仓库

 

harbor私有仓库

下载安装harbor安装包

http://harbor.orientsoft.cn/

 

安装docker compose

curl -L "https://github.com/docker/compose/releases/download/1.24.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

 

[root@lb01 ~]# chmod +x /usr/local/bin/docker-compose

[root@lb01 ~]# ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

[root@lb01 ~]# docker-compose --version

docker-compose version 1.24.0, build 0aa59064

 

 

harbor安装

https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md

自签tls证书

https://github.com/goharbor/harbor

https://github.com/goharbor/harbor/blob/master/docs/configure_https.md#configuration-and-installation

 

 

[root@lb01 ~/harbor]# mkdir ssl

[root@lb01 ~/harbor]# cd ssl

 

openssl req \

    -newkey rsa:4096 -nodes -sha256 -keyout ca.key \

    -x509 -days 365 -out ca.crt

 

    生成这2个

-rw-r--r-- 1 root root 1952 Apr 11 10:57 ca.crt

-rw-r--r-- 1 root root 3272 Apr 11 10:57 ca.key

    

 

openssl req -newkey rsa:4096 -nodes -sha256 -keyout john.john.com.key -out john.john.com.csr

  Country Name (2 letter code) [XX]:CN

  Common Name (eg, your name or your server's hostname) []:john.john.com

 

生成这个2个

-rw-r--r-- 1 root root 1679 Apr 11 11:02 john.john.com.csr

-rw-r--r-- 1 root root 3272 Apr 11 11:02 john.john.com.key

 

向ca颁发

openssl x509 -req -days 365 -in john.john.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out john.john.com.crt

 

-rw-r--r-- 1 root root 1846 Apr 11 11:09 john.john.com.crt

 

-rw-r--r-- 1 root root 1846 Apr 11 11:09 john.john.com.crt

-rw-r--r-- 1 root root 3272 Apr 11 11:02 john.john.com.key

 

Docker守护程序将.crt文件解释为CA证书,将.cert文件解释为客户端证书。

将服务器转换john.john.com.crt为john.john.com.cert:

 

openssl x509 -inform PEM -in john.john.com.crt -out john.john.com.cert

-rw-r--r-- 1 root root 1846 Apr 11 14:57 john.john.com.cert

 

复制key.crt.cert到服务端

[root@db01 ~]# mkdir -p /etc/docker/certs.d/john.john.com

scp john.john.com.cert john.john.com.crt john.john.com.key 10.0.0.51:/docker/certs.d/john.john.com

 

 

为Harbor生成配置文件:

[root@lb01 ~/harbor]#./prepare

 

启动

[root@lb01 ~/harbor]# ./install.sh

 

 

 

 

 

客户端登陆

[root@db01 ~]# docker login john.john.com

打标

docker tag tomcat-redis:v1 john.john.com/test/tomcat-redis:v1

 

推镜像

docker push john.john.com/test/tomcat-redis:v1

 

 

 

拉镜像

[root@db01 ~]# docker pull john.john.com/test/tomcat-redis:v1

 

posted @ 2019-04-11 16:02  john5的博客  阅读(203)  评论(0)    收藏  举报
// 侧边栏目录 // https://blog-static.cnblogs.com/files/douzujun/marvin.nav.my1502.css