暗中观察

CentOS 安装Harbor (Docker镜像仓库)
Project Harbor™ is an enterprise-class registry server th...
扫描右侧二维码阅读全文
14
2018/08

CentOS 安装Harbor (Docker镜像仓库)

Project Harbor™ is an enterprise-class registry server that stores and distributes Docker images

网址 : http://vmware.github.io/harbor/
前提 :
harbor-require.png

1..安装docker

2安装harbor

#选择安装包: 在线或离线,此处直接下载离线
$ wget https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.5.2.tgz
$ tar zxvf harbor-offline-installer-v1.5.2.tgz

3.自签TLS证书

$ cd harbor
$ mkdir ssl && cd ssl
$  openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout ca.key \
-x509 -days 365 -out ca.crt

$ openssl req     -newkey rsa:4096 -nodes -sha256 -keyout reg.sunjianhua.cn.key     -out reg.sunjianhua.cn.csr

$ openssl x509 -req -days 365 -in reg.sunjianhua.cn.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out reg.sunjianhua.cn.crt

4.安装docker-compose

$ sudo curl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
$ sudo chmod +x /usr/local/bin/docker-compose
$ docker-compose --version

Compose file:
https://docs.docker.com/compose/compose-file/
https://docs.docker.com/compose/samples-for-compose/

5.Harbor配置

$ vi ../harbor.cfg
#修改主要的几个参数
hostname = reg.sunjianhua.cn
ui_url_protocol = https
ssl_cert = ./ssl/reg.sunjianhua.cn.crt
ssl_cert_key = ./ssl/reg.sunjianhua.cn.key
harbor_admin_password = 12345

$ cd ~/harbor/
$ ./prepare
$ ./install.sh

#安装完默认启动了,如果想关闭
$ docker-compose  stop
#再次启动
$ docker-compose  start

harbor-docker-componse.png

安装完成后,windows下访问,需要配置hosts如下图
harbor-vist.png
harbor-finish.png

在harbor里面创建项目,关联用户
harbor-setting-project.png
harbor-setting-user.png
harbor-setting-user-to-project.png

6.Docker 主机访问Harbor(push,pull镜像)

docker 主机:192.168.2.113
harbor 主机:192.168.2.117
harbor-vistor-hosts.png

#客户机上创建目录,并复制证书
$ mkdir -p /etc/docker/certs.d/reg.sunjianhua.cn
$ scp root@192.168.2.117:/root/harbor/ssl/reg.sunjianhua.cn.crt /etc/docker/certs.d/reg.sunjianhua.cn
$ docker login reg.sunjianhua.cn

harbor-vistor-hosts-login.png

#push镜像到远程仓库
$ docker pull tomcat
$ docker tag tomcat:latest reg.sunjianhua.cn/test/tomcat:v1
$ docker push reg.sunjianhua.cn/test/tomcat:v1

harbor-docker-push.png
harbor-docker-push-result.png

6.Harbor 非https配置

#编辑一下文件,并加入如图所示
$ cat /etc/docker/daemon.json

harbor-no-https.png

最后修改:2019 年 02 月 15 日 12 : 14 AM
如果觉得我的文章对你有用,请随意赞赏

发表评论