Harbor仓库搭建

KUILING

已于 2022-08-13 12:29:11 修改

阅读量517

点赞数

文章标签： docker 容器 java

于 2022-08-11 19:43:02 首次发布

本文链接：https://blog.csdn.net/m0_52091913/article/details/126291390

版权

Harbor

无论是使用Docker-distribution去自建仓库，还是通过官方镜像跑容器的方式去自建仓库，通过前面的演示我们可以发现其是非常的简陋的，还不如直接使用官方的Docker Hub去管理镜像来得方便，至少官方的Docker Hub能够通过web界面来管理镜像，还能在web界面执行搜索，还能基于Dockerfile利用Webhooks和Automated Builds实现自动构建镜像的功能，用户不需要在本地执行docker build，而是把所有build上下文的文件作为一个仓库推送到github上，让Docker Hub可以从github上去pull这些文件来完成自动构建。

但无论官方的Docker Hub有多强大，它毕竟是在国外，所以速度是最大的瓶颈，我们很多时候是不可能去考虑使用官方的仓库的，但是上面说的两种自建仓库方式又十分简陋，不便管理，所以后来就出现了一个被 CNCF 组织青睐的项目，其名为Harbor。

Harbor简介

Harbor是由VMWare在Docker Registry的基础之上进行了二次封装，加进去了很多额外程序，而且提供了一个非常漂亮的web界面。
Harbor简介
Harbor是由VMWare在Docker Registry的基础之上进行了二次封装，加进去了很多额外程序，而且提供了一个非常漂亮的web界面。

Project Harbor is an open source trusted cloud native registry project that stores, signs, and scans context.

Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management.

Harbor supports advanced features such as user management, access control, activity monitoring, and replication between instances.

Harbor的功能
Feathers：

Multi-tenant content signing and validation Security and
vulnerability analysis Audit logging Identity integration and
role-based access control Image replication between instances
Extensible API and graphical UI Internationalization（currently
English and Chinese）

Docker compose

Harbor在物理机上部署是非常难的，而为了简化Harbor的应用，Harbor官方直接把Harbor做成了在容器中运行的应用，而且这个容器在Harbor中依赖类似redis、mysql、pgsql等很多存储系统，所以它需要编排很多容器协同起来工作，因此VMWare Harbor在部署和使用时，需要借助于Docker的单机编排工具(Docker compose)来实现。

Compose is a tool for defining and running multi-container Docker
applications. With Compose, you use a YAML file to configure your
application’s services. Then, with a single command, you create and
start all the services from your configuration.

Docker Compose官方文档

https://docs.docker.com/compose/

Harbor部署

Harbor官方文档

https://github.com/goharbor/harbor

#已经安装docker有docker仓库
[root@localhost ~]# ls /etc/yum.repos.d/
CentOS-Base.repo  docker-ce.repo
#需要有这个docker-ce.repo

#安装要撰写 CLI 插件
[root@localhost ~]# DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
[root@localhost ~]# mkdir -p $DOCKER_CONFIG/cli-plugins
[root@localhost ~]# curl -SL https://github.com/docker/compose/releases/download/v2.7.0/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
[root@localhost ~]# cd .docker/cli-plugins/
[root@localhost cli-plugins]# ls
docker-compose
[root@localhost cli-plugins]# chmod +x docker-compose
[root@localhost cli-plugins]# ll
total 25188
-rwxr-xr-x. 1 root root 25792512 Aug 11 19:23 docker-compose
[root@localhost cli-plugins]# 
[root@localhost cli-plugins]# pwd
/root/.docker/cli-plugins
[root@localhost cli-plugins]# ln -s /root/.docker/cli-plugins/docker-compose /usr/bin/
[root@localhost cli-plugins]# cd 
[root@localhost ~]# which docker-compose 
/usr/bin/docker-compose
[root@localhost ~]# docker-compose version
Docker Compose version v2.7.0
[root@localhost ~]# 

//下载Harbor仓库
[root@localhost ~]# cd /usr/local/src/
[root@localhost src]# wget https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz

//解压到相应目录
[root@localhost ~]# cd /usr/local/src/
[root@localhost src]# ls
harbor-offline-installer-v2.5.3.tgz
[root@localhost src]# tar xf harbor-offline-installer-v2.5.3.tgz -C /usr/local/
[root@localhost src]# cd /usr/local/
[root@localhost local]# ls
bin  etc  games  harbor  include  lib  lib64  libexec  sbin  share  src
[root@localhost local]# cd harbor/
[root@localhost harbor]# ls
common.sh  harbor.v2.5.3.tar.gz  harbor.yml.tmpl  install.sh  LICENSE  prepare

//修改主机名称
[root@localhost harbor]# hostnamectl set-hostname harbor.example.com
[root@localhost harbor]# bash

//修改配置文件
[root@harbor harbor]# ls
common.sh  harbor.v2.5.3.tar.gz  harbor.yml.tmpl  install.sh  LICENSE  prepare
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml
[root@harbor harbor]# ls
common.sh  harbor.v2.5.3.tar.gz  harbor.yml  harbor.yml.tmpl  install.sh  LICENSE  prepare
[root@harbor harbor]# vim harbor.yml

# Configuration file of Harbor
  
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: harbor.example.com	#修改主机名称

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
#https:									#将https相关的全部注释
  # https port for harbor, default is 443
  #port: 443
  # The path of cert and key files for nginx
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path

# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345      #这里设置的是密码

# Harbor DB configuration
........
//安装harbor
[root@harbor harbor]# ./install.sh
安装过程......  #这个需要等待一会
✔ ----Harbor has been installed and started successfully.----
[root@harbor harbor]# 

//设置开机自启
[root@harbor harbor]# vim /etc/rc.local 
......
# that this script will be executed during boot.

touch /var/lock/subsys/local

cd /usr/local/harbor										
docker-compose start
#添加这两行

[root@harbor harbor]# ll /etc/rc.local 
lrwxrwxrwx. 1 root root 13 Dec  2  2020 /etc/rc.local -> rc.d/rc.local

[root@harbor harbor]# chmod +x /etc/rc.d/rc.local 
[root@harbor harbor]# ll /etc/rc.d/rc.local 
-rwxr-xr-x. 1 root root 525 Aug 11 19:34 /etc/rc.d/rc.local
#然后重启
[root@harbor ~]# reboot
[root@harbor ~]# docker ps
CONTAINER ID   IMAGE                                COMMAND                  CREATED         STATUS                             PORTS                                   NAMES
d934dbfe6607   goharbor/nginx-photon:v2.5.3         "nginx -g 'daemon of…"   2 minutes ago   Up 8 seconds (health: starting)    0.0.0.0:80->8080/tcp, :::80->8080/tcp   nginx
1e61bdd87a11   goharbor/harbor-jobservice:v2.5.3    "/harbor/entrypoint.…"   2 minutes ago   Up 8 seconds (health: starting)                                            harbor-jobservice
6344d82c024d   goharbor/harbor-core:v2.5.3          "/harbor/entrypoint.…"   2 minutes ago   Up 10 seconds (health: starting)                                           harbor-core
b5eb05f42c51   goharbor/harbor-registryctl:v2.5.3   "/home/harbor/start.…"   2 minutes ago   Up 10 seconds (health: starting)                                           registryctl
cea7f19016ed   goharbor/harbor-portal:v2.5.3        "nginx -g 'daemon of…"   2 minutes ago   Up 9 seconds (health: starting)                                            harbor-portal
beaeb8c5a1a1   goharbor/harbor-db:v2.5.3            "/docker-entrypoint.…"   2 minutes ago   Up 9 seconds (health: starting)                                            harbor-db
97871e9cf034   goharbor/registry-photon:v2.5.3      "/home/harbor/entryp…"   2 minutes ago   Up 9 seconds (health: starting)                                            registry
c58efa3f8e79   goharbor/redis-photon:v2.5.3         "redis-server /etc/r…"   2 minutes ago   Up 9 seconds (health: starting)                                            redis
99c54d8f6865   goharbor/harbor-log:v2.5.3           "/bin/sh -c /usr/loc…"   2 minutes ago   Up 9 seconds (health: starting)    127.0.0.1:1514->10514/tcp               harbor-log
[root@harbor ~]# 

.......