搭建企业级私有镜像仓库Harbor

Harbor是VMware公司开源的企业级Docker Registry项目，项目地址：https://github.com/vmware/harbor

环境准备：

Docker：192.168.56.16 CentOS7
Harbor：192.168.56.10 CentOS7

1、下载离线安装包

https://github.com/goharbor/harbor/releases
harbor-offline-installer-v1.4.0.tgz

2、安装Docker

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum makecache fast
yum install docker-ce
systemctl start docker

3、安装docker-compose

curl -L https://get.daocloud.io/docker/compose/releases/download/1.23.2/docker-compose-`uname -s`-`uname -m` > /usr/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

4、安装harbor,创建自签TLS证书

# 解压harbor软件包并创建证书存放目录
tar xf harbor-offline-installer-v1.4.0.tgz
cd harbor && mkdir ssl && cd ssl

4.1 create your own CA certificate:

openssl req \
 -newkey rsa:4096 -nodes -sha256 -keyout ca.key \
 -x509 -days 365 -out ca.crt

Country Name(2 letter code) [XX]:CN
Common Name (eg, you name or you server's hostname)[]:lizhenliang 
其它选项默认不用填写

4.2 Generate a Certificate Signing Request:

openssl req \
 -newkey rsa:4096 -nodes -sha256 -keyout reg.aliangedu.com.key \
 -out reg.aliangedu.com.csr
 
Country Name(2 letter code) [XX]:CN
Common Name (eg, you name or you server's hostname)[]:reg.aliangedu.com
其它选项默认不用填写

4.3 Generate the certificate of your registry host：

openssl x509 -req -days 365 -in reg.aliangedu.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out reg.aliangedu.com.crt

5、Harbor安装与配置

5.1 修改配置文件(/root/harbor/harbor.cfg)

hostname = reg.aliangedu.com
ui_url_protocol = https
ssl_cert = ./ssl/reg.aliangedu.com.crt
ssl_cert_key = ./ssl/reg.aliangedu.com.key
harbor_admin_password = Harbor12345

5.2 进入harbor目录，执行准备工作并进行安装harbor

cd /root/harbor/ && ./prepare && ./install.sh

6、Docker主机访问Harbor

# 拷贝证书到docker主机
# scp reg.aliangedu.com.crt root@192.168.56.10:/etc/docker/certs.d/reg.aliang.com

# 打包镜像
# docker tag tomcat:v1 reg.aliangedu.com/silubuy/tomcat:v1

# 登录
docker login reg.aliangedu.com
user
pass

# 上传镜像
# docker push reg.aliangedu.com/silubuy/tomcat:v1

# 下载镜像
# docker push reg.aliangedu.com/silubuy/tomcat:v1