sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
sudo systemctl start docker
sudo docker run hello-world
https://github.com/docker/compose/releases
https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-linux-x86_64
scp E:\下载\docker-compose-linux-x86_64 root@Centos机子IP地址:/root/
[root@localhost ~]# cp docker-compose-linux-x86_64 /usr/local/bin/
[root@localhost ~]# cd /usr/local/bin/
[root@localhost bin]# mv docker-compose-linux-x86_64 docker-compose
[root@localhost bin]# chmod +x /usr/local/bin/docker-compose
[root@localhost /]# docker-compose -v
Docker Compose version v2.24.6
[root@localhost ~]# yum install wget -y
https://github.com/goharbor/harbor/releases
wget https://github.com/goharbor/harbor/releases/download/v2.9.3/harbor-offline-installer-v2.9.3.tgz
scp E:\下载\harbor-offline-installer-v2.9.3.tgz root@Centos机子IP地址:/root/
[root@localhost ~]# tar xvf harbor-offline-installer-v2.9.3.tgz -C /usr/local/
[root@localhost ~]# vim /usr/local/harbor/harbor.yml.tmpl
hostname: 192.168.77.130
注释掉:
#https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/path
[root@localhost ~]# cd /usr/local/harbor/
[root@localhost harbor]# mv harbor.yml.tmpl harbor.yml
[root@localhost /]# sh /usr/local/harbor/install.sh
[root@localhost /]# sh /usr/local/harbor/install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 25.0.4
[Step 1]: checking docker-compose is installed ...
Note: Docker Compose version v2.24.7
[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-jobservice:v2.9.3
Loaded image: goharbor/harbor-exporter:v2.9.3
Loaded image: goharbor/redis-photon:v2.9.3
Loaded image: goharbor/prepare:v2.9.3
Loaded image: goharbor/harbor-log:v2.9.3
Loaded image: goharbor/harbor-db:v2.9.3
Loaded image: goharbor/harbor-registryctl:v2.9.3
Loaded image: goharbor/nginx-photon:v2.9.3
Loaded image: goharbor/registry-photon:v2.9.3
Loaded image: goharbor/trivy-adapter-photon:v2.9.3
Loaded image: goharbor/harbor-portal:v2.9.3
Loaded image: goharbor/harbor-core:v2.9.3
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /usr/local/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
Note: stopping existing Harbor instance ...
[Step 5]: starting Harbor ...
[+] Running 1/10
[+] Running 1/10r_harbor Created 0.7s
[+] Running 1/10r_harbor Created 0.8s
[+] Running 1/10r_harbor Created 0.9s
[+] Running 1/10r_harbor Created 1.0s
[+] Running 1/10r_harbor Created 1.1s
[+] Running 3/10r_harbor Created 1.2s
⠹ Network harbor_harbor Created 1.3s
✔ Container harbor-log Started 0.4s[+] Running 4/10bor-db Starting 0.9s
⠸ Network harbor_harbor Created 1.4s
✔ Container harbor-log Started 0.4s ⠏ Container registry Starting 1.0s
[+] Running 5/10rbor-db Started 0.9s
⠼ Network harbor_harbor Created 1.5s
✔ Container harbor-log Started 0.4s ⠏ Container harbor-portal Starting 1.0s
✔ Container harbor-db Started 0.9s[+] Running 6/10gistryctl Started 0.9s
⠴ Network harbor_harbor Created 1.6s
✔ Container harbor-log Started 0.4s ⠙ Container redis Starting 1.2s
✔ Container harbor-db Started 0.9s ⠋ Container harbor-jobservice Created 1.0s
[+] Running 6/10gistry Started 1.1s
⠦ Network harbor_harbor Created 1.7s
✔ Container harbor-log Started 0.4s ⠙ Container nginx Created 1.1s
✔ Container harbor-db Started 0.9s
[+] Running 6/10gistry Started 1.1s
⠧ Network harbor_harbor Created 1.8s
✔ Container harbor-log Started 0.4s ⠹ Container nginx Created 1.2s
✔ Container harbor-db Started 0.9s
[+] Running 7/10gistry Started 1.1s
⠇ Network harbor_harbor Created 1.9s
✔ Container harbor-log Started 0.4s ⠸ Container nginx Created 1.3s
✔ Container harbor-db Started 0.9s
✔ Container registry Started 1.1s[+] Running 7/10
⠏ Network harbor_harbor Created 2.0s
✔ Container harbor-log Started 0.4s ✔ Container registryctl Started 0.9s
✔ Container harbor-db Started 0.9s ✔ Container harbor-portal Started 1.2s
✔ Container registry Started 1.1s[+] Running 7/10rbor-core Started 1.4s
⠋ Network harbor_harbor Created 2.1s
✔ Container harbor-log Started 0.4s ✔ Container registryctl Started 0.9s
✔ Container harbor-db Started 0.9s ✔ Container harbor-portal Started 1.2s
✔ Container registry Started 1.1s[+] Running 7/10rbor-core Started 1.4s
⠙ Network harbor_harbor Created 2.2s
✔ Container harbor-log Started 0.4s ✔ Container registryctl Started 0.9s
✔ Container harbor-db Started 0.9s ✔ Container harbor-portal Started 1.2s
✔ Container registry Started 1.1s[+] Running 8/10rbor-core Started 1.4s
⠹ Network harbor_harbor Created 2.3s
✔ Container harbor-log Started 0.4s ✔ Container registryctl Started 0.9s
✔ Container harbor-db Started 0.9s ✔ Container harbor-portal Started 1.2s
✔ Container registry Started 1.1s ✔ Container harbor-core Started 1.4s
[+] Running 8/10dis Started 1.2s
⠸ Network harbor_harbor Created 2.4s
✔ Container harbor-log Started 0.4s
✔ Container harbor-db Started 0.9s
✔ Container registry Started 1.1s
[+] Running 9/10dis Started 1.2s
⠼ Network harbor_harbor Created 2.4s
✔ Container harbor-log Started 0.4s
✔ Container harbor-db Started 0.9s
✔ Container registry Started 1.1s
✔ Container redis Started 1.2s ✔ Container harbor-jobservice Started 1.9s
✔ Container registryctl Started 0.9s
✔ Container harbor-portal Started 1.2s
✔ Container harbor-core Started 1.4s
✔ Container nginx Started 2.0s
✔ Container harbor-jobservice Started 1.9s
✔ ----Harbor has been installed and started successfully.----
[root@localhost /]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5d:b6:57 brd ff:ff:ff:ff:ff:ff
inet 192.168.77.130/24 brd 192.168.77.255 scope global noprefixroute dynamic ens33
valid_lft 1232sec preferred_lft 1232sec
inet6 fe80::1e56:f0a9:2dec:c6c9/64 scope link noprefixroute
valid_lft forever preferred_lft forever
登录网页
IP
[root@localhost ~]# docker pull cirros
Using default tag: latest
latest: Pulling from library/cirros
6cef03f2716e: Pull complete
c20c831735ad: Pull complete
e89e17c0b536: Pull complete
Digest: sha256:6b2d9f5341bce2b1fb29669ff46744a145079ccc6a674849de3a4946ec3d8ffb
Status: Downloaded newer image for cirros:latest
docker.io/library/cirros:latest
[root@localhost ~]# docker tag cirros 127.0.0.1/myproject-kgc/cirros:v1
[root@localhost ~]# docker push 127.0.0.1/myproject-kgc/cirros:v1
The push refers to repository [127.0.0.1/myproject-kgc/cirros]
d8083b07a8e2: Pushed
b42b2edd1b7f: Pushed
032cc20cbfb2: Pushed
v1: digest: sha256:d573d48afdade1ef2c5bba38681e8c8ce0794e985409e7d5c35a2c3653c547aa size: 943
Docker 客户端上传镜像修改:
[root@localhost ~]# docker login -u admin -p Harbor12345 http://192.168.77.130
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get "https://192.168.77.130/v2/": dial tcp 192.168.77.130:443: connect: connection refused
[root@localhost ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry IP地址
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker
[root@localhost ~]# docker login -u admin -p Harbor12345 http://192.168.77.130
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost ~]# docker pull cirros
[root@localhost ~]# docker tag cirros 192.168.77.130/myproject-kgc/cirros:v2
[root@localhost ~]# docker push 192.168.77.130/myproject-kgc/cirros:v2
The push refers to repository [192.168.77.130/myproject-kgc/cirros]
d8083b07a8e2: Layer already exists
b42b2edd1b7f: Layer already exists
032cc20cbfb2: Layer already exists
v2: digest: sha256:d573d48afdade1ef2c5bba38681e8c8ce0794e985409e7d5c35a2c3653c547aa size: 943
[root@localhost ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
e1caac4eb9d2: Pull complete
88f6f236f401: Pull complete
c3ea3344e711: Pull complete
cc1bb4345a3a: Pull complete
da8fa4352481: Pull complete
c7f80e9cdab2: Pull complete
18a869624cb6: Pull complete
Digest: sha256:c26ae7472d624ba1fafd296e73cecc4f93f853088e6a9c13c0d52f6ca5865107
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost ~]# docker tag nginx 192.168.77.130/myproject-kgc/nginx:v1
[root@localhost ~]# docker push 192.168.77.130/myproject-kgc/nginx:v1
The push refers to repository [192.168.77.130/myproject-kgc/nginx]
61a7fb4dabcd: Pushed
bcc6856722b7: Pushed
188d128a188c: Pushed
7d52a4114c36: Pushed
3137f8f0c641: Pushed
84619992a45b: Pushed
ceb365432eec: Pushed
v1: digest: sha256:678226242061e7dd8c007c32a060b7695318f4571096cbeff81f84e50787f581 size: 1778
打开网页查看
Harbor 日常操作管理
创建用户
用户管理
添加项目成员
客户端删除本地镜像
[root@localhost ~]# docker rmi 192.168.77.130/myproject-kgc/cirros:v2
Untagged: 192.168.77.130/myproject-kgc/cirros:v2
Untagged: 192.168.77.130/myproject-kgc/cirros@sha256:d573d48afdade1ef2c5bba38681e8c8ce0794e985409e7d5c35a2c3653c547aa
用创建的账户登录
[root@localhost ~]# docker logout 192.168.77.130
Removing login credentials for 192.168.77.130
[root@localhost ~]# docker login 192.168.77.130
Username: administrator
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
下载镜像
[root@localhost ~]# docker pull 192.168.77.130/myproject-kgc/cirros:v1
v1: Pulling from myproject-kgc/cirros
Digest: sha256:d573d48afdade1ef2c5bba38681e8c8ce0794e985409e7d5c35a2c3653c547aa
Status: Downloaded newer image for 192.168.77.130/myproject-kgc/cirros:v1
192.168.77.130/myproject-kgc/cirros:v1
docker-compose 管理Harbor
假设,要修改Harbor.yml的配置文件时,先停止现有的Harbor实列,然后运行prepare脚本来填充配置,最后重新创建启动Harbor的实例
[root@localhost harbor]# docker-compose down -v
[root@localhost harbor]# vi harbor.yml
[root@localhost harbor]# ./prepare
[root@localhost harbor]# docker-compose up -d
移除Harbor 服务容易,同时保留镜像数据/数据库的操作:
[root@localhost harbor]# docker-compose down -v
重新部署,移除Harbor服务容器的全部数据在宿主机/data/目录下,日志数据在宿主机的/var/log/Harbor目录下
[root@localhost harbor]# rm -rf /data/database/
[root@localhost harbor]# rm -rf /data/registry/
构建tomcat镜像
安装docker
yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
systemctl start docker
[root@localhost ~]# mkdir tomcat
Windows 下传输文件
C:\Users\Administrator>scp E:\桌面\jdk-8u162-linux-x64.tar.gz root@10.25.3.202:/root/tomcat/
root@10.25.3.202's password:
jdk-8u162-linux-x64.tar.gz 100% 181MB 10.3MB/s 00:17
[root@localhost ~]# cd tomcat/
[root@localhost tomcat]#ls
apache-tomcat-8.5.35.tar.gz
[root@localhost tomcat]# tar xzvf jdk-8u162-linux-x64.tar.gz
[root@localhost tomcat]# vim Dockerfile
FROM centos:latest
MAINTAINER The CentOS Project Cx330
ADD jdk1.8.0_162 /usr/local/jdk-8u162
ENV JAVA_HOME /usr/local/jdk-8u162
ENV JAVA_BIN /usr/local/jdk-8u162/bin
ENV JRE_HOME /usr/local/jdk-8u162/jre
ENV PATH $PATH:/usr/local/jdk-8u162/bin:/usr/local/jdk-8u162/jre/bin
ENV CLASSPATH /usr/local/jdk-8u162/jre/bin:/usr/local/jdk-8u162/jre/lib/charsets.jar
RUN mkdir -p /usr/local/tomcat
RUN curl -O https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.35/bin/apache-tomcat-8.5.35.tar.gz
RUN tar -zvxf apache-tomcat-8.5.35.tar.gz -C /usr/local/tomcat
EXPOSE 8080
[root@localhost tomcat]# docker build -t tomcat:centos . (#主要有一个.!!!)
[root@localhost tomcat]# docker run -itd -p 80:8080 tomcat:centos bash
98c0f3f8595d7757984b69e92a1cb8cbf618eb5d8c5a3ff4cb2c086d80cad243
[root@localhost tomcat]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
98c0f3f8595d tomcat:centos "bash" 3 minutes ago Up 3 minutes 0.0.0.0:80->8080/tcp, :::80->8080/tcp ecstatic_almeida
[root@localhost tomcat]# docker exec -it 98c0f3f8595d bash (!!!)
[root@98c0f3f8595d /]# /usr/local/tomcat/apache-tomcat-8.5.35/bin/startup.sh
Using CATALINA_BASE: /usr/local/tomcat/apache-tomcat-8.5.35
Using CATALINA_HOME: /usr/local/tomcat/apache-tomcat-8.5.35
Using CATALINA_TMPDIR: /usr/local/tomcat/apache-tomcat-8.5.35/temp
Using JRE_HOME: /usr/local/jdk-8u162/jre
Using CLASSPATH: /usr/local/tomcat/apache-tomcat-8.5.35/bin/bootstrap.jar:/usr/local/tomcat/apache-tomcat-8.5.35/bin/tomcat-juli.jar
Tomcat started.
[root@98c0f3f8595d /]#exit
edge网址输入IP