前提条件
默认情况,Harbor服务在单台主机以Docker启动,通过Docker-compose管理,所以需要安装
-
docker
-
Docker-compose
安装docker
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
安装docker-compose
curl -L "https://github.com/docker/compose/releases/download/1.23.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
安装harbor
Harbor安装包分为在线安装和离线安装。下面采用在线安装的方式
-
下载
wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v1.6.1.tgz tarxvf harbor-online-installer-v1.6.1.tgz
-
创建 harbor nginx 服务器使用的 x509 证书
cat > harbor-csr.json <<EOF { "CN": "harbor", "hosts": [ "127.0.0.1", "本机IP" ], "key": { "algo": "rsa", "size": 2048 }, "names": [ { "C": "CN", "ST": "Shenzhen", "L": "Shenzhen", "O": "k8s", "OU": "System" } ] } EOF
-
生成 harbor 证书和私钥
cfssl gencert -ca=/etc/kubernetes/cert/ca.pem \ -ca-key=/etc/kubernetes/cert/ca-key.pem \ -config=/etc/kubernetes/cert/ca-config.json \ -profile=kubernetes harbor-csr.json | cfssljson -bare harbor mkdir -p /etc/harbor/ssl mv harbor*.pem /etc/harbor/ssl
-
修改 harbor.cfg 文件
ssl_cert = /etc/harbor/ssl/harbor.pem ssl_cert_key = /etc/harbor/ssl/harbor-key.pem hostname = registry.harbor.inside harbor_admin_password = XXXXXX ui_url_protocol = https ...
-
执行初始化、安装和启动
./install.sh #check docker-compose ps
- 启动 docker-compose up -d
- 停止 docker-compose stop