部署Harbor
Harbor简介
-
Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器,可以用来构建企业内部的Docker镜像仓库。
-
它在Docker的开源项目 Distribution的基础上,添加了一些企业需要的功能特性,如镜像同步复制、漏洞扫描和权限管理等。
部署harbor
[root@localhost ~]# DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
[root@localhost ~]# mkdir -p $DOCKER_CONFIG/cli-plugins
[root@localhost ~]# curl -SL https://github.com/docker/compose/releases/download/v2.7.0/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
[root@localhost cli-plugins]# ls
docker-compose
[root@localhost cli-plugins]# pwd
/root/.docker/cli-plugins
[root@localhost cli-plugins]# systemctl enable --now docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
[root@localhost cli-plugins]# ls
docker-compose
[root@localhost cli-plugins]# chmod +x docker-compose
[root@localhost cli-plugins]# ll
total 25188
-rwxr-xr-x. 1 root root 25792512 Aug 11 18:56 docker-compose
[root@localhost cli-plugins]#
[root@localhost cli-plugins]# ln -s /root/.docker/cli-plugins/docker-compose /usr/bin/
[root@localhost cli-plugins]# cd
[root@localhost ~]# which docker-compose
/usr/bin/docker-compose
[root@localhost ~]# docker compose version
Docker Compose version v2.7.0
[root@localhost ~]# ls
anaconda-ks.cfg
//传输harbor-offline-installer-v2.5.3.tgz
[root@localhost ~]# ls
anaconda-ks.cfg harbor-offline-installer-v2.5.3.tgz
[root@localhost ~]# tar xf harbor-offline-installer-v2.5.3.tgz -C /usr/local/
[root@localhost ~]# cd /usr/local/
[root@localhost local]# ls
bin etc games harbor include lib lib64 libexec sbin share src
[root@localhost local]# cd harbor/
[root@localhost harbor]# ls
common.sh harbor.v2.5.3.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
[root@localhost harbor]# cp harbor.yml.tmpl harbor.yml
[root@localhost harbor]# vi harbor.yml
[root@localhost harbor]# hostnamectl set-hostname harbor.example.com
[root@localhost harbor]# bash
[root@harbor harbor]# hostname
harbor.example.com
[root@harbor harbor]# vim harbor.yml
hostname: harbor.example.com
#https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/path
[root@harbor harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.17
[Step 1]: checking docker-compose is installed ...
......
[+] Running 9/9
⠿ Container harbor-log Started 0.6s
⠿ Container registry Started 2.7s
⠿ Container harbor-portal Started 2.8s
⠿ Container harbor-db Started 2.8s
⠿ Container registryctl Started 2.8s
⠿ Container redis Started 2.8s
⠿ Container harbor-core Started 3.2s
⠿ Container harbor-jobservice Started 4.3s
⠿ Container nginx Started 4.4s
✔ ----Harbor has been installed and started successfully.----
[root@harbor harbor]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 127.0.0.1:1514 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[root@harbor harbor]#
浏览器访问
重启是否生效
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
07f3d9235e7f goharbor/harbor-jobservice:v2.4.3 "/harbor/entrypoint.…" 19 minutes ago Up 38 seconds (healthy) harbor-jobservice
695eab7ea162 goharbor/nginx-photon:v2.4.3 "nginx -g 'daemon of…" 19 minutes ago Up 38 seconds (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
a379a8ccdea9 goharbor/harbor-core:v2.4.3 "/harbor/entrypoint.…" 19 minutes ago Up 38 seconds (healthy) harbor-core
2d55ff6bc175 goharbor/registry-photon:v2.4.3 "/home/harbor/entryp…" 19 minutes ago Up 38 seconds (healthy) registry
6a00f1bfc58c goharbor/harbor-portal:v2.4.3 "nginx -g 'daemon of…" 19 minutes ago Up 38 seconds (healthy) harbor-portal
4f1f6c1c8d37 goharbor/redis-photon:v2.4.3 "redis-server /etc/r…" 19 minutes ago Up 37 seconds (healthy) redis
878ebdb9e103 goharbor/harbor-db:v2.4.3 "/docker-entrypoint.…" 19 minutes ago Up 38 seconds (healthy) harbor-db
e6357fdcb967 goharbor/harbor-registryctl:v2.4.3 "/home/harbor/start.…" 19 minutes ago Up 38 seconds (healthy) registryctl
63b3b96042dc goharbor/harbor-log:v2.4.3 "/bin/sh -c /usr/loc…" 19 minutes ago Up 38 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log
//停止harbor中的几台容器,模拟容器故障
[root@localhost harbor]# docker stop 07f3d9235e7f
07f3d9235e7f
[root@localhost harbor]# docker stop 695eab7ea162
695eab7ea162
不能访问了
docker仓库应用
在安装了docker的环境下部署
//修改名字
[root@localhost ~]# hostnamectl set-hostname client
[root@localhost ~]# bash
//添加服务端IP
[root@client ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.72.131
[root@client ~]# ping 192.168.72.131
PING 192.168.72.131 (192.168.72.131) 56(84) bytes of data.
64 bytes from 192.168.72.131: icmp_seq=1 ttl=64 time=0.034 ms
64 bytes from 192.168.72.131: icmp_seq=2 ttl=64 time=0.039 ms
//登录harbor
[root@client ~]# vim /etc/docker/daemon.json
{ "registry-mirrors": ["https://pu3ld6zj.mirror.aliyuncs.com"],
"insecure-registries": ["192.168.72.131"]
}
[root@client ~]# systemctl restart docker
[root@client ~]# docker login 192.168.72.131
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@client ~]# docker pull httpd
Using default tag: latest
latest: Pulling from library/httpd
Digest: sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32
Status: Image is up to date for httpd:latest
docker.io/library/httpd:latest
[root@client ~]# docker images | grep httpd
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker tag httpd:latest 192.168.72.131/library/httpd:v0.1
[root@client ~]# docker push 192.168.72.131/library/httpd:v0.1
The push refers to repository [192.168.72.131/library/httpd]
deefaa620a71: Pushed
9cff3206f9a6: Pushed
15e4bf5d0804: Pushed
1da636a1aa95: Pushed
2edcec3590a4: Pushed
v0.1: digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194 size: 1365
[root@client ~]# docker images | grep httpd
192.168.72.131/library/httpd v0.1 dabbfbe0c57b 7 months ago 144MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker push 192.168.72.131/library/httpd:v0.1
The push refers to repository [192.168.72.131/library/httpd]
deefaa620a71: Layer already exists
9cff3206f9a6: Layer already exists
15e4bf5d0804: Layer already exists
1da636a1aa95: Layer already exists
2edcec3590a4: Layer already exists
v0.1: digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194 size: 1365
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.72.131/library/httpd v0.1 dabbfbe0c57b 7 months ago 144MB
httpd latest dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker tag 192.168.72.131/library/httpd:v0.1 harbor.example.com/library/httpd:v1.1
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.72.131/library/httpd v0.1 dabbfbe0c57b 7 months ago 144MB
httpd latest dabbfbe0c57b 7 months ago 144MB
harbor.example.com/library/httpd v1.1 dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker push 192.168.72.131/library/httpd:v0.1
The push refers to repository [192.168.72.131/library/httpd]
deefaa620a71: Layer already exists
9cff3206f9a6: Layer already exists
15e4bf5d0804: Layer already exists
1da636a1aa95: Layer already exists
2edcec3590a4: Layer already exists
v0.1: digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194 size: 1365
查看效果
测试是否能拉取下来
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.72.131/library/httpd v0.1 dabbfbe0c57b 7 months ago 144MB
httpd latest dabbfbe0c57b 7 months ago 144MB
harbor.example.com/library/httpd v1.1 dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker rmi -f 192.168.72.131/library/httpd:v0.1
Untagged: 192.168.72.131/library/httpd:v0.1
Untagged: 192.168.72.131/library/httpd@sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
httpd latest dabbfbe0c57b 7 months ago 144MB
harbor.example.com/library/httpd v1.1 dabbfbe0c57b 7 months ago 144MB
[root@client ~]# docker pull 192.168.72.131/library/httpd:v0.1
v0.1: Pulling from library/httpd
Digest: sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194
Status: Downloaded newer image for 192.168.72.131/library/httpd:v0.1
192.168.72.131/library/httpd:v0.1
[root@client ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
harbor.example.com/library/httpd v1.1 dabbfbe0c57b 7 months ago 144MB
192.168.72.131/library/httpd v0.1 dabbfbe0c57b 7 months ago 144MB
httpd latest dabbfbe0c57b 7 months ago 144MB
浙公网安备 33010602011771号