部署Harbor
[root@VM-4-4-centos harbor]# hostnamectl set-hostname harbor-cloud && bash [root@harbor-cloud harbor]# mkdir /data/ssl -p [root@harbor-cloud harbor]# cd /data/ssl/ [root@harbor-cloud ssl]# ll total 0 [root@harbor-cloud ssl]# openssl genrsa -out ca.key 3072 Generating RSA private key, 3072 bit long modulus .................................++ ........................................++ e is 65537 (0x10001) [root@harbor-cloud ssl]# openssl req -new -x509 -days 3650 -key ca.key -out ca.pem You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CH State or Province Name (full name) []:SH Locality Name (eg, city) [Default City]:SH Organization Name (eg, company) [Default Company Ltd]:CA Organizational Unit Name (eg, section) []:CA Common Name (eg, your name or your server's hostname) []: Email Address []: [root@harbor-cloud ssl]# openssl genrsa -out harbor.key 3072 Generating RSA private key, 3072 bit long modulus .............................................++ .......++ e is 65537 (0x10001)
[root@harbor-cloud ssl]# openssl req -new -key harbor.key -out harbor.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CH State or Province Name (full name) []:SH Locality Name (eg, city) [Default City]:SH Organization Name (eg, company) [Default Company Ltd]:CA Organizational Unit Name (eg, section) []:CA Common Name (eg, your name or your server's hostname) []:harbor-cloud Email Address []: Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@harbor-cloud ssl]# openssl x509 -req -in harbor.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out harbor.pem -days 3650 Signature ok subject=/C=CH/ST=SH/L=SH/O=CA/OU=CA/CN=harbor-cloud Getting CA Private Key
[root@harbor-cloud ssl]# ll
total 24
-rw-r--r-- 1 root root 2459 Feb 23 11:57 ca.key
-rw-r--r-- 1 root root 1562 Feb 23 11:57 ca.pem
-rw-r--r-- 1 root root 17 Feb 23 11:59 ca.srl
-rw-r--r-- 1 root root 1330 Feb 23 11:58 harbor.csr
-rw-r--r-- 1 root root 2455 Feb 23 11:58 harbor.key
-rw-r--r-- 1 root root 1476 Feb 23 11:59 harbor.pem
解压harbor
tar -xvf harbor-offline-installer-v2.3.2.tgz
重命名docker-compose
mv docker-compose-Linux-x86_64_1.24.1 /usr/bin/docker-compose
进入harbor文件,复制harbor.yml.tmpl
[root@harbor-cloud harbor]# cd harbor [root@harbor-cloud harbor]# ll total 594396 -rw-r--r-- 1 root root 0 Feb 23 12:40 ] drwxr-xr-x 3 root root 20 Feb 23 12:39 common -rw-r--r-- 1 root root 3361 Aug 18 2021 common.sh -rw-r--r-- 1 root root 6802 Feb 23 12:39 docker-compose.yml -rw-r--r-- 1 root root 608611132 Aug 18 2021 harbor.v2.3.2.tar.gz -rw-r--r-- 1 root root 7832 Feb 23 12:37 harbor.yml -rw-r--r-- 1 root root 7840 Aug 18 2021 harbor.yml.tmpl -rwxr-xr-x 1 root root 2500 Aug 18 2021 install.sh -rw-r--r-- 1 root root 11347 Aug 18 2021 LICENSE -rwxr-xr-x 1 root root 1881 Aug 18 2021 prepare [root@harbor-cloud harbor]# cp harbor.yml.tmpl harbor.yml
配置harbor配置文件 修改hostname、配置ssl证书、账户密码配置
# Configuration file of Harbor # The IP address or hostname to access admin UI and registry service. # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients. hostname: harbor-cloud # http related config http: # port for http, default is 80. If https enabled, this port will redirect to https port port: 80 # https related config https: # https port for harbor, default is 443 port: 443 # The path of cert and key files for nginx certificate: /data/ssl/harbor.pem private_key: /data/ssl/harbor.key # # Uncomment following will enable tls communication between all harbor components # internal_tls: # # set enabled to true means internal tls is enabled # enabled: true # # put your cert and key files on dir # dir: /etc/harbor/tls/internal # Uncomment external_url if you want to enable external proxy # And when it enabled the hostname will no longer used # external_url: https://reg.mydomain.com:8433 # The initial password of Harbor admin # It only works in first time to install harbor # Remember Change the admin password from UI after launching Harbor. harbor_admin_password: Harbor12345 # Harbor DB configuration database: # The password for the root user of Harbor DB. Change this before any production use. password: root123 # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained. max_idle_conns: 100 # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections. # Note: the default number of connections is 1024 for postgres of harbor. max_open_conns: 900 # The default data volume data_volume: /data
进行安装 开启镜像扫描功能
[root@harbor-cloud harbor]# ./install.sh --with-trivy [Step 0]: checking if docker is installed ... Note: docker version: 19.03.15 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.24.1 [Step 2]: loading Harbor images ... f6e68d4c9b22: Loading layer [==================================================>] 37.21MB/37.21MB 103076ba7411: Loading layer [==================================================>] 121.2MB/121.2MB fde3b64438e3: Loading layer [==================================================>] 3.072kB/3.072kB 249a34ecfbe2: Loading layer [==================================================>] 59.9kB/59.9kB 35783e12f32a: Loading layer [==================================================>] 61.95kB/61.95kB Loaded image: goharbor/redis-photon:v2.3.2 7301dee185fe: Loading layer [==================================================>] 8.746MB/8.746MB Loaded image: goharbor/nginx-photon:v2.3.2 4317ca489899: Loading layer [==================================================>] 8.746MB/8.746MB d2169f633d64: Loading layer [==================================================>] 11.64MB/11.64MB cacd32b266bf: Loading layer [==================================================>] 1.688MB/1.688MB Loaded image: goharbor/harbor-portal:v2.3.2 c3ae7e069c68: Loading layer [==================================================>] 7.359MB/7.359MB 0cfc20b693dd: Loading layer [==================================================>] 4.096kB/4.096kB 4fca387754cd: Loading layer [==================================================>] 3.072kB/3.072kB 3c4496c3ec80: Loading layer [==================================================>] 31.52MB/31.52MB 1fc058950d0e: Loading layer [==================================================>] 11.39MB/11.39MB 4ed942b905a4: Loading layer [==================================================>] 43.7MB/43.7MB Loaded image: goharbor/trivy-adapter-photon:v2.3.2 a302c582e666: Loading layer [==================================================>] 6.82MB/6.82MB 4dfdb1a3466a: Loading layer [==================================================>] 67.47MB/67.47MB 678180162221: Loading layer [==================================================>] 3.072kB/3.072kB 7241b7d6bd32: Loading layer [==================================================>] 4.096kB/4.096kB ee4b32ba01a0: Loading layer [==================================================>] 68.26MB/68.26MB Loaded image: goharbor/chartmuseum-photon:v2.3.2 671f3386d963: Loading layer [==================================================>] 6.816MB/6.816MB a832248f5584: Loading layer [==================================================>] 6.219MB/6.219MB 7a2ef1cebf21: Loading layer [==================================================>] 14.47MB/14.47MB 51aa675bbc9d: Loading layer [==================================================>] 29.29MB/29.29MB 7e6d06a2bb53: Loading layer [==================================================>] 22.02kB/22.02kB 799b207a8043: Loading layer [==================================================>] 14.47MB/14.47MB Loaded image: goharbor/notary-signer-photon:v2.3.2 c2660666d3b6: Loading layer [==================================================>] 9.914MB/9.914MB f64ad03ac62f: Loading layer [==================================================>] 3.584kB/3.584kB e0552b870e12: Loading layer [==================================================>] 2.56kB/2.56kB 3c2ef908bb96: Loading layer [==================================================>] 73.35MB/73.35MB f22a7c57e296: Loading layer [==================================================>] 5.632kB/5.632kB 6788f0f8bfd7: Loading layer [==================================================>] 93.7kB/93.7kB cb5eff88e3c0: Loading layer [==================================================>] 11.78kB/11.78kB 9cf98131b83d: Loading layer [==================================================>] 74.25MB/74.25MB 9ffcc54d3726: Loading layer [==================================================>] 2.56kB/2.56kB Loaded image: goharbor/harbor-core:v2.3.2 c01617f475a3: Loading layer [==================================================>] 125.4MB/125.4MB a107f03b1efa: Loading layer [==================================================>] 3.584kB/3.584kB e224182b3157: Loading layer [==================================================>] 3.072kB/3.072kB caa213381dfb: Loading layer [==================================================>] 2.56kB/2.56kB dd7c9a10421f: Loading layer [==================================================>] 3.072kB/3.072kB e104b65b19d1: Loading layer [==================================================>] 3.584kB/3.584kB cca35c852e5b: Loading layer [==================================================>] 19.97kB/19.97kB Loaded image: goharbor/harbor-log:v2.3.2 f85726ba84dc: Loading layer [==================================================>] 6.821MB/6.821MB a056039f5f6d: Loading layer [==================================================>] 4.096kB/4.096kB c90e384ee5a4: Loading layer [==================================================>] 19.02MB/19.02MB 166cfc19ad5d: Loading layer [==================================================>] 3.072kB/3.072kB 9b458167a646: Loading layer [==================================================>] 25.44MB/25.44MB 2a481503dae1: Loading layer [==================================================>] 45.24MB/45.24MB Loaded image: goharbor/harbor-registryctl:v2.3.2 6b9b715ecb6e: Loading layer [==================================================>] 9.914MB/9.914MB 8ac2885dd0bc: Loading layer [==================================================>] 17.72MB/17.72MB 3cd80dd3cb0c: Loading layer [==================================================>] 4.608kB/4.608kB 7c944a564b1f: Loading layer [==================================================>] 18.51MB/18.51MB Loaded image: goharbor/harbor-exporter:v2.3.2 b414ebcb4508: Loading layer [==================================================>] 6.816MB/6.816MB cd880de5aa45: Loading layer [==================================================>] 6.219MB/6.219MB 1031af43c4d0: Loading layer [==================================================>] 15.88MB/15.88MB fcd9b76b6247: Loading layer [==================================================>] 29.29MB/29.29MB a32b5e8b89c2: Loading layer [==================================================>] 22.02kB/22.02kB af9265555a5b: Loading layer [==================================================>] 15.88MB/15.88MB Loaded image: goharbor/notary-server-photon:v2.3.2 aa2711296b84: Loading layer [==================================================>] 164.9MB/164.9MB 6779d37c68fb: Loading layer [==================================================>] 55.24MB/55.24MB 6bb091d5607a: Loading layer [==================================================>] 2.56kB/2.56kB 86bb5dbffc81: Loading layer [==================================================>] 1.536kB/1.536kB b67384f7c271: Loading layer [==================================================>] 12.29kB/12.29kB abcd93453033: Loading layer [==================================================>] 2.882MB/2.882MB f5e6ae9af13d: Loading layer [==================================================>] 297kB/297kB Loaded image: goharbor/prepare:v2.3.2 571889b5abe7: Loading layer [==================================================>] 1.096MB/1.096MB b8a1c2a0e296: Loading layer [==================================================>] 5.888MB/5.888MB 99e396e6432d: Loading layer [==================================================>] 173.6MB/173.6MB 58ae8b6bde55: Loading layer [==================================================>] 15.34MB/15.34MB c61cba7d6edf: Loading layer [==================================================>] 4.096kB/4.096kB 811ccbc829a3: Loading layer [==================================================>] 6.144kB/6.144kB f35f22870f37: Loading layer [==================================================>] 3.072kB/3.072kB 2b725cdc2563: Loading layer [==================================================>] 2.048kB/2.048kB f2ac0b4b02e3: Loading layer [==================================================>] 2.56kB/2.56kB db59c776f906: Loading layer [==================================================>] 2.56kB/2.56kB b0306a6e97d4: Loading layer [==================================================>] 2.56kB/2.56kB 46283a1471c9: Loading layer [==================================================>] 8.704kB/8.704kB Loaded image: goharbor/harbor-db:v2.3.2 d7d543260996: Loading layer [==================================================>] 9.914MB/9.914MB fb7ca2ddf03a: Loading layer [==================================================>] 3.584kB/3.584kB 23c842c0e703: Loading layer [==================================================>] 2.56kB/2.56kB 07d33224975b: Loading layer [==================================================>] 82.47MB/82.47MB c1ab2a452194: Loading layer [==================================================>] 83.26MB/83.26MB Loaded image: goharbor/harbor-jobservice:v2.3.2 242e29e7d4c6: Loading layer [==================================================>] 6.821MB/6.821MB 8fcdb8b505d0: Loading layer [==================================================>] 4.096kB/4.096kB f5f2693cdb62: Loading layer [==================================================>] 3.072kB/3.072kB 09c19ab2448d: Loading layer [==================================================>] 19.02MB/19.02MB 3a12ffe8175d: Loading layer [==================================================>] 19.81MB/19.81MB Loaded image: goharbor/registry-photon:v2.3.2 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ... prepare base dir is set to /root/harbor/harbor Generated configuration file: /config/portal/nginx.conf Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/registryctl/config.yml Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml Generated and saved secret to file: /data/secret/keys/secretkey Successfully called func: create_root_cert Generated configuration file: /config/trivy-adapter/env Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir [Step 5]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-portal ... done Creating registry ... done Creating redis ... done Creating harbor-db ... done Creating registryctl ... done Creating trivy-adapter ... done Creating harbor-core ... done Creating nginx ... done Creating harbor-jobservice ... done ✔ ----Harbor has been installed and started successfully.----
浙公网安备 33010602011771号