Harbor 介绍
-
Harbor是一个开源的企业级Docker Registry服务,它提供了一个安全、可信赖的仓库来存储和管理Docker镜像。Harbor翻译为中文名称为"庇护;居住;"。可以理解为是Docker镜像的"居住环境"或者是镜像的"庇护所"。Harbor最初由VMware公司开发,旨在解决企业级Docker镜像管理的安全和可信任性问题。VMware于2016年发布,在2017年,VMware将Harbor开源,这使得更广泛的社区和组织可以自由地使用和贡献代码。Harbor是一个成熟、功能丰富且安全可靠的企业级Docker Registry服务,为企业容器化应用的部署和管理提供了强大的支持。
-
我们在日常 Docker 容器使用和管理过程中,渐渐发现部署企业私有仓库往往是很有必要的, 它可以帮助你管理企业的一些敏感镜像, 同时由于 Docker Hub 的下载速度和 GFW 的原因, 往往需要将一些无法直接下载的镜像导入本地私有仓库. 而 Harbor 就是部署企业私有仓库的一个不二之选。
Harbor 特性
- 基于角色的访问控制:用户与 Docker 镜像仓库通过"项目"进行组织管理,一个用户可以对多个镜像仓库在同一命名空间(project)里有不同的权限。
- 镜像复制:镜像可以在多个 Registry 实例中复制(同步)。尤其适合于负载均衡,高可用,混合云和多云的场景。
- 图形化用户界面:用户可以通过浏览器来浏览,检索当前 Docker 镜像仓库,管理项目和命名空间。
- AD/LDAP 支持:Harbor 可以集成企业内部已有的 AD/LDAP,用于鉴权认证管理。
- 审计管理:所有针对镜像仓库的操作都可以被记录追溯,用于审计管理。
- 国际化:已拥有英文、中文、德文、日文和俄文的本地化版本。更多的语言将会添加进来。
- RESTful API:RESTful API 提供给管理员对于 Harbor 更多的操控, 使得与其它管理软件集成变得更容易。
- 部署简单:提供在线和离线两种安装工具, 也可以安装到 vSphere 平台(OVA 方式)虚拟设备。
Harbor 和 Registry的比较
Harbor和Registry都是Docker的镜像仓库,但是Harbor作为更多企业的选择,是因为相比较于Regisrty来说,它具有很多的优势。
- 提供基于Web界面的图形化管理界面,操作更友好。
- 支持用户、项目和镜像的访问控制机制。
- 可以对镜像进行扫描查找漏洞,提升安全性。
- 完全支持LDAP/AD等标准化的企业用户管理。
- 可以很好地集成到CI/CD流程中。
- 提供API开放功能,便于第三方系统对接。
很适合团队和中小企业使用。
Harbor 架构
- proxy:对应启动组件nginx。它是一个nginx反向代理,代理Notary client(镜像认证)、docker client(镜像上传下载)和浏览器的访问请求(Core Service)给后端的各服务器。
- UI(Core Service) :对应启动组件harbor-ui。底层数据存储使用mysql数据库,主要提供了四个子功能。
- UI:一个web管理页面ui
- API:Harbor暴露的API服务。
- Auth:用户认证服务,decode后的token中的用户信息在这里进行认证;auth后端可以接db、ldap、uaa三种认证实现。
- Token服务:负责根据用户在每个project中的role来为每个docker push/pull 命令发布一个token,如果docker client发送给registry的请求没有带token,registry会重定向请求到token服务创建token。
- Registry:对应启动组件registry。负责存储镜像文件和处理镜像的pull/push命令。Harbor对镜像进行强制的访问控制,Registry会将每个客户端的每个pull/push请求转发到token服务来获取有效的token。
- Admin Service:对应启动组件harbor-admin server。是系统的配置管理中心附带检查存储用量,ui和jobserver启动时需要加载adminserver配置。
- job server:对应启动组件harbor-jobservice。负责镜像复制工作,它和Registry通信。从一个Registry pull镜像然后push到另一个Registry,并记录job_log.
- Log Collector:对应启动组件harbor-log。日志汇总组件,通过docker的log-driver把日志汇总到一起。
- DB:对应启动组件harbor-db,负责存储project、user、role、replication、image_scan、access等的metadata数据。
Harbor 大概需要以下几个容器组成:
- ui (Harbor的核心服务)。
- log (运行着rsyslog的容器,进行日志收集)。
- mysql (由官方mysql镜像构成的数据库容器)。
- Nginx (使用Nginx做反向代理)。
- registry (官方的Docker registry)。
- adminserver (Harbor的配置数据管理器)。
- jobservice (Harbor的任务管理服务)。
- redis (用于存储session)。
本文harbor安装版本:harbor-offline-installer-v2.11.1.tgz
需要特别注意:由于Harbor是基于Docker Registry V2版本,所以Docker Engine必须大于20.10.10-ce+版本,docker-compose必须要大于v1.18.0+版本!
安装 Docker
详细安装步骤可参考
-
《Ubuntu 22.04 LTS 在线/离线安装 Docker》
安装必要的依赖包
root@ubuntu2204:~# apt install apt-transport-https ca-certificates curl gnupg lsb-release -y
添加软件源的GPG密钥及docker源(阿里)
root@ubuntu2204:~# curl -fsSL http://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
root@ubuntu2204:~# add-apt-repository "deb [arch=$(dpkg --print-architecture)] http://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"选择安装指定稳定版, 例如 5:25.0.5-1~ubuntu.22.04~jammy
root@ubuntu2204:~# apt-cache madison docker-ce | awk '{ print $3 }'
5:27.3.1-1~ubuntu.22.04~jammy
5:27.3.0-1~ubuntu.22.04~jammy
......
5:26.0.2-1~ubuntu.22.04~jammy
5:26.0.1-1~ubuntu.22.04~jammy
5:26.0.0-1~ubuntu.22.04~jammy
5:25.0.5-1~ubuntu.22.04~jammy
5:25.0.4-1~ubuntu.22.04~jammy
......root@ubuntu2204:~# VERSION_STRING=5:25.0.5-1~ubuntu.22.04~jammy
root@ubuntu2204:~# apt-get install docker-ce=VERSION_STRING docker-ce-cli=VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin -y查看docker信息
root@ubuntu2204:~# docker -v
Docker version 25.0.5, build 5dc9bcc
root@ubuntu2204:~#
root@ubuntu2204:~# docker version
Client: Docker Engine - Community
Version: 25.0.5
API version: 1.44
Go version: go1.21.8
Git commit: 5dc9bcc
Built: Tue Mar 19 15:05:10 2024
OS/Arch: linux/amd64
Context: defaultServer: Docker Engine - Community
Engine:
Version: 25.0.5
API version: 1.44 (minimum version 1.24)
Go version: go1.21.8
Git commit: e63daec
Built: Tue Mar 19 15:05:10 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.22
GitCommit: 7f7fdf5fed64eb6a7caf99b3e12efcf9d60e311c
runc:
Version: 1.1.14
GitCommit: v1.1.14-0-g2c9f560
docker-init:
Version: 0.19.0
GitCommit: de40ad0root@ubuntu2204:~# ps -ef | grep docker
root 16048 1 0 14:56 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
root 16245 12531 0 14:57 pts/1 00:00:00 grep --color=auto docker启动|停止|重启|查看|开机自启
root@ubuntu2204:~# systemctl start|stop|restart|status|enable docker
测试 docker 是否安装正确
root@ubuntu2204:~# docker run --rm hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c1ec31eb5944: Pull complete
Digest: sha256:d211f485f2dd1dee407a80973c8f129f00d54604d2c90732e8e320e5038a0348
Status: Downloaded newer image for hello-world:latestHello from Docker!
This message shows that your installation appears to be working correctly.To generate this message, Docker took the following steps:
- The Docker client contacted the Docker daemon.
- The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64) - The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading. - The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bashShare images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/For more examples and ideas, visit:
https://docs.docker.com/get-started/若能正常输出以上信息,则说明安装成功。
安装 Harbor 仓库
配置HTTPS证书
# 生成证书颁发机构证书
# 1.生成 CA 证书私钥
root@ubuntu2204:~# openssl genrsa -out ca.key 4096
# 2.生成 CA 证书
root@ubuntu2204:~# openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=CN/ST=GD/L=GZ/O=DovOps/OU=IT/CN=zwc.harbor.com" -key ca.key -out ca.crt
# 参数说明:
# C,Country,代表国家
# ST,STate,代表省份
# L,Location,代表城市
# O,Organization,代表组织,公司
# OU,Organization Unit,代表部门
# CN,Common Name,代表服务器域名
# 生成服务器证书
# 1.生成私钥
root@ubuntu2204:~# openssl genrsa -out zwc.harbor.com.key 4096
# 2.生成证书签名请求 (CSR)
root@ubuntu2204:~# openssl req -sha512 -new -subj "/C=CN/ST=GD/L=GZ/O=DovOps/OU=IT/CN=zwc.harbor.com" -key zwc.harbor.com.key -out zwc.harbor.com.csr
# 3.生成 x509 v3 扩展文件
root@ubuntu2204:~# cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=zwc.harbor.com
DNS.2=svr.harbor.com
EOF
# 4.使用 v3.ext 文件来为您的 Harbor 主机生成证书
root@ubuntu2204:~# openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in zwc.harbor.com.csr -out zwc.harbor.com.crt
Certificate request self-signature ok
subject=C = CN, ST = GD, L = GZ, O = DovOps, OU = IT, CN = zwc.harbor.com
# 向 Harbor 和 Docker 提供证书
# 1.将服务器证书和密钥复制到 Harbor 主机上的 certficates 文件夹中(根据自己实际环境)
root@ubuntu2204:~# mkdir -p /data/app/harbor/certs
root@ubuntu2204:~# cp zwc.harbor.com.crt /data/app/harbor/certs
root@ubuntu2204:~# cp zwc.harbor.com.key /data/app/harbor/certs
# 2.转变 zwc.harbor.com.crt 到 docker.zwc.harbor.com.crt,供 Docker 使用
root@ubuntu2204:~# openssl x509 -inform PEM -in zwc.harbor.com.crt -out docker.zwc.harbor.com.cert
# 3.将服务器证书、密钥和 CA 文件复制到 Harbor 主机上的 Docker 证书文件夹中。您必须首先创建适当的文件夹。
root@ubuntu2204:~# mkdir -p /etc/docker/certs.d/zwc.harbor.com
root@ubuntu2204:~# cp docker.zwc.harbor.com.cert /etc/docker/certs.d/zwc.harbor.com
root@ubuntu2204:~# cp zwc.harbor.com.key /etc/docker/certs.d/zwc.harbor.com
root@ubuntu2204:~# cp ca.crt /etc/docker/certs.d/zwc.harbor.com
# 4.重新启动 Docker
root@ubuntu2204:~# systemctl restart docker
# 说明
root@ubuntu2204:~# tree /etc/docker/certs.d/
/etc/docker/certs.d/
└── zwc.harbor.com
├── ca.crt <-- Certificate authority that signed the registry certificate
├── docker.zwc.harbor.com.cert <-- Server certificate signed by CA
└── zwc.harbor.com.key <-- Server key signed by CA
下载安装 Harbor
- Harbor 官网地址:https://goharbor.io
- Harbor github:harbor-releases
- 下载离线版本:【harbor-offline-installer-v2.11.1.tgz】
# 获取Harbor最新稳定版
root@ubuntu2204:~# curl -s https://api.github.com/repos/goharbor/harbor/releases/latest | grep browser_download_url | cut -d '"' -f4 | grep '.tgz'
https://github.com/goharbor/harbor/releases/download/v2.11.1/harbor-offline-installer-v2.11.1.tgz
https://github.com/goharbor/harbor/releases/download/v2.11.1/harbor-offline-installer-v2.11.1.tgz.asc
https://github.com/goharbor/harbor/releases/download/v2.11.1/harbor-online-installer-v2.11.1.tgz
https://github.com/goharbor/harbor/releases/download/v2.11.1/harbor-online-installer-v2.11.1.tgz.asc
# 下载离线Harbor
root@ubuntu2204:~# wget https://github.com/goharbor/harbor/releases/download/v2.11.1/harbor-offline-installer-v2.11.1.tgz
root@ubuntu2204:~# tar -xf harbor-offline-installer-v2.11.1.tgz -C /data/app
root@ubuntu2204:~# cd /data/app/harbor/
root@ubuntu2204:/data/app/harbor# ls
LICENSE certs common.sh harbor.v2.11.1.tar.gz harbor.yml.tmpl install.sh prepare
# 编辑harbor.yml配置文件
root@ubuntu2204:/data/app/harbor# cp harbor.yml.tmpl harbor.yml
root@ubuntu2204:/data/app/harbor# vim harbor.yml
......
4 # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
5 hostname: 172.16.70.162 //设置访问地址,可以是ip、主机名,不可以设置为127.0.0.1或localhost
6
7 # http related config
8 http: //启用http
9 # port for http, default is 80. If https enabled, this port will redirect to https port
10 port: 80 //默认http端口
11
12 # https related config
13 https: //启用https(注释则为禁用)
14 # https port for harbor, default is 443
15 port: 443
16 # The path of cert and key files for nginx
17 certificate: /data/app/harbor/certs/zwc.harbor.com.crt //启用时,证书路径(禁用则注释)
18 private_key: /data/app/harbor/certs/zwc.harbor.com.key //启用时,私钥路径(禁用则注释)
19 # enable strong ssl ciphers (default: false)
20 # strong_ssl_ciphers: false
......
46 # Remember Change the admin password from UI after launching Harbor.
47 harbor_admin_password: Harbor@54321 //修改harbor登录密码
......
65 # The default data volume
66 data_volume: /data/app/harbor/data //修改harbor仓库数据目录(安装Harbor时会自动创建)
......
164 # The directory on your host that store log
165 location: /data/app/harbor/log/harbor //修改日志路径(安装Harbor时会自动创建)
......
# 安装并启动trivy漏洞扫描工具
root@ubuntu2204:/data/app/harbor# ./install.sh --with-trivy
[Step 0]: checking if docker is installed ...
Note: docker version: 25.0.5
[Step 1]: checking docker-compose is installed ...
Note: Docker Compose version v2.29.7
[Step 2]: loading Harbor images ...
......
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /data/app/harbor
......
[Step 5]: starting Harbor ...
......
✔ ----Harbor has been installed and started successfully.---- # 提示安装成功
root@ubuntu2204:/data/app/harbor# ls
LICENSE certs common common.sh data docker-compose.yml harbor.v2.11.1.tar.gz harbor.yml harbor.yml.tmpl install.sh log prepare
# 查看运行中的harbor相关容器(应该是启动10个容器)
root@ubuntu2204:/data/app/harbor# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
545f561eabfd goharbor/harbor-jobservice:v2.11.1 "/harbor/entrypoint...." About a minute ago Up About a minute (healthy) harbor-jobservice
85e7e42c1ea4 goharbor/nginx-photon:v2.11.1 "nginx -g 'daemon of..." About a minute ago Up About a minute (healthy) 0.0.0.0:80->8080/tcp, \
:::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp nginx
938f3c7392ee goharbor/trivy-adapter-photon:v2.11.1 "/home/scanner/entry..." About a minute ago Up About a minute (healthy) trivy-adapter
8e12aab73943 goharbor/harbor-core:v2.11.1 "/harbor/entrypoint...." About a minute ago Up About a minute (healthy) harbor-core
c8d115b85841 goharbor/harbor-db:v2.11.1 "/docker-entrypoint...." About a minute ago Up About a minute (healthy) harbor-db
30c6ab0f77c6 goharbor/harbor-registryctl:v2.11.1 "/home/harbor/start...." About a minute ago Up About a minute (healthy) registryctl
ad0ec6ffdfb8 goharbor/redis-photon:v2.11.1 "redis-server /etc/r..." About a minute ago Up About a minute (healthy) redis
b35f315c7932 goharbor/registry-photon:v2.11.1 "/home/harbor/entryp..." About a minute ago Up About a minute (healthy) registry
2edff162d014 goharbor/harbor-portal:v2.11.1 "nginx -g 'daemon of..." About a minute ago Up About a minute (healthy) harbor-portal
e6736ea4ca01 goharbor/harbor-log:v2.11.1 "/bin/sh -c /usr/loc..." About a minute ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp harbor-log
# 查看docker相关端口
root@ubuntu2204:/data/app/harbor# netstat -ntpl | grep docker
tcp 0 0 127.0.0.1:1514 0.0.0.0:* LISTEN 17754/docker-proxy
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 18387/docker-proxy
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 18427/docker-proxy
tcp6 0 0 :::443 :::* LISTEN 18398/docker-proxy
tcp6 0 0 :::80 :::* LISTEN 18436/docker-proxy
# 查看本机IP
root@ubuntu2204:/data/app/harbor# hostname -I
172.16.70.162 172.17.0.1 172.18.0.1
安装 docker-compose
-
github下载地址: compose-releases
-
下载:【docker-compose-v2.29.7-linux-x86_64】
root@ubuntu2204:~# VERSION_COMPOSE=v2.29.7
root@ubuntu2204:~# curl -L "https://github.com/docker/compose/releases/download/$VERSION_COMPOSE/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose赋执行权限
root@ubuntu2204:~# chmod +x /usr/local/bin/docker-compose
root@ubuntu2204:~# docker-compose -v
Docker Compose version v2.29.7root@ubuntu2204:~# docker-compose -f /data/app/harbor/docker-compose.yml ps
WARN[0000] /data/app/harbor/docker-compose.yml: the attributeversionis obsolete, it will be ignored, please remove it to avoid potential confusion
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
harbor-core goharbor/harbor-core:v2.11.1 "/harbor/entrypoint...." core About a minute ago Up About a minute (healthy)
harbor-db goharbor/harbor-db:v2.11.1 "/docker-entrypoint...." postgresql About a minute ago Up About a minute (healthy)
harbor-jobservice goharbor/harbor-jobservice:v2.11.1 "/harbor/entrypoint...." jobservice About a minute ago Up About a minute (healthy)
harbor-log goharbor/harbor-log:v2.11.1 "/bin/sh -c /usr/loc..." log About a minute ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal goharbor/harbor-portal:v2.11.1 "nginx -g 'daemon of..." portal About a minute ago Up About a minute (healthy)
nginx goharbor/nginx-photon:v2.11.1 "nginx -g 'daemon of..." proxy About a minute ago Up About a minute (healthy) 0.0.0.0:80->8080/tcp,
[::]:80->8080/tcp, 0.0.0.0:443->8443/tcp, [::]:443->8443/tcp
redis goharbor/redis-photon:v2.11.1 "redis-server /etc/r..." redis About a minute ago Up About a minute (healthy)
registry goharbor/registry-photon:v2.11.1 "/home/harbor/entryp..." registry About a minute ago Up About a minute (healthy)
registryctl goharbor/harbor-registryctl:v2.11.1 "/home/harbor/start...." registryctl About a minute ago Up About a minute (healthy)
trivy-adapter goharbor/trivy-adapter-photon:v2.11.1 "/home/scanner/entry..." trivy-adapter 18 minutes ago Up 4 minutes (healthy)注意:如果harbor.yml配置修改了,要先执行"./prepare"命令进行配置载入,然后再重启harbor服务。
停止|启动|重启
root@ubuntu2204:~# docker-compose stop|start|restart
另外:
docker-compose down -v # 停止并删除容器(数据保留在文件系统中,因此不会丢失任何数据)
docker-compose up -d # 创建并启动容器
修改admin密码
# 1.修改harbor的登陆用户密码,则最好在harbor web界面里直接修改。
# 2.忘记harbor的web密码,建议删除data源数据的database,重新部署。
# docker-compose down -v
# rm -rf /data/app/harbor/data/database
# vim harbor.yaml #在这里重置或修改密码
# docker-compose up -d
- 修改本地WIN电脑hosts文件,做好harbor主机的域名解析
172.16.70.162 zwc.harbor.com172.16.70.162 svr.harbor.com
- 将名为"ca.crt"的CA证书下载到本地WIN电脑,浏览器再导入该证书
- 默认账号:admin , 密码:Harbor@54321 (对应harbor.yml中的配置)
使用 Harbot 仓库
首先在Harbor web界面里最好创建一个自己需要的"项目" (或者使用默认的"library"项目),项目公开和私有:
- Public: 所有用户对于公开项目都有读权限。
- Private: 私有项目只能被有特定用户权限的人去访问。
如创建一个公开项目"202411_public",点击进去可以看到推送命令的信息提示。
-
镜像打标签的命令:
docker tag 镜像名:标签 harbot仓库地址/仓库项目名/镜像名:标签- docker tag SOURCE_IMAGE[:TAG] 172.16.70.162/202411_public/REPOSITORY[:TAG]
-
推送到harbot仓库的命令:
docker push harbot仓库地址/仓库项目名/镜像名:标签- docker push 172.16.70.162/202411_public/REPOSITORY[:TAG]
-
从harbot仓库拉取镜像的命令:
docker pull harbot仓库地址/仓库项目名/镜像名:标签- docker pull 172.16.70.162/202411_public/REPOSITORY[:TAG]
harbor登录 镜像推/拉
# 登录报错
root@ubuntu2204:~# docker login 172.16.70.162
Username: admin
Password:
Error response from daemon: Get "http://172.16.70.162/v2/": dial tcp 172.16.70.162:80: connect: connection refused
# 解决办法
root@ubuntu2204:~# cat /etc/docker/daemon.json
{
"registry-mirrors": [
"https://dockerpull.com",
"https://docker.anyhub.us.kg",
"https://dockerhub.jobcher.com",
],
"insecure-registries": ["172.16.70.162"] # 添加此行
}
# 修改过后重启docker, 重启Harbor服务
root@ubuntu2204:~# systemctl daemon-reload && systemctl restart docker
root@ubuntu2204:~# docker-compose -f /data/app/harbor/docker-compose.yml restart
# 再次登录
root@ubuntu2204:~# docker login 172.16.70.162
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
# 登录账号信息保存位置,若不删除后续登录,则无需输入用户名和密码
root@ubuntu2204:~# cat /root/.docker/config.json
{
"auths": {
"172.16.70.162": {
"auth": "YWRtaW46SGFyYm9yQDU0MzIx"
}
}
# 1.查看本地镜像
root@ubuntu2204:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.11.1 cdf68efc001e 2 months ago 114MB
goharbor/redis-photon v2.11.1 acf90a312d47 2 months ago 170MB
goharbor/trivy-adapter-photon v2.11.1 24a8273e807a 2 months ago 339MB
goharbor/harbor-registryctl v2.11.1 43fca2a06374 2 months ago 168MB
goharbor/registry-photon v2.11.1 9da6663b36f2 2 months ago 90.3MB
goharbor/nginx-photon v2.11.1 193a1b77b7d4 2 months ago 159MB
goharbor/harbor-log v2.11.1 2752e033bfbb 2 months ago 169MB
goharbor/harbor-jobservice v2.11.1 a8005a88b3dc 2 months ago 165MB
goharbor/harbor-core v2.11.1 eaf65baad3f6 2 months ago 191MB
goharbor/harbor-portal v2.11.1 f58813018a49 2 months ago 167MB
goharbor/harbor-db v2.11.1 be56f8030c48 2 months ago 277MB
goharbor/prepare v2.11.1 1d00ffdb2e67 2 months ago 216MB
# 2.本地镜像打标签并推送至Harbor
root@ubuntu2204:~# docker tag goharbor/nginx-photon:v2.11.1 172.16.70.162/202411_public/nginx-photon:v2
root@ubuntu2204:~# docker images | grep nginx
172.16.70.162/202411_public/nginx-photon v2 193a1b77b7d4 2 months ago 159MB
goharbor/nginx-photon v2.11.1 193a1b77b7d4 2 months ago 159MB
root@ubuntu2204:~# docker push 172.16.70.162/202411_public/nginx-photon:v2
The push refers to repository [172.16.70.162/202411_public/nginx-photon]
7a130cf406bb: Pushed
fa65d0b345aa: Pushed
v2: digest: sha256:b7a54e6b04ffe19096cc5a788fa3364bc2dea742c26a990ea3270bf20eaa723d size: 741
# 3.拉取dockerhub镜像,打标签并推至Harbor
root@ubuntu2204:~# docker pull mysql:8.4.3
root@ubuntu2204:~# docker tag mysql:8.4.3 172.16.70.162/202411_public/mysql:8.4.3
root@ubuntu2204:~# docker images | grep mysql
172.16.70.162/202411_public/mysql 8.4.3 ed66f13824d5 4 weeks ago 592MB
mysql 8.4.3 ed66f13824d5 4 weeks ago 592MB
root@ubuntu2204:~# docker push 172.16.70.162/202411_public/mysql:8.4.3
The push refers to repository [172.16.70.162/202411_public/mysql]
488946e535dc: Pushed
c6a372379ade: Pushed
4baca2f64123: Pushed
e7f948391a9f: Pushed
3f0758c2bc58: Pushed
96bad7ffa575: Pushed
9a7be671c0ad: Pushed
4dae3171e4f9: Pushed
5cebbdcae534: Pushed
217e34a4f824: Pushed
8.4.3: digest: sha256:0b6d2de7d79984b386696b75aca8341fea4456775e2b22f806a463f2199d4624 size: 2411
- 查看Harob仓库
