/redis-photon:v2.9.4         "redis-server /etc/r..."   redis         About a minute ago   Up About a minute (healthy)
registry            goharbor/registry-photon:v2.9.4      "/home/harbor/entryp..."   registry      About a minute ago   Up About a minute (healthy)
registryctl         goharbor/harbor-registryctl:v2.9.4   "/home/harbor/start...."   registryctl   About a minute ago   Up About a minute (healthy)

开通安全策略组

在阿里云控制台里面开启对应的网络安全策略组

docker 配置

这里可以配置内网的 ip 地址,只要公网能通,就不影响,配置到 /etc/docker/daemon.json 里面

json 复制代码
"insecure-registries": ["http://172.17.133.182:9999"]

登录验证

shell 复制代码
docker login 172.17.133.182:9999

输入用户名和密码,返回 Login Succeeded 说明成功了

WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
相关推荐
沈艺强27 分钟前
云计算答案
云计算
ZHOU西口1 小时前
微服务实战系列之玩转Docker(十八)
分布式·docker·云原生·架构·数据安全·etcd·rbac
Thanks_ks3 小时前
探索计算机互联网的奇妙世界:从基础到前沿的无尽之旅
物联网·云计算·区块链·tcp/ip协议·计算机互联网·万维网·未来科技
IT技术分享社区3 小时前
C#实战:使用腾讯云识别服务轻松提取火车票信息
开发语言·c#·云计算·腾讯云·共识算法
川石课堂软件测试6 小时前
性能测试|docker容器下搭建JMeter+Grafana+Influxdb监控可视化平台
运维·javascript·深度学习·jmeter·docker·容器·grafana
九河云10 小时前
AWS账号注册费用详解:新用户是否需要付费?
服务器·云计算·aws
神一样的老师10 小时前
利用亚马逊AWS IoT核心和MQTT进行数据采集的综合指南
云计算·aws
追风林14 小时前
mac 本地docker-mysql主从复制部署
mysql·macos·docker
城南vision15 小时前
Docker学习—Docker核心概念总结
java·学习·docker
wclass-zhengge16 小时前
Docker篇(Docker Compose)
运维·docker·容器