升级说明
旧镜像版本:V1.8
升级版本:V2.8
由于无法直接升级,只能选择迁移数据。
新版本安装
请参考官网
修改harbor.yml文件中的volume路径及域名地址
启动命令如下
sudo ./install.sh --with-notary --with-notary --with-trivy
一、项目迁移
1.1 旧数据导出
header = {“authorization”: “Basic $token”} # token根据实际情况来处理
source_registry_baseurl = “https://a.com/api/“
target_registry_baseurl = “https://b.com/api/v2.0/“
def import_project_to_new_harbor():
#获取旧库中的项目名称,主要包括两个字段,name及是否metadata中的public字段
response_projects = requests.get(source_registry_baseurl + "projects?public=false",headers=header)
projectlist = response_projects.content.decode('utf-8')
projectlist = json.loads(projectlist)
for project in projectlist:
status_code = create_new_project(project["name"],project['metadata']['public'])
if status_code == 201:
print(projects['name'] + '已导入成功')
else:
break
return
1.2 创建project
def create_new_project(name,is_public):
projectname = name
metapublic = is_public
if is_public == "true":
metapublic = "true"
else:
metapublic = "false"
data = {
"project_name": projectname,
"metadata": {
"public": metapublic
}
}
res = requests.post(target_registry_baseurl + "projects", json=data, headers=header)
return res.status_code
二、导出镜像至文本文件
def get_image_name_list():
response_projects = requests.get(source_registry_baseurl + "projects",headers=header)
projectlist = response_projects.content.decode('utf-8')
projectlist = json.loads(projectlist)
filename = 'allimage.txt'
file = open(filename,'w')
for project in projectlist:
#获取旧Harbor仓库项目的ID和名称及项目名称列表
project_id = project["project_id"]
project_name = project["name"]
url = source_registry_baseurl + 'repositories?project_id=' + str(project_id)
response_image = requests.get(url,headers=header)
images_list = response_image.content.decode('utf-8')
imagelist = json.loads(images_list)
for image in imagelist:
tagurl = source_registry_baseurl + 'repositories/' + image['name'] + '/tags'
response_tags = requests.get(tagurl,headers=header)
tagslist = response_tags.content.decode('utf-8')
taglist = json.loads(tagslist)
for tag in taglist:
pullimagelist = image['name'] + ':' + tag['name']
file.write(pullimagelist + '\n')
file.close()
return
三、创建用户
3.1 普通用户创建
核心——基于LDAP模式配置AD登录信息
另外由于public的仓库,用户都是可以访问的
所以只需要创建private的私有仓库用户即可
3.2 robot账户创建
def get_robot_name():
response_projects = requests.get(source_registry_baseurl + "projects",headers=header)
projectlist = response_projects.content.decode('utf-8')
projectlist = json.loads(projectlist)
for project in projectlist:
project_id = project["project_id"]
url = source_registry_baseurl + 'projects/' + str(project_id) + '/robots'
response_robot = requests.get(url,headers=header)
robotlist = response_robot.content.decode('utf-8')
robotlist = json.loads(robotlist)
for robot in robotlist:
print(robot)
如果有更好的方案,请在评论区回复,谢谢。