Harbor仓库搭建及简单使用


环境准备

Harbor的所有服务组件都是在Docker中部署的,所以官方安装使用Docker-compose快速部署,所以需要安装Docker、Docker-compose。由于Harbor是基于Docker Registry V2版本,所以就要求Docker版本不小于1.10.0,Docker-compose版本不小于1.6.0

一、安装Docker

安装所需的包。yum-utils提供了yum-config-manager 效用,并device-mapper-persistent-data和lvm2由需要 devicemapper存储驱动程序

1、[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2

设置稳定存储库

2、[root@localhost ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

安装Docker CE

3、[root@localhost ~]# yum install -y docker-ce docker-ce-cli containerd.io

验证docker安装是否成功

[root@localhost ~]# docker --version
Docker version 19.03.13, build 4484c46d9d

二、安装Docker-compose

使用daocloud下载 注意docker-compose下载的位置不要随意改动 要和添加权限的位置一样

1、[root@localhost ~]# sudo curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

添加可执行权限

2、[root@localhost ~]# sudo chmod +x /usr/local/bin/docker-compose

验证安装是否成功

[root@localhost /]# docker-compose --version
docker-compose version 1.25.1, build a82fef07

三、安装并且配置Harbor并访问

1.安装Harbor

创建harbor文件夹

[root@localhost harbor]# cd /usr/local
[root@localhost harbor]# mkdir harbor
[root@localhost harbor]# cd harbor
[root@localhost harbor]# wget https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# tar -zxf harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# ls
harbor  harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# cd harbor
[root@localhost harbor]# ls
common  docker-compose.notary.yml  docker-compose.yml  harbor_1_1_0_template  harbor.cfg  install.sh  LICENSE  NOTICE  prepare  upgrade

2.配置Harbor

[root@localhost harbor]# vim harbor.cfg
# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost 此处改为你虚拟机的ip
hostname = 192.168.135.142

# 访问协议,默认是http,也可以设置https,如果设置https,则nginx ssl需要设置on
ui_url_protocol = http

# mysql数据库root用户默认密码root123,实际使用时修改下
db_password = 123456

max_job_workers = 3 

customize_crt = on

ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key

secretkey_path = /data

admiral_url = NA
# 邮件设置,发送重置密码邮件时使用
email_identity = 

email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false

# 启动Harbor后,管理员UI登录的密码,默认是Harbor12345
harbor_admin_password = Harbor12345

# 认证方式,这里支持多种认证方式,如LADP、本次存储、数据库认证。默认是db_auth,mysql数据库认证
auth_mode = db_auth

# LDAP认证时配置项
ldap_url = ldaps://ldap.mydomain.com
#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com
#ldap_search_pwd = password
ldap_basedn = ou=people,dc=mydomain,dc=com
#ldap_filter = (objectClass=person)
ldap_uid = uid
ldap_scope = 3
ldap_timeout = 5

# 是否开启自注册
self_registration = on

# token有效时间,默认30分钟
token_expiration = 30

# 用户创建项目权限控制,默认是everyone(所有人),也可以设置为adminonly(只能管理员)
project_creation_restriction = everyone

verify_remote_cert = on

配置docker启动

#打开docker启动文件
vim /usr/lib/systemd/system/docker.service
#修改之前
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
#修改之后 注意--insecure-registry=http://192.168.137.140 改成自己的服务器ip
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --insecure-registry=http://192.168.137.142
#保存退出
:wq 回车

重启docker

systemctl daemon-reload
systemctl restart docker

四、Harbor的简单使用

启动Harbor

#回到harbor解压的文件夹下
[root@localhost harbor]# ls
common  docker-compose.notary.yml  docker-compose.yml  harbor_1_1_0_template  harbor.cfg  install.sh  LICENSE  NOTICE  prepare  upgrade
[root@localhost harbor]# ./install.sh

查看Harbor是否启动成功

[root@localhost harbor]# docker ps
CONTAINER ID        IMAGE                              COMMAND                  CREATED             STATUS              PORTS                                                              NAMES
6f0ea0cd30f5        vmware/harbor-jobservice:v1.1.2    "/harbor/harbor_jobs…"   31 seconds ago      Up 28 seconds                                                                          harbor-jobservice
46236f3669c9        vmware/nginx:1.11.5-patched        "nginx -g 'daemon of…"   31 seconds ago      Up 28 seconds       0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
73ae69079f40        vmware/harbor-ui:v1.1.2            "/harbor/harbor_ui"      32 seconds ago      Up 31 seconds                                                                          harbor-ui
b004e6785978        vmware/harbor-db:v1.1.2            "docker-entrypoint.s…"   35 seconds ago      Up 32 seconds       3306/tcp                                                           harbor-db
d8b6661c8009        vmware/registry:2.6.1-photon       "/entrypoint.sh serv…"   35 seconds ago      Up 32 seconds       5000/tcp                                                           registry
9182c7122e11        vmware/harbor-adminserver:v1.1.2   "/harbor/harbor_admi…"   35 seconds ago      Up 32 seconds                                                                          harbor-adminserver
dff37d8757de        vmware/harbor-log:v1.1.2           "/bin/sh -c 'crond &…"   39 seconds ago      Up 35 seconds       127.0.0.1:1514->514/tcp                                            harbor-log
#关闭防火墙
[root@localhost harbor]# service firewalld stop

访问http://ip:80
默认用户名为admin 默认密码为Harbor12345
80为Harbor默认端口,可自行配置
访问成功出现如下页面
在这里插入图片描述

一、在本机登陆Harbor

[root@localhost harbor]# docker login 192.168.137.142
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@localhost harbor]# 

如果登陆报错例如这种:

Error response from daemon: Get https://192.168.168.142/v1/users/: dial tcp 192.168.137.142:443: get

解决方法:
重返上面docker的配置应该哪里粘贴错误或ip未改成自己的服务器ip:
192.168.137.142为自己的ip 如果更改Harbor的端口 则在后面加上端口 登陆的时候也是 否则会失败!

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --insecure-registry=http://192.168.137.142

二、上传镜像到Harbor仓库

1、先走上面的登陆docker 登陆上Harbor再执行上传镜像操作
[root@localhost harbor]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE
vmware/harbor-jobservice    v1.1.2              4ef0a7a33734        3 years ago         163MB
vmware/harbor-ui            v1.1.2              4ee8f190f366        3 years ago         183MB
vmware/harbor-adminserver   v1.1.2              cdcf1bed7eb4        3 years ago         142MB
vmware/harbor-db            v1.1.2              fcb8aa7a0640        3 years ago         329MB
vmware/registry             2.6.1-photon        0f6c96580032        3 years ago         150MB
vmware/nginx                1.11.5-patched      8ddadb143133        3 years ago         199MB
vmware/harbor-log           v1.1.2              9c46a7b5e517        3 years ago         192MB
#-----给镜像打标签  vmware/nginx:1.11.5-patched--服务器上的镜像和版本号  192.168.137.142/library--Harbor地址library是harbor上的项目名称
[root@localhost harbor]# docker tag vmware/nginx:1.11.5-patched 192.168.137.142/library/nginx:latest
[root@localhost harbor]# docker push 192.168.137.142/library/nginx:latest
The push refers to repository [192.168.137.142/library/nginx]
3569f62067e2: Pushed 
3f117c44afbb: Pushed 
c4a8b7411af4: Pushed 
fe4c16cbf7a4: Pushed 
latest: digest: sha256:3dce35afeadd7195877b17bf1514b9e388ed671afe428441fe5e0b02cdc26eeb size: 1160

1、查看上传的镜像

在这里插入图片描述
可以看到已经上传成功!

  • 0
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值