HarBor 安装与配置
Prerequisites for the target host
Resource | Capacity | Description |
---|
CPU | minimal 2 CPU | 4 CPU is preferred |
Mem | minimal 4GB | 8GB is preferred |
Disk | minimal 40GB | 160GB is preferred |
环境
- centos7
- harbor v1.6.3
- python v2.7及以上
- docker v1.10及以上
- docker-compose v1.6.0及以上
- openssh latest
network port
port | Protocol | Description |
---|
443 | HTTPS | Harbor portal and core API will accept requests on this port for https protocol |
4443 | HTTPS | Connections to the Docker Content Trust service for Harbor, only needed when Notary is enabled |
80 | HTTP | Harbor portal and core API will accept requests on this port for http protocol |
1. 安装和配置docker-compose
docker安装不予赘述
docker默认走https,需要将地址添加到/etc/docker/daemon.json(没有就创建),添加一下内容
{
"insecure-registries": ["10.176.56.232:8888"]
}
1.1 安装docker-compose
sudo curl -L "https://github.com/docker/compose/releases/download/1.23.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
如果需要用到代理,可加上-x "http://ip:port"
1.2 使二进制文件可执行
sudo chmod +x /usr/local/bin/docker-compose
1.3 检查docoker-compose版本
[admin@harbor harbor]$ docker-compose version
docker-compose version 1.23.1, build b02f1306
docker-py version: 3.5.0
CPython version: 3.6.7
OpenSSL version: OpenSSL 1.1.0f 25 May 2017
2. 安装和配置harbor
2.1 下载所需要的版本,离线或在线。
此例为harbor—online-v1.6.3,https://github.com/goharbor/harbor/releases
tar xvf harbor-online-installer-v1.6.3.tgz
2.2 配置harbor
此处为简易安装配置
cd harbor
vim harbor.cfg
hostname = 10.176.56.232:8888
不要用localhost和127.0.0.1
2.3 默认安装
sudo ./install.sh
install.PNG
docker-compose.PNG
login.PNG
harbor.PNG
2.4 测试
新建一个test的项目用于存放test镜像
test_project.PNG
用户名:admin
密码:Harbor12345
测试
docker login 10.176.56.232:8888 #默认密码Harbor12345
docker pull busybox:latest # 先从网络上拉取一个busybox镜像
docker tag busybox:latest 10.176.56.232:8888/test/busybox:latest #打上你所想要的tag,私有仓库路径和项目名写在镜像名前。
docker push 10.176.56.232:8888/test/busybox:latest #上传成功可去harbor页面查看
docker pull 10.176.56.232:8888/test/busybox:latest
坑:docker login harbor出现的报错Error response from daemon: Get https://172.16.1.99/v1/users/: dial tcp 172.16.1.99:443: getsockopt: connection refused解决方法
解决方案1
使用docker 拉镜像的时候,出现下面的错误:
net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
1
因为在下载官方镜像点的镜像国内访问速度太慢,所以报错,使用加速器就可以解决这个问题
首先打开配置文件daemon.json,centos上安装后有此文件,但是ubuntu上需要自己创建文件:
vim /etc/docker/daemon.json
1
在文件中加入:
{
"registry-mirrors":["https://docker.mirrors.ustc.edu.cn"]
}
然后重启守护进程:
sudo systemctl daemon-reload
sudo systemctl restart docker
解决方案2
出现的问题 [root@master01 ~] # docker login 172.16.1.99 Username: admin Password: Error response from daemon: Get https: //172 .16.1.99 /v1/users/ : dial tcp 172.16.1.99:443: getsockopt: connection refused |
docker 连接harbor客户端的版本 [root@master01 docker] # docker version Client: Version: 17.03.2-ce API version: 1.27 Go version: go1.7.5 Git commit: f5ec1e2 Built: Tue Jun 27 01:35:00 2017 OS /Arch : linux /amd64 Server: Version: 17.03.2-ce API version: 1.27 (minimum version 1.12) Go version: go1.7.5 Git commit: f5ec1e2 Built: Tue Jun 27 01:35:00 2017 OS /Arch : linux /amd64 Experimental: false |
查找docker.service 所在的位置 [root@master01 docker] # find / -name docker.service -type f /etc/systemd/system/docker .service |
修改配置文件, 增加 --insecure-registry=172.16.1.99 选项 [root@master01 docker] # cat /etc/systemd/system/docker.service [Unit] Description=Docker Application Container Engine Documentation=http: //docs .docker.io [Service] Environment= "PATH=/opt/kube/bin:/bin:/sbin:/usr/bin:/usr/sbin" ExecStart= /opt/kube/bin/dockerd --insecure-registry=172.16.1.99 ExecStartPost= /sbin/iptables -I FORWARD -s 0.0.0.0 /0 -j ACCEPT ExecReload= /bin/kill -s HUP $MAINPID Restart=on-failure RestartSec=5 LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity Delegate= yes KillMode=process [Install] WantedBy=multi-user.target |
重新启动服务 systemctl daemon-reload systemctl restart docker |
查看服务,已经包含了 --insecure-registry=172.16.1.99 参数 [root@master01 docker] # ps aux|grep docker root 6385 0.5 2.1 419248 39836 ? Ssl 05:30 0:03 /opt/kube/bin/dockerd --insecure-registry=172.16.1.99 root 6398 0.0 0.5 292736 9884 ? Ssl 05:30 0:00 docker-containerd -l unix: ///var/run/docker/libcontainerd/docker-containerd .sock --metrics-interval=0 --start-timeout 2m --state- dir /var/run/docker/libcontainerd/containerd --shim docker-containerd-shim --runtime docker-runc root 6544 0.0 0.1 266796 3560 ? Sl 05:30 0:00 docker-containerd-shim d20f94482cdaca325518d5726a3e6859b5ed1a9a0a457e3bf1386c1df4951912 /var/run/docker/libcontainerd/d20f94482cdaca325518d5726a3e6859b5ed1a9a0a457e3bf1386c1df4951912 docker-runc root 6623 0.0 0.1 266796 3552 ? Sl 05:30 0:00 docker-containerd-shim 29892d644f78137564d071a94a8ff4226bea25b95c7c4363e7cc3ccb280a6313 /var/run/docker/libcontainerd/29892d644f78137564d071a94a8ff4226bea25b95c7c4363e7cc3ccb280a6313 docker-runc root 8547 0.0 0.0 112704 972 pts /0 R+ 05:40 0:00 grep --color=auto docker |
再进行登录操作 , 可以成功登录 [root@master01 docker] # docker login 172.16.1.99 Username (admin): admin Password: Login Succeeded |