828华为云征文｜华为云Flexus X实例docker部署harbor镜像仓库

华为云最近正在举办828 B2B企业节，Flexus X实例的促销力度非常大，特别适合那些对算力性能有高要求的小伙伴。如果你有自建MySQL、Redis、Nginx等服务的需求，一定不要错过这个机会。赶紧去看看吧！

什么是华为云Flexus X实例

华为云Flexus X实例云服务是新一代开箱即用、体验跃级、面向中小企业和开发者打造的高品价比云服务产品。
Flexus云服务器X实例是新一代面向中小企业和开发者打造的柔性算力云服务器，可智能感知业务负载，适用于电商直播、企业建站、开发测试环境、游戏服务器、音视频服务等中低负载场景。

开始接触华为云Flexus云服务器X实例

获取华为云Flexus云服务器X实例后第一步就是先去华为云上重置服务器密码
重置完毕后用ssh工具登录华为云服务器，这里我用的是finalshell，也可以用其他工具登陆比如xshell或者Putty都可以
登录上去查看硬盘大小，可以看到是100g硬盘，硬盘总大小是正常的

root@flexusx-ebe8:~# df -h
Filesystem Size Used Avail Use% Mounted on
tmpfs 1.2G 1.1M 1.2G 1% /run
/dev/vda1 99G 4.2G 90G 5% /
tmpfs 5.7G 0 5.7G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 1.2G 4.0K 1.2G 1% /run/user/0
然后输入 ufw status可以看到默认防火墙是关闭的，因此我们就不需要额外再去配置端口开放相关的配置，只要在华为云安全组配置端口开放就可以了

root@flexusx-ebe8:~# ufw status
Status: inactive

docker环境的安装

然后进行docker容器的安装，安装最新版本的docker
这里因为docker现在已经无法直接通过网络安装，所以我们通过离线安装的方式安装docker环境
从官网下载离线包

https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/

如图所示，把离线包传到服务器上，进行安装

dpkg -i *.deb
查看安装的docker版本

root@flexusx-ebe8:/home/docker# docker -v
Docker version 27.1.2, build d01f264

docker-compose安装

docker容器安装完毕后，开始安装docker-compose
https://github.com/docker/compose/tags离线下载docker-compose的包
因为我是x86-64的环境，所以从中找到docker-compose-linux-x86_64进行下载
下载完毕后上传到服务器，然后执行 sudo cp -f docker-compose-linux-x86_64 /usr/local/bin/docker-compose
然后授予可执行权限，sudo chmod +x /usr/local/bin/docker-compose
查看docker-compose版本

root@flexusx-ebe8:/# sudo docker-compose -v
Docker Compose version v2.29.2
这样docker-compose就安装完毕了

什么是habor

Harbor 是一个开源的云原生镜像仓库，旨在增强 Docker 容器镜像的管理和安全性。它最初由 VMware 开发，现在是 CNCF（云原生计算基金会）的一部分。Harbor 为容器镜像提供了全面的管理能力，包括镜像的存储、分发、安全性扫描、访问控制和镜像签名等功能。
简单的来说，harbor就是私人镜像仓库，一些自制的docker镜像可以保存到harbor中，然后在docker中配置好harbor的地址与证书，就可以直接从harbor中拉取之前上传的镜像

harbor安装

先去github上下载harbor的离线安装包，https://github.com/goharbor/harbor/releases
把离线文件包传到服务器上

root@flexusx-ebe8:/home/docker/harbor# ls
harbor-offline-installer-v2.11.1.tgz
把文件解压tar zxvf harbor-offline-installer-v2.11.1.tgz，然后进入文件夹 cd harbor
查看解压后的文件

root@flexusx-ebe8:/home/docker/harbor/harbor# ls
common.sh harbor.v2.11.1.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
对harbor进行配置，cp harbor.yml.tmpl harbor.yml，vi harbor.yml
开始执行脚本预备工作，可能会存在镜像拉取不到的情况，给docker设置国内源即可解决

root@flexusx-ebe8:/home/docker/harbor/harbor# ./prepare
prepare base dir is set to /home/docker/harbor/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
开始执行脚本进行安装

[+] Running 10/10
✔ Network harbor_harbor Created 0.1s
✔ Container harbor-log Started 0.3s
✔ Container harbor-db Started 0.7s
✔ Container harbor-portal Started 0.7s
✔ Container registry Started 0.7s
✔ Container registryctl Started 0.5s
✔ Container redis Started 0.5s
✔ Container harbor-core Started 0.9s
✔ Container harbor-jobservice Started 1.1s
✔ Container nginx Started 1.1s
✔ ----Harbor has been installed and started successfully.----

查看 Harbor 服务状态

root@flexusx-ebe8:/home/docker/harbor/harbor# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9f52d35d9ddc goharbor/harbor-jobservice:v2.11.1 "/harbor/entrypoint...." 11 minutes ago Up 10 minutes (healthy) harbor-jobservice
cdb2d29af0fc goharbor/nginx-photon:v2.11.1 "nginx -g 'daemon of..." 11 minutes ago Up 11 minutes (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
3b82a4952c62 goharbor/harbor-core:v2.11.1 "/harbor/entrypoint...." 11 minutes ago Up 11 minutes (healthy) harbor-core
7bef4d6c41ef goharbor/redis-photon:v2.11.1 "redis-server /etc/r..." 11 minutes ago Up 11 minutes (healthy) redis
1fa4be74817e goharbor/harbor-portal:v2.11.1 "nginx -g 'daemon of..." 11 minutes ago Up 11 minutes (healthy) harbor-portal
7a02163e92c2 goharbor/harbor-registryctl:v2.11.1 "/home/harbor/start...." 11 minutes ago Up 11 minutes (healthy) registryctl
9170b74b6dc7 goharbor/registry-photon:v2.11.1 "/home/harbor/entryp..." 11 minutes ago Up 11 minutes (healthy) registry
5c108493e04f goharbor/harbor-db:v2.11.1 "/docker-entrypoint...." 11 minutes ago Up 11 minutes (healthy) harbor-db
b096375f4701 goharbor/harbor-log:v2.11.1 "/bin/sh -c /usr/loc..." 11 minutes ago Up 11 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log
此时harbor已经安装完毕，但还需要去华为云的安全组开启端口进行访问