Harbor搭建教程(更实用)

harbor.yml配置

[root@R420 harbor]# cat harbor.yml 
# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: 192.168.100.33　　#写IP地址,不写域名

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 899

# https related config
#https:
  # https port for harbor, default is 443
 # port: 443
  # The path of cert and key files for nginx
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path

# # Uncomment following will enable tls communication between all harbor components
# internal_tls:
#   # set enabled to true means internal tls is enabled
#   enabled: true
#   # put your cert and key files on dir
#   dir: /etc/harbor/tls/internal

# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433

# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345

# Harbor DB configuration
database:

Nginx配置

server {
    listen 443 ssl;
    listen 80;
    server_name harbor.xxx.com;
    ssl_certificate      cert/1_harbor.xxx.com_bundle.crt;
    ssl_certificate_key  cert/2_harbor.xxx.com.key;
    ssl_session_timeout 5m; 
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://127.0.0.1:899;
        proxy_redirect on;　　#一定要设置为on,否则不能push到仓库.
        proxy_redirect http:// $scheme://;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        client_max_body_size 0m;
        client_body_buffer_size 128k; 
        proxy_connect_timeout 90;   
        proxy_read_timeout 90;
        proxy_buffer_size 4k;       
        proxy_buffers 6 32k;        
        proxy_busy_buffers_size 64k; 
        proxy_temp_file_write_size 64k; 
    }
}

测试,网页和docker login都问题.docker login可以用2个地址登录

docker login 192.168.100.xx:899
docker login harbor.xxx.com

 问题解决

[root@R420 harbor]# docker push harbor.xxx.com/library/centos:v1
The push refers to repository [harbor.xxx.com/library/centos]
89169d87dbe2: Pushing [==================================================>]  209.5MB
error parsing HTTP 413 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>413 Request Entity Too Large</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n"

增加Nignx配置，放开限制：client_max_body_size 0;

docker推送到私有仓库测试

#推送前必须为images打tag

docker tag f1cb7c7d58b7 harbor.xxx.com/library/centos:v1

f1cb7c7d58b7:镜像(image)名称.

harbor.xxx.com:私有仓库域名.

library:仓库项目,可以自己创建.

centos:v1 镜像名称和版本.

docker push harbor.xxx.com/library/centos:v1

成功.