Harbor 版本 V2.1.0 KunPeng ARM64 Centos7.8
- 正常跟着Makefile编译就行,我是因为网络问题,分开编译的,二进制单独编译的,然后编译的base image 然后 才是offline离线包
遇到错误
redis
容器服务有问题,排查中,可登陆了,不知道影响功能范围多大
解决办法:
base
镜像的redis
出现了架构错误:<jemalloc>: Unsupported system page size
,所以替换了base
镜像,以前是photon3.0 tdnf install redis
改成了Kunpeng
自编的redis5.0.9 images
的基础上使用harbor/make/photon/redis
中的Dockerfile
重编redis-photon server
服务image
harbor/make/photon/redis/docker-healthcheck
(unhealthy解决办法:这个脚本是判断服务是否healthy的所以改了改)
#!/bin/bash
改成
#!/bin/sh
剩下就是各种代理配置好
registry 二进制重编
harbor/make/photon/registry
下的二进制需要重新编译,具体可以看内部的builder bash
脚本,二进制已经备份到5.61harbor
目录下的Makefile
里的# dependency binaries
下的二进制都需要替换,这里需要替换registry二进制的路径
剩余工作
- 最小版本已经搞定
clair
重编了,还需要测试,然后就是剩下的各种插件的二进制需要重新编译
clair 编译方法
- 下载源码,
go build github.com/coreos/clair/cmd/clair
clair运行失败原因
- 是其中一个二进制文件需要重新arm的,网上直接找:
https://github.com/Yelp/dumb-init/releases/tag/v1.2.2
,dumb-init
,已经备份,下一步编译chart
chart 编译完成
- 二进制文件需要重编,使用的kubekey中的二进制文件
- 使用
harbor/make/photon/chartserver
中的Dockerfile
构建镜像
## 基本功能完成
Name Command State Ports
---------------------------------------------------------------------------------------------
chartmuseum ./docker-entrypoint.sh Up (healthy)
clair ./docker-entrypoint.sh Up (healthy)
clair-adapter /home/clair-adapter/entryp ... Up (healthy)
harbor-core /harbor/entrypoint.sh Up (healthy)
harbor-db /docker-entrypoint.sh Up (healthy)
harbor-jobservice /harbor/entrypoint.sh Up (healthy)
harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal nginx -g daemon off; Up (healthy)
nginx nginx -g daemon off; Up (healthy) 0.0.0.0:1080->8080/tcp
redis docker-entrypoint.sh redis ... Up (healthy) 6379/tcp
registry /home/harbor/entrypoint.sh Up (healthy)
registryctl /home/harbor/start.sh Up (healthy)
clair 功能出现问题,待解决
错误日志,排查中
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:325]: registration:
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:336]: {
"uuid": "27ab733a-0238-11eb-bbc2-0242ac140006",
"name": "Clair",
"description": "The Clair scanner adapter",
"url": "http://clair-adapter:8080",
"disabled": false,
"is_default": true,
"health": "healthy",
"auth": "",
"skip_certVerify": false,
"use_internal_addr": true,
"adapter": "Clair",
"vendor": "CoreOS",
"version": "2.x",
"create_time": "2020-09-29T09:42:57.190404Z",
"update_time": "2020-09-29T09:42:57.190406Z"
}
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:325]: scanRequest:
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:336]: {
"registry": {
"url": "http://core:8080",
"authorization": "[HIDDEN]"
},
"artifact": {
"namespace_id": 2,
"repository": "goharbor/clair-photon",
"tag": "",
"digest": "sha256:278fe134ef4bfec5de8cc2e14faf28001c44b57eeb3401e2e56bb4a7c7564aef",
"mime_type": "application/vnd.docker.distribution.manifest.v2+json"
}
}
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:156]: Report mime types: [application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0]
2020-10-09T01:34:33Z [INFO] [/pkg/scan/job.go:202]: Get report for mime type: application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0
2020-10-09T01:34:35Z [ERROR] [/pkg/scan/job.go:284]: check scan report with mime type application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0: unexpected status code: 422, text: {"Error":{"Message":"worker: OS and/or package manager are not supported"}}
: general response handler: unexpected status code: 500, expected: 200
Clair预计是本身因为是Kunpeng所以可能是系统不支持还是什么原因,后替换了Trivy作为扫描器,一切正常,目前暂时可以先用这