ubuntu20.04 部署harbor

开始部署 harbor （私有仓库）

注意：是在下面服务器上部署harbor，服务器系统是Ubuntu20.04。需要先安装docker-ce和docker-compose

Harbord 10.20.30.154

1.先卸载docker 防止已经安装过docker

sudo apt-get remove docker docker-engine docker.io containerd runc

2.更新apt源,并添加https支持以及相关安装依赖

sudo apt-get install -y  apt-transport-https  ca-certificates  curl  gnupg-agent  software-properties-common

3.导入阿里云证书

curl -fsSL https://mirrors.aliyun.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -

6.设置阿里云稳定仓库

sudo add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"

7.更新仓库 （其实就是在 /etc/apt/sources.list 加了docker源）

apt update

8.查看docker都有那些版本

apt-cache madison docker-ce

9.安装指定版本docker 19.03.15版本 比较稳定 用的人多

apt install docker-ce=5:19.03.15~3-0~ubuntu-focal docker-ce-cli=5:19.03.15~3-0~ubuntu-focal

或者安装最新版本

apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

10 查看安装版本

docker --version

11. 执行命令

docker run hello-world

安装docker-compose

3.在线下载 v2.17.0版本docker-compose （不推荐有可能无法下载）

3.1.官方下载地址

curl -SL https://github.com/docker/compose/releases/download/v2.17.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

3.2国内下载地址

curl -L https://get.daocloud.io/docker/compose/releases/download/2.17.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose

第二种方法去hDocker Compose下载地址：https://github.com/docker/compose/releases上传到服务器

配置软连接

ln -s /harbor/docker-compose  /usr/local/bin/docker-compose

给docker-compose 执行权限

chmod +x /usr/local/bin/docker-compose

下载所有要的harbor版本

1. 新建一个存放文件的目录 我的是/harbor

mkdir /harbor

2. 进入目录
   cd /harbor

下载 harbor

下载地址：https://github.com/goharbor/harbor/releases/

1. wget https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-online-installer-v2.3.5.tgz

解压

1. tar zxvf harbor-online-installer-v2.3.5.tgz
2. cd harbor
3. cp harbor.yml.tmpl  harbor.yml

4. 修改配置文件

vim harbor.yml

hostname: 10.20.30.15 #主机名称或者IP地址

不使用https 注释一下内容

# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: reg.mydomain.com

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
#https:
  # https port for harbor, default is 443
 # port: 443
  # The path of cert and key files for nginx
  #certificate: /harbor/certs/harbor.crt
  #private_key: /harbor/certs/harbor.key

改完配置之后，需要docker-compose up -d来生效

使用https配置一下内容

生成证书

1. 创建目录并进入目录

   cd /apps/harbor/certs

2. 生成私有key

openssl genrsa -out /apps/harbor/certs/harbor-ca.key

3. 签证

openssl req -x509 -new -nodes -key /apps/harbor/certs/harbor-ca.key -subj "/CN=harbor.com" -days 7120 -out /apps/harbor/certs/harbor-ca.crt

成功 /apps/harbor/certs下生成两个文件 如下
-rw-r–r-- 1 root root 1127 Feb 14 10:27 harbor-ca.crt
-rw------- 1 root root 1679 Feb 14 10:26 harbor-ca.key

生成各个组件的配置

$ ./prepare

安装Harbor

./install.sh --with-trivy  --with-chartmuseum --with-notary

–with-trivy：启用Trivy镜像漏洞扫描插件；
–with-chartmuseum：启用Helm Chart组件；
–with-notary : 如果启用安全加密端口https可添加该参数；

安装过程会拉取镜像，需要等段时间！
安装完成后出现以下信息则表示安装成功：

+] Running 13/13
 ⠿ Network harbor_harbor              Created                                  0.1s
 ⠿ Network harbor_harbor-chartmuseum  C...                                     0.1s
 ⠿ Container harbor-log               Started                                  0.9s
 ⠿ Container harbor-portal            Started                                  2.6s
 ⠿ Container registry                 Started                                  2.5s
 ⠿ Container chartmuseum              Started                                  2.0s
 ⠿ Container redis                    Started                                  2.4s
 ⠿ Container registryctl              Started                                  2.5s
 ⠿ Container harbor-db                Started                                  2.2s
 ⠿ Container trivy-adapter            Started                                  3.0s
 ⠿ Container harbor-core              Started                                  3.1s
 ⠿ Container harbor-jobservice        Started                                  3.9s
 ⠿ Container nginx                    Started                                  3.9s
? ----Harbor has been installed and started successfully.----

harbor服务器服务开机自动启动

1.进入目录

cd /etc/systemd/system

2.创建文件

vi harbor.service

代码如下：注意：ExecStar 和 ExecStop 写你的docker-compose.yml路径
[Unit]

Descriptinotallow=Harbor

After=docker.service systemd-networkd.service systemd-resolved.service

Requires=docker.service

Documentatinotallow=http://github.com/vmware/harbor

[Service]

Type=simple

Restart=on-failure

RestartSec=5

ExecStart=/usr/local/bin/docker-compose -f /apps/harbor/docker-compose.yml up

ExecStop=/usr/local/bin/docker-compose -f /apps/harbor/docker-compose.yml down

[Install]

WantedBy=multi-user.target

3.更改权限

chmod 755 /etc/systemd/system/harbor.service

4.刷新一下

systemctl daemon-reload

5.加入开机自启动

systemctl enable harbor

6从启动服务器

reboot

7.从启动后可以查看

systemctl status harbor

显示如下 可以正常访问了
Active: active (running)

登录Harbor UI界面

在浏览器输入地址：http://10.20.30.154:80
用户名：admin
密码：Harbor12345