文章目录
环境准备
Harbor的所有服务组件都是在Docker中部署的,所以官方安装使用Docker-compose快速部署,所以需要安装Docker、Docker-compose。由于Harbor是基于Docker Registry V2版本,所以就要求Docker版本不小于1.10.0,Docker-compose版本不小于1.6.0一、安装Docker
安装所需的包。yum-utils提供了yum-config-manager 效用,并device-mapper-persistent-data和lvm2由需要 devicemapper存储驱动程序
1、[root@localhost ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
设置稳定存储库
2、[root@localhost ~]# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
安装Docker CE
3、[root@localhost ~]# yum install -y docker-ce docker-ce-cli containerd.io
验证docker安装是否成功
[root@localhost ~]# docker --version
Docker version 19.03.13, build 4484c46d9d
二、安装Docker-compose
使用daocloud下载 注意docker-compose下载的位置不要随意改动 要和添加权限的位置一样
1、[root@localhost ~]# sudo curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
添加可执行权限
2、[root@localhost ~]# sudo chmod +x /usr/local/bin/docker-compose
验证安装是否成功
[root@localhost /]# docker-compose --version
docker-compose version 1.25.1, build a82fef07
三、安装并且配置Harbor并访问
1.安装Harbor
创建harbor文件夹
[root@localhost harbor]# cd /usr/local
[root@localhost harbor]# mkdir harbor
[root@localhost harbor]# cd harbor
[root@localhost harbor]# wget https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# tar -zxf harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# ls
harbor harbor-online-installer-v1.1.2.tgz
[root@localhost harbor]# cd harbor
[root@localhost harbor]# ls
common docker-compose.notary.yml docker-compose.yml harbor_1_1_0_template harbor.cfg install.sh LICENSE NOTICE prepare upgrade
2.配置Harbor
[root@localhost harbor]# vim harbor.cfg
# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost 此处改为你虚拟机的ip
hostname = 192.168.135.142
# 访问协议,默认是http,也可以设置https,如果设置https,则nginx ssl需要设置on
ui_url_protocol = http
# mysql数据库root用户默认密码root123,实际使用时修改下
db_password = 123456
max_job_workers = 3
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
# 邮件设置,发送重置密码邮件时使用
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
# 启动Harbor后,管理员UI登录的密码,默认是Harbor12345
harbor_admin_password = Harbor12345
# 认证方式,这里支持多种认证方式,如LADP、本次存储、数据库认证。默认是db_auth,mysql数据库认证
auth_mode = db_auth
# LDAP认证时配置项
ldap_url = ldaps://ldap.mydomain.com
#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com
#ldap_search_pwd = password
ldap_basedn = ou=people,dc=mydomain,dc=com
#ldap_filter = (objectClass=person)
ldap_uid = uid
ldap_scope = 3
ldap_timeout = 5
# 是否开启自注册
self_registration = on
# token有效时间,默认30分钟
token_expiration = 30
# 用户创建项目权限控制,默认是everyone(所有人),也可以设置为adminonly(只能管理员)
project_creation_restriction = everyone
verify_remote_cert = on
配置docker启动
#打开docker启动文件
vim /usr/lib/systemd/system/docker.service
#修改之前
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
#修改之后 注意--insecure-registry=http://192.168.137.140 改成自己的服务器ip
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --insecure-registry=http://192.168.137.142
#保存退出
:wq 回车
重启docker
systemctl daemon-reload
systemctl restart docker
四、Harbor的简单使用
启动Harbor
#回到harbor解压的文件夹下
[root@localhost harbor]# ls
common docker-compose.notary.yml docker-compose.yml harbor_1_1_0_template harbor.cfg install.sh LICENSE NOTICE prepare upgrade
[root@localhost harbor]# ./install.sh
查看Harbor是否启动成功
[root@localhost harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6f0ea0cd30f5 vmware/harbor-jobservice:v1.1.2 "/harbor/harbor_jobs…" 31 seconds ago Up 28 seconds harbor-jobservice
46236f3669c9 vmware/nginx:1.11.5-patched "nginx -g 'daemon of…" 31 seconds ago Up 28 seconds 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
73ae69079f40 vmware/harbor-ui:v1.1.2 "/harbor/harbor_ui" 32 seconds ago Up 31 seconds harbor-ui
b004e6785978 vmware/harbor-db:v1.1.2 "docker-entrypoint.s…" 35 seconds ago Up 32 seconds 3306/tcp harbor-db
d8b6661c8009 vmware/registry:2.6.1-photon "/entrypoint.sh serv…" 35 seconds ago Up 32 seconds 5000/tcp registry
9182c7122e11 vmware/harbor-adminserver:v1.1.2 "/harbor/harbor_admi…" 35 seconds ago Up 32 seconds harbor-adminserver
dff37d8757de vmware/harbor-log:v1.1.2 "/bin/sh -c 'crond &…" 39 seconds ago Up 35 seconds 127.0.0.1:1514->514/tcp harbor-log
#关闭防火墙
[root@localhost harbor]# service firewalld stop
访问http://ip:80
默认用户名为admin 默认密码为Harbor12345
80为Harbor默认端口,可自行配置
访问成功出现如下页面
一、在本机登陆Harbor
[root@localhost harbor]# docker login 192.168.137.142
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost harbor]#
如果登陆报错例如这种:
Error response from daemon: Get https://192.168.168.142/v1/users/: dial tcp 192.168.137.142:443: get
解决方法:
重返上面docker的配置应该哪里粘贴错误或ip未改成自己的服务器ip:
192.168.137.142为自己的ip 如果更改Harbor的端口 则在后面加上端口 登陆的时候也是 否则会失败!
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix://var/run/docker.sock --insecure-registry=http://192.168.137.142
二、上传镜像到Harbor仓库
1、先走上面的登陆docker 登陆上Harbor再执行上传镜像操作
[root@localhost harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
vmware/harbor-jobservice v1.1.2 4ef0a7a33734 3 years ago 163MB
vmware/harbor-ui v1.1.2 4ee8f190f366 3 years ago 183MB
vmware/harbor-adminserver v1.1.2 cdcf1bed7eb4 3 years ago 142MB
vmware/harbor-db v1.1.2 fcb8aa7a0640 3 years ago 329MB
vmware/registry 2.6.1-photon 0f6c96580032 3 years ago 150MB
vmware/nginx 1.11.5-patched 8ddadb143133 3 years ago 199MB
vmware/harbor-log v1.1.2 9c46a7b5e517 3 years ago 192MB
#-----给镜像打标签 vmware/nginx:1.11.5-patched--服务器上的镜像和版本号 192.168.137.142/library--Harbor地址library是harbor上的项目名称
[root@localhost harbor]# docker tag vmware/nginx:1.11.5-patched 192.168.137.142/library/nginx:latest
[root@localhost harbor]# docker push 192.168.137.142/library/nginx:latest
The push refers to repository [192.168.137.142/library/nginx]
3569f62067e2: Pushed
3f117c44afbb: Pushed
c4a8b7411af4: Pushed
fe4c16cbf7a4: Pushed
latest: digest: sha256:3dce35afeadd7195877b17bf1514b9e388ed671afe428441fe5e0b02cdc26eeb size: 1160
1、查看上传的镜像
可以看到已经上传成功!