Rocky Linux 9 离线安装 Harbor

1、Harbor安装方式

  在线安装、离线安装、源码安装、helm chart、Operation安装

2、Docker-CE安装

参考:https://www.cnblogs.com/a120608yby/p/9883175.html

3、Docker Daemon配置

参考:https://www.cnblogs.com/a120608yby/p/17192597.html

4、Docker Compose安装

参考:https://www.cnblogs.com/a120608yby/p/14582853.html

5、配置内核参数(可选)

# vim /etc/sysconfig/modules/iptables.modules 
modprobe nf_conntrack

# chmod +x /etc/sysconfig/modules/iptables.modules
# modprobe nf_conntrack

# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

# sysctl -p

6、下载离线包并解压

# wget https://github.com/goharbor/harbor/releases/download/v2.7.2/harbor-offline-installer-v2.7.2.tgz

# tar xf harbor-offline-installer-v2.7.2.tgz -C /opt

7、创建SSL自签证书(已有SSL证书的跳过)

# 配置域名
# vim /etc/ssl/openssl.cnf
...
# 最后行增加配置
# 如果有多个渔民 ⇒ DNS:reg.example.com, DNS:www.example.com
[ example.com ]
subjectAltName = DNS:reg.example.com
 
# 创建一张有效期为10年的SSL证书
cd /etc/pki/tls/certs
openssl genrsa -aes128 2048 > server.key
openssl rsa -in server.key -out server.key
openssl req -utf8 -new -key server.key -out server.csr
openssl x509 -in server.csr -out server.crt -req -signkey server.key -extfile /etc/ssl/openssl.cnf -extensions example.com -days 3650
chmod 600 server.key

8、修改配置

# cd /opt/harbor
# cp harbor.yml.tmpl harbor.yml

# vim harbor.yml
...
hostname reg.example.com   #主机名称或者IP地址

...
# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /etc/pki/tls/certs/server.crt
  private_key: /etc/pki/tls/certs/server.key

9、生成配置

./prepare

10、执行安装命令

./install.sh --with-trivy --with-chartmuseum    #从v2.8.0版本开始不在支持--with-chartmuseum选项(默认已包含扫描器)

11、查看安装后的服务状态

docker-compose ps

12、Web访问

访问地址:https://reg.example.com
用户名:admin
密码:Harbor12345

注意:高版本的docker启用了BuildKit特性,如果镜像仓库未配置https,构建镜像会报错,另外构建镜像过程中,建议在build后增加"--no-cache"

# 参考:https://docs.docker.com/engine/release-notes/23.0/#buildkit-inline-cache-tracking-issuehttpsgithubcommobymobyissues44918
# 解决办法
# vim /etc/profile
...
export DOCKER_BUILDKIT=0

参考:

https://mp.weixin.qq.com/s/nIrP6FOFuTHlooWDLySyLQ
https://goharbor.io/docs/2.7.0/install-config/run-installer-script/ 

  

posted on 2022-11-11 16:16  a120608yby  阅读(353)  评论(0编辑  收藏  举报
Powered by:
博客园
Copyright © 2024 a120608yby
Powered by .NET 8.0 on Kubernetes