一、共享存储目录
1.两个节点安装harbor
[root@centos201 softwares]# pwd
/linuxmc/softwares
[root@centos201 softwares]#
[root@centos201 softwares]# scp -r harbor 10.0.0.202:`pwd`
[root@centos201 softwares]#
[root@centos201 softwares]# scp -r /data 10.0.0.202:/
[root@centos202 ~]# cd /linuxmc/softwares/harbor/
[root@centos202 harbor]#
[root@centos202 harbor]# ./install.sh
2.所有节点安装nfs服务
[root@centos201 ~]# yum -y install nfs-utils
[root@centos202 ~]# yum -y install nfs-utils
[root@centos203 ~]# yum -y install nfs-utils
3.配置nfs共享
[root@centos203 ~]# mkdir -pv /linuxmc/harbor
[root@centos203 ~]# cat > /etc/exports <<'EOF'
/linuxmc/harbor *(rw,no_root_squash)
EOF
4.配置nfs服务开机自启动
[root@centos203 ~]# systemctl enable --now nfs
5.服务端检查NFS暴露信息
[root@centos203 ~]# exportfs
/linuxmc/harbor
<world>
[root@centos203 ~]#
6.客户端节点手动挂载测试,完成数据的拷贝
[root@centos201 ~]# mount -t nfs 10.0.0.203:/linuxmc/harbor /mnt/
[root@centos201 ~]#
[root@centos201 ~]# scp -r /data/* /mnt/
[root@centos201 ~]#
[root@centos201 ~]# echo "mount -t nfs 10.0.0.203:/linuxmc/harbor /mnt/" >> /etc/rc.local
[root@centos201 ~]#
[root@centos201 ~]# chmod +x /etc/rc.d/rc.local
[root@centos202 ~]# mount -t nfs 10.0.0.203:/linuxmc/harbor /mnt/
[root@centos202 ~]#
[root@centos202 ~]# echo "mount -t nfs 10.0.0.203:/linuxmc/harbor /mnt/" >> /etc/rc.local
[root@centos202 ~]#
[root@centos202 ~]# chmod +x /etc/rc.d/rc.local
[root@centos202 ~]#
7.harbor服务器修改harbor的配置文件
[root@centos201 harbor]# pwd
/linuxmc/softwares/harbor
[root@centos201 harbor]#
[root@centos201 harbor]# vim harbor.yml
...
data_volume: /mnt
[root@centos202 harbor]# pwd
/linuxmc/softwares/harbor
[root@centos202 harbor]#
[root@centos202 harbor]# vim harbor.yml
...
data_volume: /mnt
8.安装keepalived
[root@centos201 ~]# yum -y install keepalived
[root@centos202 ~]# yum -y install keepalived
9.配置keepalived,实现VIP飘逸
[root@centos201 ~]# cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id 201
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.250
}
}
EOF
[root@centos201 ~]# systemctl enable --now keepalived
[root@centos202 ~]# cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id 202
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.250
}
}
EOF
[root@centos202 ~]# systemctl enable --now keepalived
10.各节点验证vip是否飘逸
[root@centos201 ~]# systemctl stop keepalived
11.修改解析
10.0.0.250 harbor.linuxmc.com
harbor主从复制高可用方案
1.各自harbor使用独立的存储
[root@centos201 harbor]# pwd
/linuxmc/softwares/harbor
[root@centos201 harbor]#
[root@centos201 harbor]# vim harbor.yml
...
data_volume: /data
[root@centos202 harbor]# pwd
/linuxmc/softwares/harbor
[root@centos202 harbor]#
[root@centos202 harbor]# vim harbor.yml
...
data_volume: /data
2.创建仓库管理
略。
3.创建复制规则
定时|手动
docker harbor迁移docker registry私有仓库
- 添加不安全的存储库
[root@centos202 harbor]# cat /etc/docker/daemon.json
{
"registry-mirrors": ["https://tuv7rqqq.mirror.aliyuncs.com"],
"insecure-registries": ["10.0.0.203:5000"]
}
[root@centos202 harbor]#
- 参考命令:
docker tag alpine:latest 10.0.0.203:5000/linuxmc-linux/alpine
docker push 10.0.0.203:5000/linuxmc-linux/alpine
- 防坑指南
docker registry打tag时,需要多打一层项目目录,否则harbor迁移docker registry时会失败!
将镜像推送到docker hub官方仓库:
1.注册账号
https://hub.docker.com/signup