下载地址:
https://github.com/goharbor/harbor/releases
文档地址:
https://github.com/goharbor/harbor/tree/master/docs/1.10
一、下载harbor 压塑包
[root@node1 ~]# wget https://github.com/goharbor/harbor/releases/download/v1.10.1/harbor-offline-installer-v1.10.1.tgz
二、解压
tar xvf harbor-offline-installer-version.tgz
其中,harbor.v1.10.1.tar.gz 包含harbor 需要使用的镜像文件.
三、编辑配置文件
你可以在harbor.yml 配置系统级别的参数,这些参数在运行install.sh脚本安装或重新配置Harbor时生效。
在初始部署和启动Harbor之后,在Harbor Web门户中执行其他配置。
下表列出了部署Harbor时必须设置的参数。默认情况下,所有必需的参数在端口中都是未注释的。yml文件。可选参数用#注释。您不必从提供的缺省值更改所需参数的值,但这些参数必须保持未注释。至少,您必须更新hostname参数。
重要提示:Harbor 不提供任何证书。在版本高达和包括1.9。默认情况下,Harbor使用HTTP来服务注册表请求。这仅在空气间隙测试或开发环境中是可接受的。在生产环境中,始终使用HTTPS。如果您启用了带有Notary的Content Trust来正确地对所有图像进行签名,则必须使用HTTPS。
您可以使用由受信任的第三方CA签名的证书,也可以使用自签名证书。有关如何创建CA以及如何使用CA对服务器证书和客户端证书进行签名的信息,请参阅使用HTTPS访问配置Harbor。
Harbor 部署必须的参数:
上图只列举了一部分,详情可参考官网: 参数配置
我们修改下配置,注意,如果没有证书,需要将https 注释掉,不然安装会失败
四、运行安装脚本
[root@node1 harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 18.09.5
[Step 1]: checking docker-compose is installed ...
?.Need to install docker-compose(1.18.0+) by yourself first and run this script again.
没有执行成功,需要安装docker-compose,请参考:docker-compose 安装
再次执行install.sh 脚本
[root@node1 harbor]# ./install.sh
....
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating registry ... done
Creating harbor-db ... done
Creating harbor-portal ... done
Creating registryctl ... done
Creating harbor-core ... done
Creating nginx ... done
Creating harbor-jobservice ... done
?.----Harbor has been installed and started successfully.----
安装成功.,多了一个docker-compose.yml 文件
total 662128
drwxr-xr-x 3 root root 19 Feb 27 19:24 common
-rw-r--r-- 1 root root 3398 Feb 10 14:18 common.sh
-rw-r--r-- 1 root root 5291 Feb 27 19:45 docker-compose.yml
-rw-r--r-- 1 root root 677974489 Feb 10 14:19 harbor.v1.10.1.tar.gz
-rw-r--r-- 1 root root 5880 Feb 27 19:44 harbor.yml
-rwxr-xr-x 1 root root 2284 Feb 10 14:18 install.sh
-rw-r--r-- 1 root root 11347 Feb 10 14:18 LICENSE
-rwxr-xr-x 1 root root 1749 Feb 10 14:18 prepare
五、配置http访问
如果您安装的Harbor使用的是HTTP而不是HTTPS,则必须将选项--insecure-registry添加到客户端的Docker守护进程中。默认情况下,守护进程文件位于/etc/docker/daemon.json。
{
"registry-mirrors": ["http://hub-mirror.c.163.com"],
"insecure-registries" : ["192.168.27.134:9901", "0.0.0.0"]
}
更新daemon.json 之后。您必须重新启动Docker引擎和Harbor。
1、重启Docker Engine
systemctl restart docker
2、停止Harbor
[root@node1 harbor]# docker-compose down -v
Stopping harbor-jobservice ... done
Stopping nginx ... done
Stopping harbor-core ... done
Stopping registryctl ... done
Stopping harbor-portal ... done
Stopping registry ... done
Stopping harbor-db ... done
Stopping redis ... done
Stopping harbor-log ... done
Removing harbor-jobservice ... done
Removing nginx ... done
Removing harbor-core ... done
Removing registryctl ... done
Removing harbor-portal ... done
Removing registry ... done
Removing harbor-db ... done
Removing redis ... done
Removing harbor-log ... done
Removing network harbor_harbor
3、重启Harbor
[root@node1 harbor]# docker-compose up -d
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating registry ... done
Creating registryctl ... done
Creating harbor-db ... done
Creating redis ... done
Creating harbor-portal ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
打开浏览访问:http://192.168.27.134:9901