环境说明:
- 操作系统:Centos7-2009
- 确保网络连接正常、yum源正常
步骤说明:
1、设定静态地址
#设置静态ip
sed -i 's/BOOTPROTO=dhcp/BOOTPROTO=none/g' /etc/sysconfig/network-scripts/ifcfg-ens33
#增加ip地址、掩码、网关、DNS地址
cat >> /etc/sysconfig/network-scripts/ifcfg-ens33 << EOF
IPADDR=11.0.1.134
PREFIX=24
GATEWAY=11.0.1.2
DNS1=114.114.114.114
EOF
2、离线安装
## 创建目录及下载harbor离线包
mkdir /data && cd /data
wget https://github.com/goharbor/harbor/releases/download/v2.2.0/harbor-offline-installer-v2.2.0.tgz
tar xf harbor-offline-installer-v2.2.0.tgz && rm harbor-offline-installer-v2.2.0.tgz
## 修改harbor配置
cd harbor
cp harbor.yml.tmpl harbor.yml
5 hostname: demo.harbor.com
17 certificate: /data/harbor/ssl/tls.cert
18 private_key: /data/harbor/ssl/tls.key
34 harbor_admin_password: demo666
## 创建harbor访问域名证书
mkdir /data/harbor/ssl && cd /data/harbor/ssl
openssl genrsa -out tls.key 2048
openssl req -new -x509 -key tls.key -out tls.cert -days 360 -subj /CN=*.harbor.com
#安装docker-ce环境
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
systemctl start docker.service && systemctl enable docker.service
docker info
systemctl status docker.service
#安装docker-comper
1. 安装
sudo curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
# 2. 授权
sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
docker-compose --version
## 开始安装
./install.sh
#安装期间获取获取国外的镜像
[root@exp-001 harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 23.0.1
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.26.2
[Step 2]: loading Harbor images ...
07ed3fe22282: Loading layer [==================================================>] 34.51MB/34.51MB
632651017131: Loading layer [==================================================>] 8.071MB/8.071MB
cff019bd8e54: Loading layer [==================================================>] 3.584kB/3.584kB
db8113c9a129: Loading layer [==================================================>] 2.56kB/2.56kB
04eaffb344c9: Loading layer [==================================================>] 61.03MB/61.03MB
.............
## 重启harbor
docker-compose down -v
docker-compose up -d
#检查harbor是否正常
docker ps|grep harbor
实际效果:
1、windows访问测试
添加hosts指向域名
C:\Windows\System32\drivers\etc\hosts
11.0.1.134 demo.harbor.com
使用谷歌浏览器进行访问测试
2、上传镜像
创建用户:
在镜像仓库中添加用户:
镜像服务器登录:
#添加域名映射
echo "11.0.1.134 demo.harbor.com" >>/etc/hosts
#登录demo.harbor.com容器仓库
docker login demo.harbor.com
Username: demo
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
镜像服务器上传镜像:
#查看镜像列表
docker images
#设置容器标签
docker tag centos:7 demo.harbor.com/demo/centos7:v1
docker tag 原镜像名 仓库地址/仓库名/镜像名
#上传demo.harbor.com容器仓库
docker push demo.harbor.com/demo/centos7:v1
上传结果:
#删除当前镜像
docker image rm demo.harbor.com/demo/centos7:v1
#查看镜像
docker images
#从镜像仓库获取镜像
docker pull demo.harbor.com/demo/centos7:v1
#退出镜像仓库demo.harbor.com
docker logout demo.harbor.com
Removing login credentials for demo.harbor.com
附录:
问题1:
:::tips
[root@exp-001 ssl]# docker login demo.harbor.com
Username: demo
Password:
Error response from daemon: Get "https://demo.harbor.com/v2/": x509: certificate relies on legacy Common Name field, use SANs instead
:::
解决方法:
配置镜像仓库可信任
vim /etc/docker/daemon.json
{
"insecure-registries": ["demo.harbor.com"]
}
#重启docker
systemctl restart docker.service
问题2:
:::tips
[root@exp-001 ssl]# docker login demo.harbor.com
Username: demo
Password:
Error response from daemon: login attempt to http://demo.harbor.com/v2/ failed with status: 502 Bad Gateway
:::
解决方法:
## 重启harbor
docker-compose down -v
docker-compose up -d
#检查harbor是否正常
docker ps|grep harbor
1691
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
