避免Harbor镜像下载困难,我上传到云盘
链接:
提取码: r17n
一、将镜像下载到/opt目录下
二、 搭建Harbor私仓脚本如下:
#/bin/bash
set -x
function Firewall_Selinx(){
systemctl status firewalld |grep running && systemctl stop firewalld; systemctl disable firewalld
selinux=$(getenforce)
if [ "$selinux" = "Permissive" -o "$selinux" = "Enforcing" ];then
#临时关闭selinux
setenforce 0
#永久关闭selinux
cat /etc/sysconfig/selinux |grep disabled |grep -v "^#"
if [ $? -eq 0 ];then
echo "已经永久关闭selinux"
else
sed -i "7{s/^SELINUX.*/SELINUX=disabled/g}" /etc/sysconfig/selinux
fi
else
echo "selinux模式关闭"
fi
}
function Dependency_packages(){
Packages="curl wget yum-utils device-mapper-persistent-data lvm2 expect"
for package in ${Packages[@]}
do
rpm -q $package &>/dev/null && echo "$package"已安装 || yum install -y $package &>/dev/null
sleep 0.5s
done
}
function docker(){
Docker_Packages="docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-selinux docker-engine-selinux docker-engine"
for docker_package in ${Docker_Packages[@]}
do
rpm -q $docker_package &>/dev/null && yum remove $docker_package -y &>/dev/null || echo "$docker_package未安装"
done
#安装docker依赖
#yum install -y yum-utils device-mapper-persistent-data lvm2
#使用阿里源安装docker
ls -al /etc/yum.repos.d/ |grep "docker-ce.repo"
if [ $? -eq 0 ];then
echo "docker源存在,无需再下载"
else
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum install docker-ce -y
fi
#开启并开机自启
echo "当前的docker版本:"
#以版本为判断,出现docker版本说明安装成功,进行开启docker服务和自启动docker服务,没有的话再次尝试安装docker服务
/usr/bin/docker -v
if [ $? -eq 0 ];then
systemctl status docker |grep dead && systemctl restart docker || echo "docker服务已经启动"
systemctl status docker|sed -n 2p |grep disabled && systemctl enable docker || echo "docker服务开机自启"
else
yum makecache fast
yum install docker-ce -y
/usr/bin/docker version &>/dev/null
if [[ $? != 0 ]];then
yum makecache
yum install docker-ce -y
else
echo "docker安装失败"
fi
fi
#doocker下载镜像加速
[ -f /etc/docker/daemon.json ] && echo "文件存在" || touch /etc/docker/daemon.json
cat > /etc/docker/daemon.json <<EDF
{
"registry-mirrors": ["https://registry.docker-cn.com"]
}
EDF
systemctl daemon-reload
systemctl restart docker
}
function docker_compose(){
#安装docker-compose
docker_compose="/usr/local/bin/docker-compose"
[ -e $docker_compose ] && echo "docker-compose存在" || curl -L "https://github.com/docker/compose/releases/download/1.24.0/docker-compose-$(uname -s)-$(uname -m)" -o $docker_compose
[ -x $docker_compose ] || chmod +x $docker_compose
ln -s $docker_compose /usr/bin/docker-compose
echo "当前docke-compose版本为:"
docker-compose -v
}
function harbor(){
cd /opt
wget --tries=3 https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
[ -d /usr/local/harbor ] && echo "harbor已解压" || tar -zxf /opt/harbor-offline-installer-v1.8.1.tgz -C /usr/local
cd /usr/local/harbor
[ -d ca ] && echo "目录存在" || mkdir -p /usr/local/harbor/ca
/usr/bin/expect <<EOF
spawn /usr/bin/openssl req -newkey rsa:4096 -nodes -sha256 -keyout /usr/local/harbor/ca/ca.key -x509 -days 365 -out /usr/local/harbor/ca/ca.crt
expect {
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "2216170240@qq.com\n"}
expect eof
}
spawn /usr/bin/openssl req -newkey rsa:4096 -nodes -sha256 -keyout /usr/local/harbor/ca/www.jiayoua.club.com.key -out /usr/local/harbor/ca/www.jiayoua.club.csr
expect {
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "\n";exp_continue}
":" {send "2216170240@qq.com\n"}
expect eof
}
EOF
openssl x509 -req -days 365 -in /usr/local/harbor/ca/www.jiayoua.club.csr -CA /usr/local/harbor/ca/ca.crt -CAkey /usr/local/harbor/ca/ca.key -CAcreateserial -out /usr/local/harbor/ca/www.jiayoua.club.crt
[ -f /usr/local/harbor/harbor.yml ] || cp -a /usr/local/harbor/harbor.yml{,.bak}
#+++++++++++++++++++++++++++++++内网IP++++++++++++++++++++++++++++++++++++++++++
Network_Card=`ifconfig |egrep "^e" |head -n 1 |awk -F ":" '{print $1}'|head -n 1`
Local_IP=`ifconfig $Network_Card |awk '/broadcast/{print $2}' `
#+++++++++++++++++++++++++++++++++++外网IP++++++++++++++++++++++++++++++++++++++++
Harboryaml="/usr/local/harbor/harbor.yml"
#Local_IP=`curl -s ip.cip.cc`
sed -i "5s/hostname:.*/hostname: ${Local_IP}/" $Harboryaml
sed -i "10s/ port:.*/ port: 8888/" $Harboryaml
sed -i "13s/# https:/https:/g" $Harboryaml
sed -i "15s/# port: 443/ port: 4430/g" $Harboryaml
sed -i "17s/# certificate: \/your\/certificate\/path/ certificate: \/usr\/local\/harbor\/ca\/ca.crt/g" $Harboryaml
sed -i "18s/# private_key: \/your\/private\/key\/path/ private_key: \/usr\/local\/harbor\/ca\/ca.key/g" $Harboryaml
#待优化,可选使用户具有设置harbor密码的权力(可选)——这里你可以自己编写定义harbor的初始登录密码
#sed -i "5s/harbor_admin_password.*/harbor_admin_password: Harbor12345/" harbor.yml
echo "读取harbor的yaml配置文件中"
sleep 2s
./prepare
echo "安装harbor应用中"
./install.sh
cd ~
echo "harbor安装成功"
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
echo "+ +"
echo "+ +"
echo "+ Harbor +"
echo "+ +"
echo "+ 访问Harbor地址:http://${Local_IP}:8888 +"
echo "+ https://${Local_IP}:4430 +"
echo "+ +"
echo "+ 账号: admin +"
echo "+ +"
echo "+ +"
echo "+ 密码: Harbor12345 +"
echo "+ +"
echo "+ +"
echo "++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
}
All_Components="Firewall_Selinx Dependency_packages docker_compose harbor"
for assembly in ${All_Components[@]}
do
$assembly
done
脚本属于入门级别。欢迎纠正与优化,吐槽,最好可以优化,有好的建议欢迎评论与私信,感谢
三、授权并执行脚本
chmod +x harbor.sh && bash harbor.sh
二、Harbor搭建完成,让其开机自启动Harbor进程
1)将Harbor启动写入开机自启动中(启动调用可以参考如下图)
sudo tee /etc/rc.d/rc.local <<-'EOF'
{
bash /usr/local/harbor/install.sh
}
EOF
2)将/etc/rc.d/rc.local赋予可执行权限,不然开机无法执行这个文件
chmod +x /etc/rc.d/rc.local
3)启动的流程