828华为云征文|华为云Flexus X实例docker部署harbor镜像仓库
- 华为云最近正在举办828 B2B企业节,Flexus X实例的促销力度非常大,特别适合那些对算力性能有高要求的小伙伴。如果你有自建MySQL、Redis、Nginx等服务的需求,一定不要错过这个机会。赶紧去看看吧!
什么是华为云Flexus X实例
- 华为云Flexus X实例云服务是新一代开箱即用、体验跃级、面向中小企业和开发者打造的高品价比云服务产品。
- Flexus云服务器X实例是新一代面向中小企业和开发者打造的柔性算力云服务器,可智能感知业务负载,适用于电商直播、企业建站、开发测试环境、游戏服务器、音视频服务等中低负载场景。
开始接触华为云Flexus云服务器X实例
-
获取华为云Flexus云服务器X实例后第一步就是先去华为云上重置服务器密码
-
重置完毕后用ssh工具登录华为云服务器,这里我用的是finalshell,也可以用其他工具登陆比如xshell或者Putty都可以
-
登录上去查看硬盘大小,可以看到是100g硬盘,硬盘总大小是正常的
root@flexusx-ebe8:~# df -h
Filesystem Size Used Avail Use% Mounted on
tmpfs 1.2G 1.1M 1.2G 1% /run
/dev/vda1 99G 4.2G 90G 5% /
tmpfs 5.7G 0 5.7G 0% /dev/shm
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 1.2G 4.0K 1.2G 1% /run/user/0 -
然后输入
ufw status
可以看到默认防火墙是关闭的,因此我们就不需要额外再去配置端口开放相关的配置,只要在华为云安全组配置端口开放就可以了root@flexusx-ebe8:~# ufw status
Status: inactive
docker环境的安装
-
然后进行docker容器的安装,安装最新版本的docker
-
这里因为docker现在已经无法直接通过网络安装,所以我们通过离线安装的方式安装docker环境
-
从官网下载离线包
https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/
-
如图所示,把离线包传到服务器上,进行安装
dpkg -i *.deb
-
查看安装的docker版本
root@flexusx-ebe8:/home/docker# docker -v
Docker version 27.1.2, build d01f264
docker-compose安装
-
docker容器安装完毕后,开始安装docker-compose
-
https://github.com/docker/compose/tags
离线下载docker-compose的包 -
因为我是x86-64的环境,所以从中找到docker-compose-linux-x86_64进行下载
-
下载完毕后上传到服务器,然后执行
sudo cp -f docker-compose-linux-x86_64 /usr/local/bin/docker-compose
-
然后授予可执行权限,
sudo chmod +x /usr/local/bin/docker-compose
-
查看docker-compose版本
root@flexusx-ebe8:/# sudo docker-compose -v
Docker Compose version v2.29.2 -
这样docker-compose就安装完毕了
什么是habor
- Harbor 是一个开源的云原生镜像仓库,旨在增强 Docker 容器镜像的管理和安全性。它最初由 VMware 开发,现在是 CNCF(云原生计算基金会)的一部分。Harbor 为容器镜像提供了全面的管理能力,包括镜像的存储、分发、安全性扫描、访问控制和镜像签名等功能。
- 简单的来说,harbor就是私人镜像仓库,一些自制的docker镜像可以保存到harbor中,然后在docker中配置好harbor的地址与证书,就可以直接从harbor中拉取之前上传的镜像
harbor安装
-
先去github上下载harbor的离线安装包,
https://github.com/goharbor/harbor/releases
-
把离线文件包传到服务器上
root@flexusx-ebe8:/home/docker/harbor# ls
harbor-offline-installer-v2.11.1.tgz -
把文件解压
tar zxvf harbor-offline-installer-v2.11.1.tgz
,然后进入文件夹cd harbor
-
查看解压后的文件
root@flexusx-ebe8:/home/docker/harbor/harbor# ls
common.sh harbor.v2.11.1.tar.gz harbor.yml.tmpl install.sh LICENSE prepare -
对harbor进行配置,
cp harbor.yml.tmpl harbor.yml
,vi harbor.yml
-
开始执行脚本预备工作,可能会存在镜像拉取不到的情况,给docker设置国内源即可解决
root@flexusx-ebe8:/home/docker/harbor/harbor# ./prepare
prepare base dir is set to /home/docker/harbor/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir -
开始执行脚本进行安装
[+] Running 10/10
✔ Network harbor_harbor Created 0.1s
✔ Container harbor-log Started 0.3s
✔ Container harbor-db Started 0.7s
✔ Container harbor-portal Started 0.7s
✔ Container registry Started 0.7s
✔ Container registryctl Started 0.5s
✔ Container redis Started 0.5s
✔ Container harbor-core Started 0.9s
✔ Container harbor-jobservice Started 1.1s
✔ Container nginx Started 1.1s
✔ ----Harbor has been installed and started successfully.----
-
查看 Harbor 服务状态
root@flexusx-ebe8:/home/docker/harbor/harbor# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9f52d35d9ddc goharbor/harbor-jobservice:v2.11.1 "/harbor/entrypoint...." 11 minutes ago Up 10 minutes (healthy) harbor-jobservice
cdb2d29af0fc goharbor/nginx-photon:v2.11.1 "nginx -g 'daemon of..." 11 minutes ago Up 11 minutes (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
3b82a4952c62 goharbor/harbor-core:v2.11.1 "/harbor/entrypoint...." 11 minutes ago Up 11 minutes (healthy) harbor-core
7bef4d6c41ef goharbor/redis-photon:v2.11.1 "redis-server /etc/r..." 11 minutes ago Up 11 minutes (healthy) redis
1fa4be74817e goharbor/harbor-portal:v2.11.1 "nginx -g 'daemon of..." 11 minutes ago Up 11 minutes (healthy) harbor-portal
7a02163e92c2 goharbor/harbor-registryctl:v2.11.1 "/home/harbor/start...." 11 minutes ago Up 11 minutes (healthy) registryctl
9170b74b6dc7 goharbor/registry-photon:v2.11.1 "/home/harbor/entryp..." 11 minutes ago Up 11 minutes (healthy) registry
5c108493e04f goharbor/harbor-db:v2.11.1 "/docker-entrypoint...." 11 minutes ago Up 11 minutes (healthy) harbor-db
b096375f4701 goharbor/harbor-log:v2.11.1 "/bin/sh -c /usr/loc..." 11 minutes ago Up 11 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log -
此时harbor已经安装完毕,但还需要去华为云的安全组开启端口进行访问
配置Flexus云服务器X实例安全组
-
经过上面部署harbor服务,这时候服务是已经部署完毕了,但是我们还没法通过外网进行访问,还需要对Flexus云服务器X安全组的配置进行修改
-
进入安全组的配置页面
-
新建安全组
-
这里我们开放80端口
-
然后加入新建的安全组
-
这样我们的实例的端口也就开放成功了
访问 Harbor Web 界面
-
输入弹性公网ip:80,访问页面
-
输入之前配置的账号密码登录
-
至此华为云Flexus X实例docker部署harbor镜像仓库完成