文章目录
一、docker环境安装
yum install docker-ce -y
二、离线安装harbor(主节点)
2.1、安装先决条件
2.2、下载harbor离线包
考虑到充分的灵活性,本次选择离线包安装。
#1、官方参考文档
https://gitee.com/project_harbor/harbor?utm_source=alading&utm_campaign=repo
#2、下载harbor离线包
wget https://github.com/goharbor/harbor/releases/download/v2.9.2/harbor-offline-installer-v2.9.2.tgz
#3、解压缩离线包
tar -xvf harbor-offline-installer-v2.9.2.tar
#4、Optionally download the corresponding *.asc file to verify that the package is genuine
gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 644FF454C0B4115C
gpg -v --keyserver hkps://keyserver.ubuntu.com --verify harbor-offline-installer-version.tgz.asc
2.3、配置https
#1、Generate a CA certificate private key.
openssl genrsa -out ca.key 4096
#2、Generate the CA certificate.
openssl req -x509 -new -nodes -sha512 -days 3650 \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yuhaozhi.com" \
-key ca.key \
-out ca.crt
#3、Generate a Server Certificate
#Generate a private key.
openssl genrsa -out yuhaozhi.com.key 4096
#Generate a certificate signing request (CSR).
openssl req -sha512 -new \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yuhaozhi.com" \
-key yuhaozhi.com.key \
-out yuhaozhi.com.csr
#4、Generate an x509 v3 extension file.
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=yuhaozhi.com
DNS.2=yuhaozhi
DNS.3=hostname
DNS.4=192.168.1.230
DNS.5=192.168.1.231
DNS.6=192.168.1.250
DNS.7=harbor.yuhaozhi.com
EOF
#5、Use the v3.ext file to generate a certificate for your Harbor host.
openssl x509 -req -sha512 -days 3650 \
-extfile v3.ext \
-CA ca.crt -CAkey ca.key -CAcreateserial \
-in yuhaozhi.com.csr \
-out yuhaozhi.com.crt
#6、Provide the Certificates to Harbor and Docker
#Copy the server certificate and key into the certficates folder on your Harbor host.
mkdir -p /data/cert/
cp yuhaozhi.com.crt /data/cert/
cp yuhaozhi.com.key /data/cert/
#Convert yourdomain.com.crt to yourdomain.com.cert, for use by Docker.
openssl x509 -inform PEM -in yuhaozhi.com.crt -out yuhaozhi.com.cert
#Copy the server certificate, key and CA files into the Docker certificates folder on the Harbor host. You must create the appropriate folders first.
mkdir -p /etc/docker/certs.d/yuhaozhi.com/
cp yuhaozhi.com.cert /etc/docker/certs.d/yuhaozhi.com/
cp yuhaozhi.com.key /etc/docker/certs.d/yuhaozhi.com/
cp ca.crt /etc/docker/certs.d/yuhaozhi.com/
#7、Restart Docker Engine.
systemctl restart docker
2.4、修改harbor.yml文件
#1、进入harbor离线包,复制harbor.yml.tmpl并命名为harbor.yml
#2、修改harbor.yml
hostname: 192.168.1.230
certificate: /data/cert/yuhaozhi.com.crt
private_key: /data/cert/yuhaozhi.com.key
2.5、安装
./install.sh
#输出如下
[root@lvs1 harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 25.0.3
[Step 1]: checking docker-compose is installed ...
Note: Docker Compose version v2.24.6
[Step 2]: loading Harbor images ...
0c24b8a9f174: Loading layer [==================================================>] 125.3MB/125.3MB
41f72377740a: Loading layer [==================================================>] 3.584kB/3.584kB
72e27f385ff0: Loading layer [==================================================>] 3.072kB/3.072kB
be826955adcb: Loading layer [==================================================>] 2.56kB/2.56kB
49cbeea0eb7e: Loading layer [==================================================>] 3.072kB/3.072kB
d196717f1202: Loading layer [==================================================>] 3.584kB/3.584kB
f51e7eb3ca9e: Loading layer [==================================================>] 20.48kB/20.48kB
Loaded image: goharbor/harbor-log:v2.9.2
40da7daf514d: Loading layer [==================================================>] 16MB/16MB
11a88f6050ab: Loading layer [==================================================>] 173.8MB/173.8MB
7fe17312fa57: Loading layer [==================================================>] 25.47MB/25.47MB
4d2876688e56: Loading layer [==================================================>] 18.2MB/18.2MB
6a6ca8a6ef4f: Loading layer [==================================================>] 5.12kB/5.12kB
2bfa7846e820: Loading layer [==================================================>] 6.144kB/6.144kB
3d2a0828852a: Loading layer [==================================================>] 3.072kB/3.072kB
fe85bfcde808: Loading layer [==================================================>] 2.048kB/2.048kB
4f8603d05e2d: Loading layer [==================================================>] 2.56kB/2.56kB
49398ca402ac: Loading layer [==================================================>] 7.68kB/7.68kB
Loaded image: goharbor/harbor-db:v2.9.2
127b0531272e: Loading layer [==================================================>] 8.57MB/8.57MB
6ce15517300e: Loading layer [==================================================>] 4.096kB/4.096kB
80f53fae1377: Loading layer [==================================================>] 17.4MB/17.4MB
4d4f26993587: Loading layer [==================================================>] 3.072kB/3.072kB
d33c4d5ccb71: Loading layer [==================================================>] 32.78MB/32.78MB
b9d780a3dc06: Loading layer [==================================================>] 50.97MB/50.97MB
Loaded image: goharbor/harbor-registryctl:v2.9.2
e254d8b97486: Loading layer [==================================================>] 115.6MB/115.6MB
Loaded image: goharbor/nginx-photon:v2.9.2
3fcfba466046: Loading layer [==================================================>] 16MB/16MB
a580266af25f: Loading layer [==================================================>] 110.6MB/110.6MB
f7f1d496f837: Loading layer [==================================================>] 3.072kB/3.072kB
d25c35042c59: Loading layer [==================================================>] 59.9kB/59.9kB
e49c186653b7: Loading layer [==================================================>] 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.9.2
f858b7c7c4e1: Loading layer [==================================================>] 8.57MB/8.57MB
50a701ca846f: Loading layer [==================================================>] 4.096kB/4.096kB
e1b540d7b288: Loading layer [==================================================>] 3.072kB/3.072kB
0a49e7d3d12e: Loading layer [==================================================>] 17.4MB/17.4MB
5e291d456605: Loading layer [==================================================>] 18.19MB/18.19MB
Loaded image: goharbor/registry-photon:v2.9.2
9783c6f4e4d5: Loading layer [==================================================>] 9.089MB/9.089MB
6fe2864ec24e: Loading layer [==================================================>] 4.096kB/4.096kB
71a4b4cfb19a: Loading layer [==================================================>] 3.072kB/3.072kB
a133880768e1: Loading layer [==================================================>] 213.9MB/213.9MB
0dafcfde44bd: Loading layer [==================================================>] 17.37MB/17.37MB
d83f6b9f36cc: Loading layer [==================================================>] 232.1MB/232.1MB
Loaded image: goharbor/trivy-adapter-photon:v2.9.2
Loaded image: goharbor/prepare:v2.9.2
b1146ac47e49: Loading layer [==================================================>] 115.6MB/115.6MB
e2023d8c51de: Loading layer [==================================================>] 6.46MB/6.46MB
4a841311b599: Loading layer [==================================================>] 245.8kB/245.8kB
ed8a3388a990: Loading layer [==================================================>] 1.233MB/1.233MB
Loaded image: goharbor/harbor-portal:v2.9.2
edfb22fc6c66: Loading layer [==================================================>] 11.59MB/11.59MB
6fa5f1f326e0: Loading layer [==================================================>] 3.584kB/3.584kB
d6e19e0d42db: Loading layer [==================================================>] 2.56kB/2.56kB
89701473a9c4: Loading layer [==================================================>] 58.23MB/58.23MB
26e39d41755d: Loading layer [==================================================>] 5.632kB/5.632kB
179d6ec199b9: Loading layer [==================================================>] 122.4kB/122.4kB
22d269e7a077: Loading layer [==================================================>] 80.38kB/80.38kB
8b9d83795390: Loading layer [==================================================>] 59.23MB/59.23MB
da5a56c39c04: Loading layer [==================================================>] 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.9.2
39f1a92272e6: Loading layer [==================================================>] 11.59MB/11.59MB
ae7f7a58aeca: Loading layer [==================================================>] 3.584kB/3.584kB
50d9cb47a7f8: Loading layer [==================================================>] 2.56kB/2.56kB
ebc3f21a90ec: Loading layer [==================================================>] 44.69MB/44.69MB
00961384c8a5: Loading layer [==================================================>] 45.48MB/45.48MB
Loaded image: goharbor/harbor-jobservice:v2.9.2
2bfb331e5709: Loading layer [==================================================>] 11.59MB/11.59MB
528004941363: Loading layer [==================================================>] 27.62MB/27.62MB
c8dfa643c6d1: Loading layer [==================================================>] 4.608kB/4.608kB
6de2b2fb651e: Loading layer [==================================================>] 28.41MB/28.41MB
Loaded image: goharbor/harbor-exporter:v2.9.2
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/k8s/harbor/harbor
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
Note: stopping existing Harbor instance ...
[Step 5]: starting Harbor ...
[+] Running 9/10
⠙ Network harbor_harbor Created 2.1s
✔ Container harbor-log Started 0.4s
✔ Container registry Started 1.2s
✔ Container redis Started 1.0s
✔ Container harbor-db Started 1.1s
✔ Container harbor-portal Started 1.2s
✔ Container registryctl Started 1.1s
✔ Container harbor-core Started 1.5s
✔ Container harbor-jobservice Started 2.0s
✔ Container nginx Started 1.9s
✔ ----Harbor has been installed and started successfully.----
2.6、验证
注意:本机测试暂时未配置dns,因此可在本地配置静态hosts记录如下
192.168.1.250 harbor.yuhaozhi.com
并在浏览器输入:
https://harbor.yuhaozhi.com
用户密码配置在2.4 harbor.yml文件中(用户名:admin):
harbor_admin_password: Harbor12345
2.7、如需配置主从harbor节点则继续跳转至下一章节
三、离线安装harbor(从节点)
3.1-3.5章节参考主节点2.1-2.5安装步骤
3.4、修改harbor.yml
#1、进入harbor离线包,复制harbor.yml.tmpl并命名为harbor.yml
#2、修改harbor.yml
hostname: 192.168.1.231
certificate: /data/cert/yuhaozhi.com.crt
private_key: /data/cert/yuhaozhi.com.key
3.6、docker-compose安装
#官网下载地址
wget https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-linux-x86_64
cp docker-compose-linux-x86_64 /usr/local/bin/docker-compose
chmod 755 /usr/local/bin/docker-compose
3.7、主备复杂配置
3.8、验证
往主库推送镜像:
#主动触发同步任务
#从库状态
1772
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
