Mac上安装harbor

在Mac Book + VMware Fusion 虚拟出来的 ubuntu（22.04.4）的环境中安装官方离线版本 harbor-offline-installer-v2.10.2.tgz会出现如下错误：

prepare base dir is set to /home/zhangzk/harbor

WARNING: The requested image's platform (linux/amd64) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested

exec /usr/bin/python3: exec format error

错误的原因是运行的Docker镜像是为x86_64（或称为amd64）架构构建的，而MacBook运行的是基于ARM的Apple Silicon（如M1或M2芯片），其架构为arm64/v8。

解决这个问题需要使用适用于ARM架构的harbor镜像。

有两种办法，

1、需要自行编译ARM环境的harbor镜像；

2 、使用第三编译好的harbor镜像；

关于编译ARM环境的harbor镜像有很多介绍文章可供参考（未实践尝试过）：

鲲鹏服务器 ARMV8架构Harbor-2.3.0编译部署-云社区-华为云

5.5 harbor编译arm版本 · kubernetes

harbor arm 版镜像编译-CSDN博客

https://github.com/goharbor/harbor-arm

编译ARM版Harbor

我主要解决的问题是在基于Mac电脑的虚拟环境来使用harbor，所以就直接用第三方编译好的ARM环境harbor了。

(1)安装docker&docker-compose

这里就不多赘述了。

(2)第三方版本

这里采用的是:https://github.com/wise2c-devops/build-harbor-aarch64

可以直接下载打包好的文件：

https://github.com/wise2c-devops/build-harbor-aarch64/releases/download/v2.10.2/harbor-offline-installer-aarch64-v2.10.2.tgz

解压缩包：

tar -zxvf harbor-offline-installer-aarch64-v2.10.2.tgz

我这里是把解压缩后的包放到 /home/zhangzk/harbor  这个目录。

(3)生成证书

创建一个目录 /opt/cert 并且进入目录：

sudo mkdir /opt/cert && cd /opt/cert

创建一个配置文件 openssl.cnf，内容如下：

[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[dn]
C = CN
ST = State
L = Locality
O = Organization
OU = Organizational Unit
CN = harbor.igmwx.com

[req_ext]
subjectAltName = @alt_names

[alt_names]
DNS.1 = harbor.igmwx.com

生成私钥和证书签名请求 (CSR)：

openssl req -new -sha256 -nodes -out harbor.csr -newkey rsa:2048 -keyout harbor.key -config openssl.cnf

使用 CSR 和配置文件生成自签名证书：

openssl x509 -req -in harbor.csr -signkey harbor.key -out harbor.crt -days 365 -extfile openssl.cnf -extensions req_ext

（4）修改harbor的配置文件 harbor.yml

hostname: harbor.igmwx.com
data_volume: /home/zhangzk/harbor/data
log:
  local:
    location: /home/zhangzk/harbor/logs
http:
  port: 80
https:
  port: 443
  certificate:  /opt/cert/server.crt
  private_key:  /opt/cert/server.key

（5）安装harbor

在harbor的目录下执行： sudo ./install.sh 

zhangzk@zhangzk:~/harbor$ sudo ./install.sh 

[Step 0]: checking if docker is installed ...

Note: docker version: 26.1.3

[Step 1]: checking docker-compose is installed ...

Note: Docker Compose version v2.27.0

[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-prepare-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-exporter-base:v2.10.2-aarch64
Loaded image: goharbor/redis-photon:v2.10.2-aarch64
Loaded image: goharbor/harbor-trivy-adapter-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-nginx-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-portal-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-db-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-exporter:v2.10.2-aarch64
Loaded image: goharbor/harbor-redis-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-registryctl:v2.10.2-aarch64
Loaded image: goharbor/harbor-registryctl-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-log-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-jobservice-base:v2.10.2-aarch64
Loaded image: goharbor/trivy-adapter-photon:v2.10.2-aarch64
Loaded image: goharbor/registry-photon:v2.10.2-aarch64
Loaded image: goharbor/harbor-core:v2.10.2-aarch64
Loaded image: goharbor/harbor-core-base:v2.10.2-aarch64
Loaded image: goharbor/harbor-portal:v2.10.2-aarch64
Loaded image: goharbor/harbor-registry-base:v2.10.2-aarch64
Loaded image: goharbor/nginx-photon:v2.10.2-aarch64
Loaded image: goharbor/harbor-log:v2.10.2-aarch64
Loaded image: goharbor/harbor-jobservice:v2.10.2-aarch64
Loaded image: goharbor/harbor-db:v2.10.2-aarch64
Loaded image: goharbor/prepare:v2.10.2-aarch64


[Step 3]: preparing environment ...

[Step 4]: preparing harbor configs ...
prepare base dir is set to /home/zhangzk/harbor
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/root.crt
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir


Note: stopping existing Harbor instance ...
WARN[0000] /home/zhangzk/harbor/docker-compose.yml: `version` is obsolete 


[Step 5]: starting Harbor ...
WARN[0000] /home/zhangzk/harbor/docker-compose.yml: `version` is obsolete 
[+] Running 10/10
 ✔ Network harbor_harbor        Created                                                                                                                                                 0.0s 
 ✔ Container harbor-log         Started                                                                                                                                                 0.2s 
 ✔ Container harbor-portal      Started                                                                                                                                                 0.4s 
 ✔ Container redis              Started                                                                                                                                                 0.5s 
 ✔ Container registry           Started                                                                                                                                                 0.5s 
 ✔ Container registryctl        Started                                                                                                                                                 0.5s 
 ✔ Container harbor-db          Started                                                                                                                                                 0.5s 
 ✔ Container harbor-core        Started                                                                                                                                                 0.7s 
 ✔ Container harbor-jobservice  Started                                                                                                                                                 0.8s 
 ✔ Container nginx              Started                                                                                                                                                 0.9s 
✔ ----Harbor has been installed and started successfully.----

（6）关闭和启动harbor

  进入harbor的目录下后执行如下如下命令：

docker-compose down -v
docker-compose up -d

（7）浏览器访问

终端OK： curl -k https://harbor.igmwx.com

但是chrome/safari浏览器都访问不了：https://harbor.igmwx.com，主要是自己使用的证书的证书链不完整，导致浏览器认为不够安全，需要把生成的证书加入到信任中去。

这个时候firfox很好用，可以直接忽视。

账号/密码：admin/Harbor12345