centos7安装harbor

目录

• 基础环境配置
• 安装docker 和 docker-compose
• 准备python环境
• 下载离线安装包
• 安装
• 启动和关闭
• 修改端口
• 浏览器访问
  • • harbor的公开仓库拉去镜像不需要权限，上传镜像需要登录

---

基础环境配置

vim /etc/sysctl.conf

net.ipv4.ip_forward = 1
vm.max_map_count = 655360

安装docker 和 docker-compose

harbor需要依赖docker和docker-compose
我安装的harbor是v1.7.8(高版本需要python 3.6)

准备python环境

centos7 默认带的是 pyhton2.7，harbor 1.10以上需要的是python 3.6+ ，我试过安装python3但是依旧报错，好像是需要一个click的模块，对python=环境有一定了解的尝试

下载离线安装包

下载地址

#解压
tar -zxvf harbor-offline-installer-v1.7.8.tgz
#静茹harbor目录
cd harbor
#复制一份配置文件去掉后缀
cp harbor.yml.tmpl harbor.yml

编辑harbor.cfg,解压后编辑配置文件harbor.cfg

• hostname改成主机IP
• 没有证书把证书注释掉，
• 查看harbor默认初始密码

hostname = 192.168.100.200

#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = http

#Maximum number of job workers in job service
max_job_workers = 10

#Determine whether or not to generate certificate for the registry's token.
#If the value is on, the prepare script creates new root cert and private key
#for generating token to access the registry. If the value is off the default key/cert will be used.
#This flag also controls the creation of the notary signer's cert.
customize_crt = on

#The path of cert and key files for nginx, they are applied only the protocol is set to https
#ssl_cert = /data/cert/server.crt        #注释掉
#ssl_cert_key = /data/cert/server.key    #注释掉

安装

执行./install.sh，安装前会检查docker和docker-compose的版本

[root@localhost harbor]# ./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 20.10.11

Note: docker-compose version: 1.29.2
.
.
.

[Step 2]: preparing environment ...
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/core/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/core/app.conf
Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.


[Step 3]: checking existing instance of Harbor ...


[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-adminserver ... done
Creating registryctl        ... done
Creating harbor-db          ... done
Creating registry           ... done
Creating redis              ... done
Creating harbor-core        ... done
Creating harbor-jobservice  ... done
Creating harbor-portal      ... done
Creating nginx              ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://192.168.100.200.
For more details, please visit https://github.com/goharbor/harbor .

启动和关闭

[root@localhost harbor]# ls -l
total 631820
drwxr-xr-x. 4 root root        37 Feb  1 04:07 common
-rw-r--r--. 1 root root       939 Feb 27  2021 docker-compose.chartmuseum.yml
-rw-r--r--. 1 root root       975 Feb 27  2021 docker-compose.clair.yml
-rw-r--r--. 1 root root      1434 Feb 27  2021 docker-compose.notary.yml
-rw-r--r--. 1 root root      5608 Feb 27  2021 docker-compose.yml
-rw-r--r--. 1 root root      8034 Feb  1 04:06 harbor.cfg
-rw-r--r--. 1 root root 645628941 Feb 27  2021 harbor.v1.7.8.tar.gz
-rwxr-xr-x. 1 root root      5739 Feb 27  2021 install.sh
-rw-r--r--. 1 root root     11347 Feb 27  2021 LICENSE
-rw-r--r--. 1 root root   1263409 Feb 27  2021 open_source_license
-rwxr-xr-x. 1 root root     36337 Feb 27  2021 prepare

看harbor的目录，里面有docker-compose.yml 文件，实际harbor是一个docker-compose的组合服务

在harbor文件的目录下执行

创建并且启动：docker-compose up -d

卸载：docker-compose down

启动：docker-compose start

关闭：docker-compose stop

修改端口

harbor默认端口是80，可以把他改成别的，比如280
vim docker-compse.yml,查找nginx有关的配置修改端口

  proxy:
    image: goharbor/nginx-photon:v1.7.8
    container_name: nginx
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - NET_BIND_SERVICE
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    dns_search: .
    ports:
      - 280:80            #该成280:80
      - 443:443
      - 4443:4443

浏览器访问

http://192.168.100.200:280
默认账号：admin
默认密码:Harbor12345

harbor的公开仓库拉去镜像不需要权限，上传镜像需要登录