harbor2.1.2搭建

一、环境及软件准备

  1、操作系统,centos7.9 (选择7.7之后的版本,因为需要Python3环境,7.7之后可以使用yum安装python3)

  2、提前安装好docker、docker-compose

二、harbor安装

  1、下载软件

  #下载

  wget https://github.com/goharbor/harbor/releases/download/v2.1.2/harbor-offline-installer-v2.1.2.tgz

  tar zxf harbor-offline-installer-v2.1.2.tgz -C /usr/local

  cd /usr/local/harbor/

   2、编辑配置文件

  #编辑这个配置文件

  mv harbor.yml.tmpl harbor.yml

# Configuration file of Harbor

 

# The IP address or hostname to access admin UI and registry service.

# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.

hostname: reg.local.com

 

# http related config

# http:

  # port for http, default is 80. If https enabled, this port will redirect to https port

  # port: 80#TODO

 

# https related config

https:

  # https port for harbor, default is 443

  port: 443

  # The path of cert and key files for nginx

  certificate: /data/cert/reg.local.com.crt

  private_key: /data/cert/reg.local.com.key

这是文件的开头部分,需要修改注意的是hostname的值修改为本机地址

剩下就是https的证书的路径需要修改

    3、生成证书

# 在该目录下操作生成证书,正好供harbor.yml使用

mkdir -p /data/cert

cd /data/cert

 

openssl genrsa -out ca.key 4096

openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=reg.local.com" -key ca.key -out ca.crt

openssl genrsa -out reg.local.com.key 4096

openssl req -sha512 -new -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=reg.local.com" -key reg.local.com.key -out reg.local.com.csr

 

cat > v3.ext <<-EOF

authorityKeyIdentifier=keyid,issuer

basicConstraints=CA:FALSE

keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment

extendedKeyUsage = serverAuth

subjectAltName = @alt_names

 

[alt_names]

DNS.1=reg.local.com

DNS.2=harbor

DNS.3=ks-allinone

EOF

 

openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in reg.local.com.csr -out reg.local.com.crt

   

openssl x509 -inform PEM -in reg.local.com.crt -out reg.local.com.cert

 

cp reg.local.com.crt /etc/pki/ca-trust/source/anchors/reg.local.com.crt

update-ca-trust

 

注意:可以将上述命令放入一脚本中运行也可以。

 

4、安装harbor

   /usr/local/harbor/目录下运行harbor自带的install.sh脚本进行安装

 

 

✔ ----Harbor has been installed and started successfully.----

出现successfully字样即为安装成功

 

5、更新下daemon.json文件内容

cat > /etc/docker/daemon.json <<EOF

{"exec-opts":["native.cgroupdriver=systemd"],"log-driver":"json-file","log-opts":{"max-size":"100m"},"registry-mirrors":["https://pee6w651.mirror.aliyuncs.com"],"insecure-registries": ["https://reg.local.com"]}

EOF

 

重启docker、docker-compose结束安装

6、验证安装

http://本机ip

打开harbor

默认用户名:admin   默认密码:Harbor12345

 

安装结束,可以使用了。

写的比较简单,大家见谅。

最后跟大家说一下,一定要按照文档里的版本来安装,不要下载最新的harbor2.3版本,因为2.3版本需要Python3.9版本,目前centos7能用yum安装的python3是3.6版本。为了偷懒,所以使用2.1.2版本

 

posted @ 2021-08-18 17:01  起飞ing  阅读(278)  评论(0)    收藏  举报