持续集成与持续交付 - 部署Harbor(harbor 2.2.1版本)

最新推荐文章于 2024-05-05 23:56:22 发布
最新推荐文章于 2024-05-05 23:56:22 发布
阅读量1.4k 收藏
点赞数 1
分类专栏: CI/CD
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/thesre/article/details/116198590
版权

部署Harbor

步骤1 - 部署Registry
下载并解压

╭─root at host01 in ~ 21-04-28 - 5:11:49
╰─○ wget https://github.com/goharbor/harbor/releases/download/v2.2.1/harbor-online-installer-v2.2.1.tgz; tar zxf harbor-online-installer-v2.2.1.tgz; cd harbor 
--2021-04-28 05:12:22--  https://github.com/goharbor/harbor/releases/download/v2.2.1/harbor-online-installer-v2.2.1.tgz
Resolving github.com (github.com)... 140.82.121.4
Connecting to github.com (github.com)|140.82.121.4|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-releases.githubusercontent.com/50613991/6b254700-916d-11eb-9505-d5ff5f1bbb6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210428%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210428T051224Z&X-Amz-Expires=300&X-Amz-Signature=bbc39d0d77f8b55e59715364f018cecaf22abecc7c08d52a68797b819b1ffb07&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.2.1.tgz&response-content-type=application%2Foctet-stream [following]
--2021-04-28 05:12:23--  https://github-releases.githubusercontent.com/50613991/6b254700-916d-11eb-9505-d5ff5f1bbb6d?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210428%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210428T051224Z&X-Amz-Expires=300&X-Amz-Signature=bbc39d0d77f8b55e59715364f018cecaf22abecc7c08d52a68797b819b1ffb07&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.2.1.tgz&response-content-type=application%2Foctet-stream
Resolving github-releases.githubusercontent.com (github-releases.githubusercontent.com)... 185.199.109.154, 185.199.110.154, 185.199.111.154, ...
Connecting to github-releases.githubusercontent.com (github-releases.githubusercontent.com)|185.199.109.154|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9446 (9.2K) [application/octet-stream]
Saving to: ‘harbor-online-installer-v2.2.1.tgz’

harbor-online-installer-v2.2 100%[==============================================>]   9.22K  --.-KB/s    in 0s      

2021-04-28 05:12:23 (74.8 MB/s) - ‘harbor-online-installer-v2.2.1.tgz’ saved [9446/9446]

修改主机名配置

╭─root at host01 in ~/harbor 21-04-28 - 5:12:33
╰─○ cp -a harbor.yml.tmpl harbor.yml      
╭─root at host01 in ~/harbor 21-04-28 - 5:13:33
╰─○ sed -i s/reg\.mydomain\.com/172.17.0.40/g harbor.yml
╭─root at host01 in ~/harbor 21-04-28 - 5:13:33
╰─○ grep domain harbor.yml #设置证书与key的路径(可以根据官网配置HTTPS的步骤来生成自签名证书)
  certificate: /data/cert/yourdomain.com.crt
  private_key: /data/cert/yourdomain.com.key
$

生成crt与key文件的脚本(按照官网知道生成的self-signed的)

╭─root at host01 in ~/harbor 21-04-28 - 5:13:41
╰─○ openssl genrsa -out ca.key 4096 #Generate a CA certificate private key.

# Generate the CA certificate.
openssl req -x509 -new -nodes -sha512 -days 3650 \
 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com" \
 -key ca.key \
 -out ca.crt

#Generate a private key.
openssl genrsa -out yourdomain.com.key 4096
#Generate a certificate signing request (CSR).
openssl req -sha512 -new \
    -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com" \
    -key yourdomain.com.key \
    -out yourdomain.com.csr
#Generate an x509 v3 extension file.
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1=yourdomain.com
DNS.2=yourdomain
DNS.3=hostname
EOF

#Use the v3.ext file to generate a certificate for your Harbor host.
openssl x509 -req -sha512 -days 3650 \
    -extfile v3.ext \
    -CA ca.crt -CAkey ca.key -CAcreateserial \
    -in yourdomain.com.csr \
    -out yourdomain.com.crt

#Copy to /data/cert
mkdir -p /data/cert
cp yourdomain.com.crt /data/cert/
cp yourdomain.com.key /data/cert/

Generating RSA private key, 4096 bit long modulus
......................................................................................................................................................................................................................................................................................................................................++
................................................................................................................................................................................................................................................++
e is 65537 (0x10001)
Generating RSA private key, 4096 bit long modulus
...............................................................................................................................++
..........................++
e is 65537 (0x10001)
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=yourdomain.com
Getting CA Private Key

安装

╭─root at host01 in ~/harbor 21-04-28 - 5:16:43
╰─○ ./install.sh

[Step 0]: checking if docker is installed ...

Note: docker version: 19.03.13

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 1.25.5


[Step 2]: preparing environment ...

[Step 3]: preparing harbor configs ...
prepare base dir is set to /root/harbor
Unable to find image 'goharbor/prepare:v2.2.1' locally
v2.2.1: Pulling from goharbor/prepare
84a8592c0fa5: Pull complete 
6f36fbc8ef10: Pull complete 
c865845f3add: Pull complete 
9500bc39cfc3: Pull complete 
8142a5c8d11c: Pull complete 
f855906daa39: Pull complete 
8a495f20b30f: Pull complete 
b5cec4560407: Pull complete 
Digest: sha256:ceee6b634baeeaac4d8c9344cf8daf548a1561733b1fdee1349da7523f4b297c
Status: Downloaded newer image for goharbor/prepare:v2.2.1
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir



[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Pulling log (goharbor/harbor-log:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-log
84a8592c0fa5: Already exists
17adc82a5818: Pull complete
4e68f5622fec: Pull complete
bc28588a610a: Pull complete
156409f9ae72: Pull complete
92fbb332f3b2: Pull complete
6848792f2c6e: Pull complete
9fed2e290b3d: Pull complete
Digest: sha256:3d54f2ab71574658976daaa633504d975f8bf2ff0c5fa17ed1e7850e1a890d49
Status: Downloaded newer image for goharbor/harbor-log:v2.2.1
Pulling registry (goharbor/registry-photon:v2.2.1)...
v2.2.1: Pulling from goharbor/registry-photon
84a8592c0fa5: Already exists
9dedd751603f: Pull complete
90fc241c2fe4: Pull complete
6d1b59193906: Pull complete
ba079abed213: Pull complete
2b5d0f445c00: Pull complete
Digest: sha256:0ac1c3543c49bd7e12b01ea8cfb120f83b9f2c94e7ce5a7d1afaabbbc92befae
Status: Downloaded newer image for goharbor/registry-photon:v2.2.1
Pulling registryctl (goharbor/harbor-registryctl:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-registryctl
84a8592c0fa5: Already exists
76118a0eeecb: Pull complete
08ee31d5cbdd: Pull complete
66dfbfef7fd4: Pull complete
060ff5731a1a: Pull complete
f2bb1bcbb1e6: Pull complete
efa79e369997: Pull complete
Digest: sha256:32fc649e64459ce0db75f963b35d21bea680015a141edd1b6cf5bad4f8fb6ab9
Status: Downloaded newer image for goharbor/harbor-registryctl:v2.2.1
Pulling postgresql (goharbor/harbor-db:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-db
84a8592c0fa5: Already exists
0c0b756e7011: Pull complete
c1c77186d29d: Pull complete
8498cf7d0523: Pull complete
19ddfd344879: Pull complete
ae355fccaf59: Pull complete
b61a956e6543: Pull complete
c3c2a780e1ed: Pull complete
3047d1251884: Pull complete
Digest: sha256:376337a33efe5beda56c8024937f3cc5a7eda51ac50ff4fffecac0e72f910fd1
Status: Downloaded newer image for goharbor/harbor-db:v2.2.1
Pulling portal (goharbor/harbor-portal:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-portal
84a8592c0fa5: Already exists
9a38bbe2c59d: Pull complete
e48760534352: Pull complete
34a44eb25068: Pull complete
Digest: sha256:030b8285f5e3e5c1f5ee4e984111164ca0cd23f1ef892f81b4a2fd79584bfd9a
Status: Downloaded newer image for goharbor/harbor-portal:v2.2.1
Pulling redis (goharbor/redis-photon:v2.2.1)...
v2.2.1: Pulling from goharbor/redis-photon
84a8592c0fa5: Already exists
dd7b5d791088: Pull complete
2198b51de4ad: Pull complete
01053a39e952: Pull complete
2c17de361574: Pull complete
Digest: sha256:d7b4900ab786946e9857d45133639880d88b6f06b39e2e522e0185873ec7c500
Status: Downloaded newer image for goharbor/redis-photon:v2.2.1
Pulling core (goharbor/harbor-core:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-core
84a8592c0fa5: Already exists
bbc8d4f784ab: Pull complete
04c4d7fa11cd: Pull complete
4bf776cbb743: Pull complete
09b7f721edc2: Pull complete
aad1766cc86c: Pull complete
cf858f47d9c0: Pull complete
bc2e4210189d: Pull complete
3854ce3a6a61: Pull complete
e397bb5803d8: Pull complete
Digest: sha256:d8813789bd9a9dfc9bc8c439396a752a9753275b7130aad82a7e8b6cc95f5693
Status: Downloaded newer image for goharbor/harbor-core:v2.2.1
Pulling jobservice (goharbor/harbor-jobservice:v2.2.1)...
v2.2.1: Pulling from goharbor/harbor-jobservice
84a8592c0fa5: Already exists
6756e6fecf2f: Pull complete
114e327150fd: Pull complete
27542d866a20: Pull complete
9b70c73fbc90: Pull complete
f60c551036eb: Pull complete
Digest: sha256:8b617874fe5ac569172a8cb271763dd24333007bf5e040e6a3ae355ae23f7109
Status: Downloaded newer image for goharbor/harbor-jobservice:v2.2.1
Pulling proxy (goharbor/nginx-photon:v2.2.1)...
v2.2.1: Pulling from goharbor/nginx-photon
84a8592c0fa5: Already exists
5df0718a13f5: Pull complete
Digest: sha256:947b4eaabd4fd86b270bbad1e95a0e2051203cf46248ec4d7a30300e0ec57c95
Status: Downloaded newer image for goharbor/nginx-photon:v2.2.1
Creating harbor-log ... done
Creating harbor-portal ... done
Creating registryctl   ... done
Creating registry      ... done
Creating harbor-db     ... done
Creating redis         ... done
Creating harbor-core   ... done
Creating harbor-jobservice ... done
Creating nginx             ... done
✔ ----Harbor has been installed and started successfully.----
╭─root at host01 in ~/harbor 21-04-28 - 5:18:10
╰─○

步骤2 - 访问UI
找到用户名与密码

╭─root at host01 in ~/harbor 21-04-28 - 5:18:10
╰─○ grep -B1 harbor_admin_password harbor.yml 
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345

在首页输入管理员用户名与密码
在这里插入图片描述

登录进入到管理员首页。我们新建一个项目
在这里插入图片描述查看push到该仓库的方法,如图本实例是172.17.0.40
在这里插入图片描述

步骤3 - 命令行docker登录

╭─root at host01 in ~/harbor 21-04-28 - 5:19:05
╰─○ docker login 172.17.0.40
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
$

步骤4 - push镜像到harbor

╭─root at host01 in ~/harbor 21-04-28 - 5:21:06
╰─○ docker tag ubuntu 172.17.0.40/project-a/ubuntu
╭─root at host01 in ~/harbor 21-04-28 - 5:21:26
╰─○ docker push 172.17.0.40/project-a/ubuntu
The push refers to repository [172.17.0.40/project-a/ubuntu]
cc9d18e90faa: Pushed 
0c2689e3f920: Pushed 
47dde53750b4: Pushed 
latest: digest: sha256:1d7b639619bdca2d008eca2d5293e3c43ff84cbee597ff76de3b7a7de3e84956 size: 943
╭─root at host01 in ~/harbor 21-04-28 - 5:21:36
╰─○

回到UI界面,可以看到刚push的镜像
在这里插入图片描述

harbor的默认存放路径

╭─root at host01 in ~/harbor 21-04-28 - 5:21:36
╰─○ ls /data/registry/docker/registry/v2/repositories/project-a/ubuntu/
_layers  _manifests  _uploads
王万林 Ben
关注
  • 1
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
harbor一键安装(harbor-v2.0.2软件包和harbor-v2.0.2安装脚本)
09-03
软件环境:centos7.5 需要提前安装文件编辑工具 vim yum install -y vim 一键执行harbor-install.sh即可 其中有个环节需要修改配置文件 只需按照以下安装脚本harbor-install.sh文件中3.4步骤进行修改即可
Harbor概述
热门推荐
spt_dream的博客
02-16 1万+
其实Harbor镜像复制采用了一个更加通用、高屋建瓴的做法,通过docker registry 的API去拷贝,这不是省事,这种做法屏蔽了繁琐的底层文件操作、不仅可以利用现有docker registry功能不必重复造轮子,而且可以解决冲突和一致性的问题。其实关于镜像的存储,Harbor使用的是官方的docker registry服务去完成,至于registry是用本地存储或者s3都是可以的,Harbor的功能是在此之上提供用户权限管理、镜像复制等功能,提高使用的registry的效率。
github使用问题记录及解决办法
yoyo_0316的博客
05-17 750
错误码:yoyozhangh@ITA-1405-0050 MINGW64 /e/AndroidStudioProjects/TestWppPlayerInterfaceARR (master) $ git push origin HEAD:refs/for/master To https://github.com/yoyo0316/TestWppPlayerInterfaceARR.git ! [
Docker--harbor私有仓库部署与管理
最新发布
Miraitowa_xu的博客
05-05 1098
Harbor 是 VMware 公司开源的企业级 Docker Registry 项目,其目标是帮助用户迅速搭建一个企业级的 Docker Registry 服务。Harbor以 Docker 公司开源的 Registry 为基础,提供了图形管理 UI 、基于角色的访问控制(Role Based AccessControl) 、AD/LDAP 集成、以及审计日志(Auditlogging) 等企业用户需求的功能,同时还原生支持中文。
【学会偷懒】harbor的自动pull及push
Jxc的个人博客
10-30 558
【学会偷懒】harbor的自动pull及push
HarborV2.2.2安装
小啊宇的博客
05-18 1451
docker安装 yum -y install yum-utils yum-config-manager --add-repo https://mirrors.ustc.edu.cn/docker-ce/linux/centos/docker-ce.repo yum -y install docker-ce [root@master ~]# systemctl start docker [root@master ~]# docker --version Docker version
修改harbor显示的端口
苦逼码农的博客
11-24 1164
1.位置 /home/harbor/common/config/core/env 2.修改此地址 EXT_ENDPOINT=https://xxx
docker docker-compose部署harbor
08-26
docker docker-compose部署harbor
harbor-offline-installer-v2.2.1.tgz
04-21
harbor-offline-installer-v2.2.1,2021-4-21 20:53:23
bitnami-docker-harbor-notary-server:用于Harbour公证服务器的Bitnami Docker映像
04-08
什么是Harbor Notary Server? Harbor Notary Server是...$ curl -LO https://raw.githubusercontent.com/bitnami/bitnami-docker-harbor-portal/master/docker-compose.yml $ curl -L https://github.com/bitnami/
离线版本docker-harbor部署与注意事项!
03-14
离线版本docker-harbor部署与注意事项! 1,版本为:1.7.5 2,部署方式:离线 3,部署前需要部署内容,请先阅读Docker-harbor离线部署方案.docx.doc
harbor-offline-installer-v2.2.1.zip
04-09
harbor-offline-installer-v2.2.1
Harbor1.2升级到1.6版本
CloudZjj的博客
09-17 730
Harbor1.2升级到1.6版本欢迎使用Markdown编辑器新的改变功能快捷键合理的创建标题,有助于目录的生成如何改变文本的样式插入链接与图片如何插入一段漂亮的代码片生成一个适合你的列表创建一个表格设定内容居中、居左、居右SmartyPants创建一个自定义列表如何创建一个注脚注释也是必不可少的KaTeX数学公式新的甘特图功能,丰富你的文章UML 图表FLowchart流程图导出与导入导出导入...
docker harbor的安装及管理
kwame211的博客
02-27 2838
一、环境介绍 目标主机的先决条件 Harbor部署为多个Docker容器,因此可以部署在任何支持Docker的Linux发行版上。目标主机需要安装Python,Docker和Docker Compose。 硬件 资源 容量 描述 cpu 最小2cpu 首选4cpu memory 最小4GB 首选8GB disk 最小40GB 首选16...
helm3安装harbor仓库
午睡的龟
02-08 3659
主要内容 helm 安装 harbor仓库 国内需要换成国内源 helm repo add stable http://mirror.azure.cn/kubernetes/charts 添加harbor源 helm repo add harbor https://helm.goharbor.io helm搜索 $ helm search repo harbor NAME ...
Harbor2.1.2最新版本+自动生成SSL证+简单扫描
weixin_42562106的博客
11-10 1360
包下载. https://github.com/goharbor/harbor/releases docker-compose工具下载安装 https://github.com/docker/compose/releases/ chmod +x /usr/local/bin/docker-compose 修改yml文件 hostname: 192.168.1.103 #https: # # https port for harbor, default is 443 # port: 443 # #
Harbor 源码分析之registry v2认证(三)
柳清风的专栏
05-18 3350
其实harbor涉及的部分远不止和docker registry认证,但这里管理比较紧密,而大家对这部分可能不太熟悉的地方。docker registry v1大家估计都还记得,最大的问题莫过于镜像不能删除和没有安全认证的问题。v2就集成了一个安全认证功能,但个人觉得这个安全认证是在扔包袱,把安全丢到外面,让外面去完成,下面就细细分析一下。 这里首先盗用一下官网的图,介绍一下步骤1.docker
K8s & K3s 集群中 Hlem 化部署 Harbor
weixin_36532747的博客
04-13 968
Harbor 简介 Harbor是VMware公司开源的企业级DockerRegistry项目,其目标是帮助用户迅速搭建一个企业级的Dockerregistry服务。 它以Docker公司开源的registry为基础,提供了管理UI,基于角色的访问控制(Role Based Access Control),AD/LDAP集成、以及审计日志(Auditlogging) 等企业用户需求的功能,同时还原生支持中文。 架构及组件 主要组件包括proxy,他是一个nginx前端代理,主要是分发前端页面ui访问和镜
push到harbor的注意事项
阿白,
10-23 2863
先在/etx/docker/daemon.json设置好私有仓库,这里最好设置了端口如 登录上这个私有仓库 docker login 192.168.160.149:8089(指定端口) 在harbor建立一个项目了,叫harbor,这里是它的打标签和推送命令,按这两条命令里作即可上传成功 错误问题总结: 1.Error response from daemon: Get “https://192.168.160.149/v2/”: dial tcp 192.168.160.149:443: conne
Kubernetes 1.14 部署Harbor、Helm集成指南
"kubernetes1.14 部署文档,包括nfs持久化存储,nginx-ingress,helm,harbor本地仓库,可视化UI,prometheus监控" 在部署Kubernetes 1.14的过程中,首先需要对系统进行一系列的优化和配置。这包括修改主机名并设置...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

王万林 Ben

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值