1、安装docker编排工具docker compose
这里使用pyton-pip方式安装 :
[root@localhost ~] #yum -y install epel-release # 安装 pip 需要先安装 epel-release 包[root@localhost ~] #yum install -y python3-pip # 安装 pip[root@localhost ~] #pip3 install --upgrade pip -i https://pypi.tuna.tsinghua.edu.cn/simple #升级 pip[root@localhost ~] #pip3 install docker-compose -i https://pypi.tuna.tsinghua.edu.cn/simple #安装 docker-compose[root@locahost ~]# docker-compose -v
/usr/local/lib/python3.6/site-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
docker-compose version 1.29.2, build unknown
2、下载Harbor 安装包,并且做好配置:
添加一块新硬盘格式化后挂载在 /harbordata :[root@localhost ~] # mkfs.ext4 /dev/sdb1[root@localhost ~] # mkdir /harbordata[root@localhost ~] # mount /dev/sdb1 /harbordata/[root@localhost ~] # wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz[root@localhost ~] # tar -C /harbordata/ -xvf harbor-offline-installer-v1.7.1.tgz
查看挂载情况:
[root@n131 ~]# df -Th
Filesystem Type Size Used Avail Use% Mounted on
devtmpfs devtmpfs 2.2G 0 2.2G 0% /dev
tmpfs tmpfs 2.2G 0 2.2G 0% /dev/shm
tmpfs tmpfs 2.2G 12M 2.2G 1% /run
tmpfs tmpfs 2.2G 0 2.2G 0% /sys/fs/cgroup
/dev/mapper/centos-root xfs 17G 4.9G 13G 29% /
/dev/sda1 xfs 1014M 151M 864M 15% /boot
tmpfs tmpfs 438M 0 438M 0% /run/user/0
/dev/sdb1 ext4 9.8G 620M 8.6G 7% /harbordata
3、修改配置文件:
[root@n131 ~]# cd /harbordata/harbor
[root@n131 harbor]# ls
common.sh harbor.v2.8.4.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
[root@n131 harbor]# cp harbor.yml.tmpl harbor.yml
[root@n131 harbor]# ls
common.sh harbor.yml install.sh prepare
harbor.v2.8.4.tar.gz harbor.yml.tmpl LICENSE
[root@n131 harbor]# vim harbor.yml
[root@n131 harbor]#修改hostname的值,并且将https加密的信息注释掉。
4、启动harbor:
运行/harbordata/harbor/install.sh 脚本。
[root@n131 harbor]# ./install.sh
5、安装后验证:
我们发现打开了一些端口,harbor实际就是启动了一些docker服务。
[root@n131 ~]# ss -lntup | grep docker
tcp LISTEN 0 128 127.0.0.1:1514 *:* users:(("docker-proxy",pid=2490,fd=4))
tcp LISTEN 0 128 *:80 *:* users:(("docker-proxy",pid=3000,fd=4))
tcp LISTEN 0 128 [::]:80 [::]:* users:(("docker-proxy",pid=3006,fd=4))
[root@n131 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7f1af6378e8f goharbor/nginx-photon:v2.8.4 "nginx -g 'daemon of…" 42 seconds ago Up 40 seconds (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
a3edf6380456 goharbor/harbor-jobservice:v2.8.4 "/harbor/entrypoint.…" 42 seconds ago Up 37 seconds (healthy) harbor-jobservice
5a23ec07cd0e goharbor/harbor-core:v2.8.4 "/harbor/entrypoint.…" 42 seconds ago Up 40 seconds (healthy) harbor-core
8dda2da494c9 goharbor/redis-photon:v2.8.4 "redis-server /etc/r…" 42 seconds ago Up 41 seconds (healthy) redis
b0d30710088f goharbor/registry-photon:v2.8.4 "/home/harbor/entryp…" 42 seconds ago Up 41 seconds (healthy) registry
05be0c99ebd7 goharbor/harbor-portal:v2.8.4 "nginx -g 'daemon of…" 42 seconds ago Up 41 seconds (healthy) harbor-portal
d5cbb4586965 goharbor/harbor-db:v2.8.4 "/docker-entrypoint.…" 42 seconds ago Up 41 seconds (healthy) harbor-db
078b44134630 goharbor/harbor-registryctl:v2.8.4 "/home/harbor/start.…" 42 seconds ago Up 41 seconds (healthy) registryctl
6124098ebc70 goharbor/harbor-log:v2.8.4 "/bin/sh -c /usr/loc…" 42 seconds ago Up 41 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@n131 ~]#
6、访问Harbor:
我们可以访问宿主机的ip地址来访问我们搭建好的Harbor仓库。
然后新建一个public项目:
7、上传下载镜像到harbor仓库:
(1)修改docker配置,添加harbor仓库为信任地址;并重启docker程序。
[root@n131 ~]# vim /etc/docker/daemon.json
{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["192.168.200.131:80"]
}[root@n131 ~]# systemctl restart docker
(2)手动启动harbor:(注意要在/harbordata/harbor/下执行)
[root@n131 harbor]# docker-compose up -d
(3)把要上传的镜像打上合适的标签 :
[root@n131 ~]# docker tag centos:latest 192.168.200.131:80/public/centos:v1
(4)登录harbor仓库:
[root@n131 ~]# docker login 192.168.200.131:80
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded
[root@n131 ~]#
(5)上传镜像:
[root@n131 ~]# docker push 192.168.200.131:80/public/centos:v1
The push refers to repository [192.168.200.131:80/public/centos]
74ddd0ec08fa: Pushed
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529
[root@n131 ~]#
(6)在浏览器上访问harbor仓库查看验证。
我们发现public项目中已经有了我们上传的镜像。
(7)重harbor仓库中下载我们创建的镜像:
我们先将本地创建的镜像删除:
[root@n131 ~]# docker rmi 192.168.200.131:80/public/centos:v1
Untagged: 192.168.200.131:80/public/centos:v1
Untagged: 192.168.200.131:80/public/centos@sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
[root@n131 ~]#然后使用命令重barbor仓库中下载到本地来:
[root@n131 ~]# docker pull 192.168.200.131:80/public/centos:v1
v1: Pulling from public/centos
Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Status: Downloaded newer image for 192.168.200.131:80/public/centos:v1
192.168.200.131:80/public/centos:v1
8、控制Harbor服务:
在 harbor 安装路径下,使用 docker-compose 命令对 harbor 进行控制(1)暂停/取消暂停 harbor 服务[root@n131 harbor]# docker-compose pause[root@n131 harbor]# docker-compose unpause(2)关闭/开启harbor服务
[root@n131 harbor]# docker-compose stop
[root@n131 harbor]# docker-compose start