接入Harbor私有仓库

项目组现在需要接入CI/CD,其中就包括接入Harbor,本文将记录如何在CentOS7.6机器上完成接入Harbor。
前期工作:首先需要在Harbor上开具账号,创建相应项目(当前项目为imagetest)。

设置Docker

默认开发机已完成Docker安装:

# docker version 
Client: Docker Engine - Community
 Version:           20.10.16
 API version:       1.41
 Go version:        go1.17.10
 Git commit:        aa7e414
 Built:             Thu May 12 09:19:45 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.16
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.10
  Git commit:       f756502
  Built:            Thu May 12 09:18:08 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.4
  GitCommit:        212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
 runc:
  Version:          1.1.1
  GitCommit:        v1.1.1-0-g52de29d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

/etc/docker/daemon.json文件中(如果没有daemon.json文件,则自行创建此文件)写入如下信息:

{
	"insecure-registries": ["192.168.38.91:8090"]
}

文件中的192.168.38.91:8090为Harbor的部署地址。

设置完成后,需要重启Docker,执行以下命令即可:

# systemctl daemon-reload
# systemctl restart docker

登录Harbor

完成Docker设置后,需要手动执行登录命令,以便确认Docker接入Harbor。

# docker login 192.168.38.91:8090
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

推送镜像

登陆完成后,即可在开发机上打包镜像并推送至Harbor。

# 以下命令是Harbor推荐命令,我们可参照完成
# 192.168.38.91:8090/imagetest/是镜像标记固定前缀,若未设置此前缀,镜像将会被尝试推送至docker.io

# 在项目中标记镜像:
docker tag SOURCE_IMAGE[:TAG] 192.168.38.91:8090/imagetest/REPOSITORY[:TAG]

# 推送镜像到当前项目:
docker push 192.168.38.91:8090/imagetest/REPOSITORY[:TAG]

在示例项目(Java项目)中创建Dockerfile,具体如下所示:

FROM openjdk:11.0.15-jdk

VOLUME /tmp

RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone \
&& mkdir -p /opt/app/log

ARG JAR_FILE=*.jar
COPY ${JAR_FILE} /opt/app/app.jar
WORKDIR /opt/app/

ENTRYPOINT ["java","-Xms1g", "-Xmx1g","-verbose:gc", \
"-Xlog:gc,gc+ref=debug,gc+heap=debug,gc+age=trace:file=/opt/app/log/gc_%p.log:tags,uptime,time,level", \
"-Xlog:safepoint:file=/opt/app/log/safepoint_%p.log:tags,uptime,time,level", \
"-XX:+HeapDumpOnOutOfMemoryError", "-XX:HeapDumpPath=/opt/app/log/network-capability.hprof", \
"-XX:ErrorFile=/opt/app/log/hs_error_pid%p.log", "-XX:-OmitStackTraceInFastThrow", "-jar","/app.jar"]

执行以下命令完成镜像打包和推送:

# 打包镜像,并添加TAG:`192.168.38.91:8090/imagetest/demo:0.1`
docker build -t 192.168.38.91:8090/imagetest/demo:0.1 .

# 推送镜像
docker push 192.168.38.91:8090/imagetest/demo:0.1

检查Harbor仓库,即可发现镜像完成推送。

posted @ 2022-05-20 10:41  从此寂静无声  阅读(248)  评论(0编辑  收藏  举报