之前安装harbor仓库的红帽7被征用部署k8s了===
这是ubuntu20.04环境下harbor仓库的安装。
安装前提:需要harbor。
1.harbor仓库的安装
1.获取harbor:
https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz
2.解压harbor仓库:
tar xf harbor-offline-installer-v2.5.3.tgz -C /usr/local/src/
3.安装docker-compose:
curl -SL https://github.com/docker/compose/releases/download/v2.7.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
4.harbor仓库的配置:
将harbor.yml.tmpl修改为harbor.yml:
修改harbor.yml配置文件:
注意:这里需要配置https证书文件,为了harbor私有镜像仓库配置步骤的完整性,我们姑且将其放在后面讨论。
5.安装harbor
证书的生成:
1.创建存放证书的目录:
2.生成证书:
生成CA证书私钥:
openssl genrsa -out ca.key 4096
生成CA证书:
openssl req -x509 -new -nodes -sha512 -days 3650 \
-subj "/C=CN/ST=Xian/L=Xian/O=example/OU=Personal/CN=reg.cfkj.com" \
-key ca.key \
-out ca.crt
3.生成harbor服务器证书:
/usr/local/src/harbor/certs ]# openssl genrsa -out myharbor.key 4096
/usr/local/src/harbor/certs ]# openssl req -sha512 -new \
-subj "/C=CN/ST=Xian/L=Xian/O=example/OU=Personal/CN=reg.cfkj.com" \
-key myharbor.key \
-out myharbor.csr
/usr/local/src/harbor/certs ]# cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names] #alt_names必须要包含harbor服务的域名信息
DNS.1=xxxx
DNS.2=xxxx
EOF
/usr/local/src/harbor/certs ]# openssl x509 -req -sha512 -days 3650 \
-extfile v3.ext \
-CA ca.crt -CAkey ca.key -CAcreateserial \
-in xxxxx.csr \
-out xxxxx.crt
安装成功,开个香槟:
新建项目test: