介绍
Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署私有环境内的Registry也是非常必要的。Harbor是由VMware公司开源的企业级的Docker Registry管理项目,它包括权限管理(RBAC)、LDAP、日志审核、管理界面、自我注册、镜像复制和中文支持等功能
环境
Harbor的所有服务组件都是在Docker中部署的,所以官方安装使用Docker-compose快速部署,所以需要安装Docker、Docker-compose。目前Harbor要求docker 17.06.0-ce and docker-compose 1.18.0 .
安装Docker
代码语言:javascript复制yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io安装docker-composer
代码语言:javascript复制curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod x /usr/local/bin/docker-compose测试一下docker和codker-composer是否安装成功
代码语言:javascript复制[root@harbor harbor]# docker version
Client: Docker Engine - Community
Version: 20.10.12
API version: 1.41
Go version: go1.16.12
Git commit: e91ed57
Built: Mon Dec 13 11:45:41 2021
OS/Arch: linux/amd64
Context: default
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.12
API version: 1.41 (minimum version 1.12)
Go version: go1.16.12
Git commit: 459d0df
Built: Mon Dec 13 11:44:05 2021
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
[root@harbor harbor]# docker-compose version
docker-compose version 1.18.0, build 8dd22a9
docker-py version: 2.6.1
CPython version: 2.7.13
OpenSSL version: OpenSSL 1.0.1t 3 May 2016Harbor服务搭建
下载Harbor相关文件
代码语言:javascript复制[root@harbor software]# wget https://github.com/goharbor/harbor/releases/download/v1.10.10/harbor-offline-installer-v1.10.10.tgz
[root@harbor software]# tar -zxf harbor-offline-installer-v1.10.10.tgz
[root@harbor software]# cd harbor修改配置文件
代码语言:javascript复制[root@harbor software]# cd harbor
[root@harbor harbor]# ls -lash
total 584M
0 drwxr-xr-x. 3 root root 159 Jan 20 11:36 .
0 drwxr-xr-x. 3 root root 109 Jan 20 10:35 ..
0 drwxr-xr-x. 3 root root 20 Jan 20 10:38 common
4.0K -rw-r--r--. 1 root root 3.4K Jan 12 12:08 common.sh
8.0K -rw-r--r--. 1 root root 5.3K Jan 20 10:40 docker-compose.yml
584M -rw-r--r--. 1 root root 584M Jan 12 12:09 harbor.v1.10.10.tar.gz
8.0K -rw-r--r--. 1 root root 5.8K Jan 20 10:40 harbor.yml
4.0K -rwxr-xr-x. 1 root root 2.3K Jan 12 12:08 install.sh
12K -rw-r--r--. 1 root root 12K Jan 12 12:08 LICENSE
4.0K -rwxr-xr-x. 1 root root 1.8K Jan 12 12:08 prepare
[root@harbor software]# [root@harbor harbor]# vim harbor.yml
....
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: harbor.nginx.top
# http related config
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 80
# https related config
#https: # 我没有开启https,所以就注释掉了
# https port for harbor, default is 443
#port: 443
# The path of cert and key files for nginx
#certificate: /your/certificate/path
#private_key: /your/private/key/path
.....
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: admin # 设置一下密码
...启动harbor
代码语言:javascript复制[root@harbor harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.12
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.18.0
[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-portal:v1.10.10
Loaded image: goharbor/registry-photon:v1.10.10
Loaded image: goharbor/clair-adapter-photon:v1.10.10
Loaded image: goharbor/chartmuseum-photon:v1.10.10
Loaded image: goharbor/notary-signer-photon:v1.10.10
Loaded image: goharbor/prepare:v1.10.10
Loaded image: goharbor/harbor-core:v1.10.10
Loaded image: goharbor/harbor-registryctl:v1.10.10
Loaded image: goharbor/redis-photon:v1.10.10
Loaded image: goharbor/harbor-log:v1.10.10
Loaded image: goharbor/harbor-db:v1.10.10
Loaded image: goharbor/harbor-jobservice:v1.10.10
Loaded image: goharbor/notary-server-photon:v1.10.10
Loaded image: goharbor/nginx-photon:v1.10.10
Loaded image: goharbor/clair-photon:v1.10.10
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /data/software/harbor
/usr/src/app/utils/configs.py:100: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
configs = yaml.load(f)
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /secret/keys/secretkey
Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt
Generated configuration file: /compose_location/docker-compose.yml
/usr/src/app/utils/configs.py:90: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated,
Creating harbor-log ... done
versions = yaml.load(f)
Clean up the input dir
Creating redis ... done
Creating harbor-core ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-db ...
Creating registryctl ...
Creating registry ...
Creating redis ...
Creating harbor-portal ...
Creating harbor-core ...
Creating nginx ...
Creating harbor-jobservice ...
✔ ----Harbor has been installed and started successfully.----查看harbor相关docker容器是否正常运行
代码语言:javascript复制[root@harbor harbor]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c93112a5b5ff goharbor/harbor-jobservice:v1.10.10 "/harbor/harbor_jobs…" 8 seconds ago Up 6 seconds (health: starting) harbor-jobservice
3ac8fe3c841d goharbor/nginx-photon:v1.10.10 "nginx -g 'daemon of…" 8 seconds ago Up 6 seconds (health: starting) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
21e06d638656 goharbor/harbor-core:v1.10.10 "/harbor/harbor_core" 8 seconds ago Up 7 seconds (health: starting) harbor-core
3cc6b5f67f37 goharbor/harbor-portal:v1.10.10 "nginx -g 'daemon of…" 10 seconds ago Up 8 seconds (health: starting) 8080/tcp harbor-portal
745fc8d0eea9 goharbor/registry-photon:v1.10.10 "/home/harbor/entryp…" 11 seconds ago Up 8 seconds (health: starting) 5000/tcp registry
4bcf961dba3d goharbor/redis-photon:v1.10.10 "redis-server /etc/r…" 11 seconds ago Up 8 seconds (health: starting) 6379/tcp redis
050d0b94f473 goharbor/harbor-registryctl:v1.10.10 "/home/harbor/start.…" 11 seconds ago Up 8 seconds (health: starting) registryctl
1afba4159284 goharbor/harbor-db:v1.10.10 "/docker-entrypoint.…" 11 seconds ago Up 8 seconds (health: starting) 5432/tcp harbor-db
b3eea55e3bb5 goharbor/harbor-log:v1.10.10 "/bin/sh -c /usr/loc…" 13 seconds ago Up 10 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log
