1、安装docker
# yum install -y yum-utils device-mapper-persistent-data lvm2 # yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo # yum install docker-ce -y # curl -sSL https://get.daocloud.io/daotools/set_mirror.sh | sh -s http://bc437cce.m.daocloud.io # systemctl start docker # systemctl enable docker
[root@VM_0_14_centos ~]# ps -ef|grep docker root 16431 1 0 16:48 ? 00:00:00 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock root 16690 15418 0 16:49 pts/0 00:00:00 grep --color=auto docker [root@VM_0_14_centos ~]#
2、docker-hub安装 下载地址:https://github.com/docker/compose/releases
curl -L https://github.com/docker/compose/releases/download/1.25.0-rc1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose
curl -L https://github.com/docker/compose/releases/download/1.25.0-rc1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose tar -xvf harbor-offline-installer-v1.6.2.tgz && cd harbor/ 修改配置文件 [root@VM_0_14_centos harbor]# cat harbor.cfg|grep -v "#"|grep -v ^$ _version = 1.6.0 hostname = 172.19.0.14 #登录地址 ui_url_protocol = http #使用http登录 max_job_workers = 10 customize_crt = on ssl_cert = /data/cert/server.crt ssl_cert_key = /data/cert/server.key secretkey_path = /data admiral_url = NA log_rotate_count = 50 log_rotate_size = 200M http_proxy = https_proxy = no_proxy = 127.0.0.1,localhost,ui,registry email_identity = email_server = smtp.mydomain.com email_server_port = 25 email_username = sample_admin@mydomain.com email_password = abc email_from = admin <sample_admin@mydomain.com> email_ssl = false email_insecure = false harbor_admin_password = Harbor12345 auth_mode = db_auth ldap_url = ldaps://ldap.mydomain.com ldap_basedn = ou=people,dc=mydomain,dc=com ldap_uid = uid ldap_scope = 2 ldap_timeout = 5 ldap_verify_cert = true ldap_group_basedn = ou=group,dc=mydomain,dc=com ldap_group_filter = objectclass=group ldap_group_gid = cn ldap_group_scope = 2 self_registration = on token_expiration = 30 project_creation_restriction = everyone db_host = postgresql db_password = root123 db_port = 5432 db_user = postgres redis_host = redis redis_port = 6379 redis_password = redis_db_index = 1,2,3 clair_db_host = postgresql clair_db_password = root123 clair_db_port = 5432 clair_db_username = postgres clair_db = postgres clair_updaters_interval = 12 uaa_endpoint = uaa.mydomain.org uaa_clientid = id uaa_clientsecret = secret uaa_verify_cert = true uaa_ca_cert = /path/to/ca.pem registry_storage_provider_name = filesystem registry_storage_provider_config = registry_custom_ca_bundle = [root@VM_0_14_centos harbor]# ^C [root@VM_0_14_centos harbor]# cat harbor.cfg|grep -v "#"|grep -v ^$ _version = 1.6.0 hostname = 172.19.0.14 ui_url_protocol = http max_job_workers = 10 customize_crt = on ssl_cert = /data/cert/server.crt ssl_cert_key = /data/cert/server.key secretkey_path = /data admiral_url = NA log_rotate_count = 50 log_rotate_size = 200M http_proxy = https_proxy = no_proxy = 127.0.0.1,localhost,ui,registry email_identity = email_server = smtp.mydomain.com email_server_port = 25 email_username = sample_admin@mydomain.com email_password = abc email_from = admin <sample_admin@mydomain.com> email_ssl = false email_insecure = false harbor_admin_password = Harbor12345 ### 登录密码 auth_mode = db_auth ldap_url = ldaps://ldap.mydomain.com ldap_basedn = ou=people,dc=mydomain,dc=com ldap_uid = uid ldap_scope = 2 ldap_timeout = 5 ldap_verify_cert = true ldap_group_basedn = ou=group,dc=mydomain,dc=com ldap_group_filter = objectclass=group ldap_group_gid = cn ldap_group_scope = 2 self_registration = on token_expiration = 30 project_creation_restriction = everyone db_host = postgresql db_password = root123 db_port = 5432 db_user = postgres redis_host = redis redis_port = 6379 redis_password = redis_db_index = 1,2,3 clair_db_host = postgresql clair_db_password = root123 clair_db_port = 5432 clair_db_username = postgres clair_db = postgres clair_updaters_interval = 12 uaa_endpoint = uaa.mydomain.org uaa_clientid = id uaa_clientsecret = secret uaa_verify_cert = true uaa_ca_cert = /path/to/ca.pem registry_storage_provider_name = filesystem registry_storage_provider_config = registry_custom_ca_bundle =
安装:
./install.sh
查看状态
docker-compose ps
[root@VM_0_14_centos harbor]# docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------------ harbor-adminserver /harbor/start.sh Up harbor-db /entrypoint.sh postgres Up 5432/tcp harbor-jobservice /harbor/start.sh Up harbor-log /bin/sh -c /usr/local/bin/ ... Up 127.0.0.1:1514->10514/tcp harbor-ui /harbor/start.sh Up nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp redis docker-entrypoint.sh redis ... Up 6379/tcp registry /entrypoint.sh /etc/regist ... Up 5000/tcp
3、docker设置信任。
由于默认为Https访问,设置为http访问: [root@VM_0_14_centos harbor]# cat /etc/docker/daemon.json {"registry-mirrors": ["http://bc437cce.m.daocloud.io"], "insecure-registries": ["172.19.0.14"] } 设置成功后重启docker:systemctl restart docker docker info 多了一个IP,说明设置成功 nsecure Registries: 172.19.0.14 127.0.0.0/8 重启镜像仓库 docker-compose up -d harbor-log is up-to-date Starting harbor-adminserver ... Starting harbor-db ... registry is up-to-date Starting harbor-db Starting redis ... Starting harbor-adminserver Starting harbor-adminserver ... done Starting harbor-ui ... Starting harbor-ui ... done Starting nginx ... Starting nginx Starting harbor-jobservice ... Starting nginx ... done
4、docker镜像仓库管理
登录:docker login 172.19.0.14
打标签: docker tag SOURCE_IMAGE[:TAG] 172.19.0.14/test/IMAGE[:TAG]
推送镜像: docker push SOURCE_IMAGE[:TAG] 172.19.0.14/test/IMAGE[:TAG]
[root@VM_0_14_centos harbor]# docker tag nginx 172.19.0.14/test/nginx:v1 [root@VM_0_14_centos harbor]# docker pull 172.19.0.14/test/nginx:v1 Error response from daemon: manifest for 172.19.0.14/test/nginx:v1 not found [root@VM_0_14_centos harbor]# docker push 172.19.0.14/test/nginx:v1 The push refers to repository [172.19.0.14/test/nginx] 589561a3ffb4: Pushed ef7dbb0cfc81: Pushed d56055da3352: Pushed v1: digest: sha256:f83b2ffd963ac911f9e638184c8d580cc1f3139d5c8c33c87c3fb90aebdebf76 size: 948
5、Portainer 安装搭建
docker volume create portainer_data
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer