目录
安装Docker、Docker-compose
安装 docker
$ yum install -y python-devel libffi-devel gcc openssl-devel libselinux-python
$ yum install -y yum-utils lvm2 device-mapper-persistent-data
$ yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
$ yum repolist
$ yum install docker-ce docker-ce-cli containerd.io -y
$ systemctl enable docker
$ systemctl start docker
# docker加速
$ curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://f1361db2.m.daocloud.io
安装 Docker Compose
$ curl -L https://get.daocloud.io/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
$ chmod +x /usr/local/bin/docker-compose
安装Harbor
下载离线包
$ https://github.com/goharbor/harbor/releases/download/v2.1.6/harbor-offline-installer-v2.1.6.tgz
$ tar -xvf harbor-offline-installer-v2.1.6.tgz && cd harbor
配置证书
# 创建目录
$ mkdir -p /harbor/{cert,data}
$ chmod -R 777 /harbor/cert/
$ cd /harbor/cert/
# 生成私钥
$ openssl genrsa -des3 -out harbor.key 2048
Generating RSA private key, 2048 bit long modulus
..............................................................+++
...................+++
e is 65537 (0x10001)
Enter pass phrase for harbor.key: # 输入密码,如1234
Verifying - Enter pass phrase for harbor.key: # 确认密码,如1234
# 生成CA证书
$ openssl req -sha512 -new -subj "/C=CN/ST=BJ/L=BJ/O=XX/OU=it/CN=reg.demo.com" -key harbor.key -out harbor.csr
Enter pass phrase for harbor.key: # 输入密码
# 备份证书
$ cp harbor.key harbor.key.org
# 去掉私钥密码,以便docker访问,也可以参考官方进行双向认证
$ openssl rsa -in harbor.key.org -out harbor.key
# 使用证书进行签名
$ openssl x509 -req -days 1000 -in harbor.csr -signkey harbor.key -out harbor.crt
修改配置文件
cp harbor.yml.tmpl harbor.yml
# 修改配置
vim harbor.yml
# 修改主机名
hostname: reg.demo.com
# 修改证书
https:
port: 443
certificate: /harbor/cert/harbor.crt
private_key: /harbor/cert/harbor.key
# 修改密码
harbor_admin_password: harbor@12345
# 修改数据存储位置
data_volume: /harbor/data
安装
$ ./install.sh --with-clair --with-chartmuseum
$ docker ps | grep harbor
访问
访问:https://reg.demo.com/,用户名/密码:admin/harbor@12345
配置docker使用harbor
vim /etc/docker/daemon.json
{
...
"insecure-registries":["https://reg.demo.com","192.168.42.131"],
...
}
systemctl restart docker
使用harbor
-
创建项目
-
查看推送命令
.
-
登录harbor
docker login https://reg.demo.com
- 推送镜像
docker tag test:0.1 reg.demo.com/mydemo/test:0.1
docker push reg.demo.com/mydemo/test:0.1
登录harbor页面验证