• Docker搭建私有仓库Harbor


    安装搭建私有仓库Harbor

    # 安装docker编排工具docker compose
    [root@localhost ~]# yum install docker-compose -y
    
    # 下载Harbor安装包(资源可以下载,但是很慢。需要的联系我)
    [root@localhost ~]# wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz
    [root@localhost ~]# tar -xf harbor-offline-installer-v1.7.1.tgz -C /data/
    
    # 配置harbor.cfg配置文件
    [root@localhost ~]# grep "^[^#]" /data/harbor/harbor.cfg
    _version = 1.7.0
    hostname = docker2
    ui_url_protocol = http
    max_job_workers = 2
    customize_crt = on
    ssl_cert = /data/cert/server.crt
    ssl_cert_key = /data/cert/server.key
    secretkey_path = /data
    admiral_url = NA
    log_rotate_count = 50
    log_rotate_size = 200M
    http_proxy =
    https_proxy =
    no_proxy = 127.0.0.1,localhost,core,registry
    email_identity =
    email_server = smtp.mydomain.com
    email_server_port = 25
    email_username = sample_admin@mydomain.com
    email_password = abc
    email_from = admin <sample_admin@mydomain.com>
    email_ssl = false
    email_insecure = false
    harbor_admin_password = Harbor12345
    auth_mode = db_auth
    ldap_url = ldaps://ldap.mydomain.com
    ldap_basedn = ou=people,dc=mydomain,dc=com
    ldap_uid = uid
    ldap_scope = 2
    ldap_timeout = 5
    ldap_verify_cert = true
    ldap_group_basedn = ou=group,dc=mydomain,dc=com
    ldap_group_filter = objectclass=group
    ldap_group_gid = cn
    ldap_group_scope = 2
    self_registration = on
    token_expiration = 30
    project_creation_restriction = everyone
    db_host = postgresql
    db_password = root123
    db_port = 5432
    db_user = postgres
    redis_host = redis
    redis_port = 6379
    redis_password =
    redis_db_index = 1,2,3
    clair_db_host = postgresql
    clair_db_password = root123
    clair_db_port = 5432
    clair_db_username = postgres
    clair_db = postgres
    clair_updaters_interval = 12
    uaa_endpoint = uaa.mydomain.org
    uaa_clientid = id
    uaa_clientsecret = secret
    uaa_verify_cert = true
    uaa_ca_cert = /path/to/ca.pem
    registry_storage_provider_name = filesystem
    registry_storage_provider_config =
    registry_custom_ca_bundle =
    
    # 主要修改了
    hostname:主机名
    max_job_workers:最cpu数,小于等于自己服务器的硬件
    
    # 定义docker-compose.yml文件(可省略)
    # docker-copmose.yml文件是docker编排时,对容器的一些操作:
    [root@localhost ~]# cat /data/harbor/docker-compose.yml
    # 端口
    ports:
          - 80:80
          - 443:443
          - 4443:4443
    # 众多存储器路径
    如:volumes:
          - /data/registry:/storage:z
    在生产环境中,尽量将容器的存储卷定义在空间较为充足的磁盘;
    自己根据实际情况进行修改;
    

    安装启动harbor

    [root@localhost ~]# cd /data/harbor/
    [root@localhost harbor]# ./install.sh
    [Step 0]: checking installation environment ...
    
    Note: docker version: 19.03.6
    
    Note: docker-compose version: 1.18.0
    
    [Step 1]: loading Harbor images ...
    Loaded image: goharbor/registry-photon:v2.6.2-v1.7.1
    Loaded image: goharbor/harbor-migrator:v1.7.1
    Loaded image: goharbor/harbor-adminserver:v1.7.1
    Loaded image: goharbor/harbor-core:v1.7.1
    Loaded image: goharbor/harbor-log:v1.7.1
    Loaded image: goharbor/harbor-jobservice:v1.7.1
    Loaded image: goharbor/notary-server-photon:v0.6.1-v1.7.1
    Loaded image: goharbor/clair-photon:v2.0.7-v1.7.1
    Loaded image: goharbor/harbor-portal:v1.7.1
    Loaded image: goharbor/harbor-db:v1.7.1
    Loaded image: goharbor/redis-photon:v1.7.1
    Loaded image: goharbor/nginx-photon:v1.7.1
    Loaded image: goharbor/harbor-registryctl:v1.7.1
    Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.7.1
    Loaded image: goharbor/chartmuseum-photon:v0.7.1-v1.7.1
    
    
    [Step 2]: preparing environment ...
    Clearing the configuration file: ./common/config/adminserver/env
    Clearing the configuration file: ./common/config/core/env
    Clearing the configuration file: ./common/config/core/app.conf
    Clearing the configuration file: ./common/config/core/private_key.pem
    Clearing the configuration file: ./common/config/db/env
    Clearing the configuration file: ./common/config/jobservice/env
    Clearing the configuration file: ./common/config/jobservice/config.yml
    Clearing the configuration file: ./common/config/registry/config.yml
    Clearing the configuration file: ./common/config/registry/root.crt
    Clearing the configuration file: ./common/config/registryctl/env
    Clearing the configuration file: ./common/config/registryctl/config.yml
    Clearing the configuration file: ./common/config/nginx/nginx.conf
    Clearing the configuration file: ./common/config/log/logrotate.conf
    loaded secret from file: /data/secretkey
    Generated configuration file: ./common/config/nginx/nginx.conf
    Generated configuration file: ./common/config/adminserver/env
    Generated configuration file: ./common/config/core/env
    Generated configuration file: ./common/config/registry/config.yml
    Generated configuration file: ./common/config/db/env
    Generated configuration file: ./common/config/jobservice/env
    Generated configuration file: ./common/config/jobservice/config.yml
    Generated configuration file: ./common/config/log/logrotate.conf
    Generated configuration file: ./common/config/registryctl/env
    Generated configuration file: ./common/config/core/app.conf
    Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
    The configuration files are ready, please use docker-compose to start the service.
    
    
    [Step 3]: checking existing instance of Harbor ...
    
    Note: stopping existing Harbor instance ...
    Stopping registryctl        ... done
    Stopping redis              ... done
    Stopping harbor-db          ... done
    Stopping harbor-adminserver ... done
    Stopping harbor-log         ... done
    Removing registryctl        ... done
    Creating harbor-log ... done
    Removing harbor-db          ... done
    Removing harbor-adminserver ... done
    Removing harbor-log         ... done
    Removing network harbor_harbor
    Creating redis ... done
    Creating harbor-core ... done
    [Step 4]: starting Harbor ...
    Creating harbor-portal ... done
    Creating nginx ... done
    Creating registry ...
    Creating harbor-adminserver ...
    Creating registryctl ...
    Creating harbor-db ...
    Creating redis ...
    Creating harbor-core ...
    Creating harbor-jobservice ...
    Creating harbor-portal ...
    Creating nginx ...
    
    ✔ ----Harbor has been installed and started successfully.----
    
    Now you should be able to visit the admin portal at http://docker2.
    For more details, please visit https://github.com/goharbor/harbor .
    
    # 安装后验证
    [root@localhost harbor]# ss -ntpl | grep docker
    LISTEN     0      128    127.0.0.1:1514                     *:*                   users:(("docker-proxy",pid=6175,fd=4))
    LISTEN     0      128         :::80                      :::*                   users:(("docker-proxy",pid=7095,fd=4))
    LISTEN     0      128         :::443                     :::*                   users:(("docker-proxy",pid=7084,fd=4))
    LISTEN     0      128         :::4443                    :::*                   users:(("docker-proxy",pid=7073,fd=4))
    
    # harbor实际就是启动了一些docker服务
    [root@localhost harbor]# docker ps
    CONTAINER ID        IMAGE                                    COMMAND                  CREATED              STATUS                        PORTS        NAMES
    0e664ee633da        goharbor/nginx-photon:v1.7.1             "nginx -g 'daemon of…"   About a minute ago   Up About a minute (healthy)   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
    c5471230c005        goharbor/harbor-jobservice:v1.7.1        "/harbor/start.sh"       About a minute ago   Up About a minute        harbor-jobservice
    324e71de854d        goharbor/harbor-portal:v1.7.1            "nginx -g 'daemon of…"   About a minute ago   Up About a minute (healthy)   80/tcp        harbor-portal
    22c7ac0feeb1        goharbor/harbor-core:v1.7.1              "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        harbor-core
    481aa001d239        goharbor/redis-photon:v1.7.1             "docker-entrypoint.s…"   About a minute ago   Up About a minute             6379/tcp        redis
    ea90c9acc63b        goharbor/harbor-db:v1.7.1                "/entrypoint.sh post…"   About a minute ago   Up About a minute (healthy)   5432/tcp        harbor-db
    ec075505058f        goharbor/harbor-registryctl:v1.7.1       "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        registryctl
    6aee78545b5a        goharbor/harbor-adminserver:v1.7.1       "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        harbor-adminserver
    61f039ab9f5f        goharbor/registry-photon:v2.6.2-v1.7.1   "/entrypoint.sh /etc…"   About a minute ago   Up About a minute (healthy)   5000/tcp        registry
    a8b4454ee0e7        goharbor/harbor-log:v1.7.1               "/bin/sh -c /usr/loc…"   About a minute ago   Up About a minute (healthy)   127.0.0.1:1514->10514/tcp        harbor-log
    

    harbor使用参考博客:https://www.cnblogs.com/HsLM/p/12497286.html

  • 相关阅读:
    Java实现 洛谷 P1064 金明的预算方案
    (Java实现) 洛谷 P1605 迷宫
    (Java实现) 洛谷 P1031 均分纸牌
    Java实现 洛谷 P1060 开心的金明
    三代名将却三代悲剧(绝对不要轻易招惹“关系户”,要学会适应规则)
    simulate windows postmessage or keydown
    qt 拖拽 修改大小(使用了nativeEvent和winEvent)
    QT下资源使用和资源占用…(可以动态加载资源文件,这样不占内存)
    qt实现头像上传功能(写了4个类,朝十晚八的博客,非常好)
    自定义ModelValidatorProvider
  • 原文地址:https://www.cnblogs.com/HsLM/p/12497228.html
Copyright © 2020-2023  润新知