为什么又来一个私有仓库,前面不是已经讲到了registry吗,那是因为如果想给企业用的话,registry还是不够强大,功能不够齐全,所以为了给企业的朋友有一个更强大的私有仓库,harbor是个不错的选择。

私有仓库harbor在github上下载https://github.com/goharbor/harbor/releases,由于安装包较大,建议先下载到本地。

第一步:安装docker和docker-compose:(已安装

[root@docker01 ~]# docker version
Client:
 Version:           18.09.8
 API version:       1.39
 Go version:        go1.10.8
 Git commit:        0dd43dd87f
 Built:             Wed Jul 17 17:40:31 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.8
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.8
  Git commit:       0dd43dd
  Built:            Wed Jul 17 17:10:42 2019
  OS/Arch:          linux/amd64
  Experimental:     false
[root@docker01 ~]# docker-compose -v
docker-compose version 1.24.1, build 4667896
[root@docker01 ~]# 

第二步:下载harbor-offline-installer-v1.8.1.tgz到/opt/harbor/目录中,并解压。

[root@docker01 harbor]# wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
--2019-07-30 16:13:23--  https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
Resolving storage.googleapis.com (storage.googleapis.com)... 216.58.200.240, 2404:6800:4008:802::2010
Connecting to storage.googleapis.com (storage.googleapis.com)|216.58.200.240|:443... connected.
HTTP request sent, awaiting response... ^C
[root@docker01 ~]# wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
--2019-07-30 16:18:43--  https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
Resolving storage.googleapis.com (storage.googleapis.com)... 216.58.200.240, 2404:6800:4008:802::2010
Connecting to storage.googleapis.com (storage.googleapis.com)|216.58.200.240|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 561149414 (535M) [application/x-tar]
Saving to: ‘harbor-offline-installer-v1.8.1.tgz’

100%[===================================================================================================================>] 561,149,414 1.73MB/s   in 93s    

2019-07-30 16:20:21 (5.77 MB/s) - ‘harbor-offline-installer-v1.8.1.tgz’ saved [561149414/561149414]

[root@docker01 harbor]# ll
total 548000
-rw-r--r-- 1 root root 561149414 Jun 17 19:36 harbor-offline-installer-v1.8.1.tgz
[root@docker01 harbor]# tar -xf harbor-offline-installer-v1.8.1.tgz 
[root@docker01 harbor]# ll
total 548000
drwxr-xr-x 2 root root       100 Jul 30 16:26 harbor
-rw-r--r-- 1 root root 561149414 Jun 17 19:36 harbor-offline-installer-v1.8.1.tgz
[root@docker01 harbor]# ll harbor
total 551208
-rw-r--r-- 1 root root 564403568 Jun 17 11:30 harbor.v1.8.1.tar.gz
-rw-r--r-- 1 root root      4519 Jun 17 11:29 harbor.yml
-rwxr-xr-x 1 root root      5088 Jun 17 11:29 install.sh
-rw-r--r-- 1 root root     11347 Jun 17 11:29 LICENSE
-rwxr-xr-x 1 root root      1654 Jun 17 11:29 prepare
[root@docker01 harbor]# 

不同版本,软件中的配置也不一样,我下载的是:https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz

第三步:修改配置文件vim  harbor.yml(低版本的harbor配置文件,可能是harbor.cfg)

[root@docker01 harbor]# vim harbor.yml 

# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: 10.0.0.11

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
harbor_admin_password: 123456

hostname:改为本地仓库容器地址
harbor_admin_password:管理员密码123456

第四步:执行./install.sh安装harbor,因为harbor启动所需内存相对较大,所以先清除其他容器。

[root@docker01 harbor]# docker rm -f `docker ps -a -q`
324606d3239a
c327eb541b39
3bb3b21bf807
b422cc4a8803
883232d5ffec
54451a22c5ce
5c8017b5e0c8
c2ba63809f2f
c35b4931545f
1273925e7a6f
22cdd3db47ac
eb496876ae79
7bc9c63a52e7
a1095601261d
[root@docker01 harbor]# ./install.sh 

[Step 0]: checking installation environment ...

Note: docker version: 18.09.8

Note: docker-compose version: 1.24.1

[Step 1]: loading Harbor images ...
ba58b7bb3f17: Loading layer [==================================================>]  33.32MB/33.32MB
1351a2c39b77: Loading layer [==================================================>]  8.967MB/8.967MB
13b531e88128: Loading layer [==================================================>]  46.85MB/46.85MB
664abb325748: Loading layer [==================================================>]  5.632kB/5.632kB
9f20c7a04d55: Loading layer [==================================================>]  27.14kB/27.14kB
594e8fcaaae3: Loading layer [==================================================>]  46.85MB/46.85MB
Loaded image: goharbor/harbor-core:v1.8.1
     .
     .
 省略部分
     .
     .
f606e390eada: Loading layer [==================================================>]    113MB/113MB
39c63b1a9659: Loading layer [==================================================>]  10.94MB/10.94MB
fcbb83300f3e: Loading layer [==================================================>]  2.048kB/2.048kB
2d3a6f2b11a0: Loading layer [==================================================>]  48.13kB/48.13kB
e268609393f5: Loading layer [==================================================>]  3.072kB/3.072kB
a9aed4bfce3f: Loading layer [==================================================>]  10.99MB/10.99MB
Loaded image: goharbor/clair-photon:v2.0.8-v1.8.1


[Step 2]: preparing environment ...
prepare base dir is set to /opt/harbor/harbor
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /secret/keys/secretkey
Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir


[Step 3]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db   ... done
Creating registry    ... done
Creating redis       ... done
Creating registryctl ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating harbor-portal     ... done
Creating nginx             ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://10.0.0.11. 
For more details, please visit https://github.com/goharbor/harbor .

[root@docker01 harbor]# 

#nginx启动的时候如果端口被占用,可能是httpd服务占用了80端口,这是用/usr/sbin/apachectl stop关闭服务即可。

第五步:访问harbor:http://10.0.0.11(admin/123456

第六步:上传镜像

[root@docker02 ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
kod                 v1                  0cb8570501c2        4 days ago          425MB
busybox             latest              db8ee88ad75f        11 days ago         1.22MB
tomcat              latest              238e6d7313e3        12 days ago         506MB
registry            latest              f32a97de94e1        4 months ago        25.8MB
[root@docker02 ~]# docker tag busybox:latest 10.0.0.11/library/busybox:latest   #打标签tag
[root@docker02 ~]# docker login 10.0.0.11    #harbor需要先登录
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@docker02 ~]# docker push 10.0.0.11/library/busybox:latest      #推送到harbor,加上library指定的目录中
The push refers to repository [10.0.0.11/library/busybox]
0d315111b484: Pushed 
latest: digest: sha256:895ab622e92e18d6b461d671081757af7dbaa3b00e3e28e12505af7817f73649 size: 527
[root@docker02 ~]# 

#如果这一步骤报错:
报错1:(默认har采用https,这里需要添加信任地址ip)

[root@docker02 ~]# docker push 10.0.0.11/library/busybox:latest
The push refers to repository [10.0.0.11/library/busybox]
Get https://10.0.0.11/v2/: dial tcp 10.0.0.11:443: connect: connection refused

解决1:在/etc/docker/daemon.json,添加代码

[root@docker02 ~]# vim /etc/docker/daemon.json 
{
  "insecure-registries": ["10.0.0.11"]
}

 

报错2:连接请求被拒绝

[root@docker02 ~]# docker push 10.0.0.11/library/busybox:latest
The push refers to repository [10.0.0.11/library/busybox]
0d315111b484: Preparing 
denied: requested access to the resource is denied
[root@docker02 ~]#

解决2:因为没有登陆,harbor需要登陆,用户名默认admin,密码是上面配置的123456

[root@docker02 ~]# docker login 10.0.0.11
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
[root@docker02 ~]# docker push 10.0.0.11/library/busybox:latest
The push refers to repository [10.0.0.11/library/busybox]
0d315111b484: Pushed 
latest: digest: sha256:895ab622e92e18d6b461d671081757af7dbaa3b00e3e28e12505af7817f73649 size: 527
[root@docker02 ~]#


第七步:检查并pull镜像,在library下就能找到刚push上去的busybox镜像

我们在docker03主机上pull下来试试,同样也是需要在docker03上添加信任ip地址,然后重启docker

[root@docker03 ~]# vim /etc/docker/daemon.json 

{
"registry-mirrors": ["https://registry.docker-cn.com"],
"insecure-registries": ["10.0.0.11"]
}
[root@docker03 ~]# systemctl restart docker 
[root@docker03 ~]# docker pull 10.0.0.11/library/busybox:latest
latest: Pulling from library/busybox
ee153a04d683: Pull complete 
Digest: sha256:895ab622e92e18d6b461d671081757af7dbaa3b00e3e28e12505af7817f73649
Status: Downloaded newer image for 10.0.0.11/library/busybox:latest
10.0.0.11/library/busybox:latest
[root@docker03 ~]# 

下载镜像的时候是不需要登陆的,严格按照镜像在私有仓库中的路径下载。因为上传到library中,所以下载的时候也要从library下载,docker pull 10.0.0.11/library/busybox:latest

 

docker的文章就这样完结了,如有错误,请帮忙指出QQ:970737468。

最后修改于 2019-07-30 14:03:32
如果觉得我的文章对你有用,请随意赞赏
扫一扫支付
上一篇