一、官网下载Harbor
Harbor是VMware公司开源的一个企业级Docker Registry项目,项目地址:https://github.com/goharbor/harbor
Harbor作为一个企业级私有Registry服务器,提供了更好的性能和安全,提升了用户使用Registry构建和运行环境传输镜像的效率。虽然Harbor和Registry都是私有镜像仓库的选择,但是Harbor的企业级特性更强,因此也是更多企业级用户的选择。
Harbor实现了基于角色的访问控制机制,并通过项目来对镜像进行组织和访问权限的控制,也常常和K8S中的namespace结合使用。此外,Harbor还提供了图形化的管理界面,我们可以通过浏览器来浏览,检索当前Docker镜像仓库,管理项目和命名空间。
#1.官网下载地址
Harbor官网下载: https://github.com/goharbor/harbor
#2.进入软件存放目录
[root@jindada ~]$ cd /data/software/
#3.下载habor-2.2.3
[root@jindada /data/software]$ wget https://github.com/goharbor/harbor/releases/download/v2.2.3/harbor-offline-installer-v2.2.3.tgz
二、解压Harbor安装包
#1.解压harbor安装包
[root@jindada /data/software]$ tar -zxf harbor-offline-installer-v2.2.3.tgz -C /opt/
#2.查看harbor程序文件
[root@jindada /data/software]$ cd /opt/harbor/
[root@jindada /opt/harbor]$ ll
total 502856
-rw-r--r-- 1 root root 3361 Jul 5 13:39 common.sh
-rw-r--r-- 1 root root 514891405 Jul 5 13:40 harbor.v2.2.3.tar.gz
-rw-r--r-- 1 root root 7840 Jul 5 13:39 harbor.yml.tmpl
-rwxr-xr-x 1 root root 2500 Jul 5 13:39 install.sh
-rw-r--r-- 1 root root 11347 Jul 5 13:39 LICENSE
-rwxr-xr-x 1 root root 1881 Jul 5 13:39 prepare
#3.拷贝harbor配置文件
[root@jindada /opt/harbor]$ cp harbor.yml.tmpl harbor.yml
三、下载Docker-Compose
#1.docker-compose官网下载地址
compose 官网下载:https://github.com/docker/compose/
#2.下载docker-compose
[root@jindada /opt/harbor]$ curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 633 100 633 0 0 736 0 --:--:-- --:--:-- --:--:-- 736
100 12.1M 100 12.1M 0 0 2466k 0 0:00:05 0:00:05 --:--:-- 4242k
#3.添加执行权限
[root@jindada /opt/harbor]$ chmod +x /usr/local/bin/docker-compose
#4.验证docker-conpose服务
[root@jindada /opt/harbor]$ docker-compose -v
docker-compose version 1.29.2, build 5becea4c
四、修改Harbor配置文件
#1.修改文件以下内容
[root@jindada /opt/harbor]$ vim harbor.yml
hostname: jinhuino1.cn
certificate: /etc/ssl/private/4913471_www.jinhuino1.cn.pem
private_key: /etc/ssl/private/4913471_www.jinhuino1.cn.key
五、上传SSL证书
#1.新建证书存放目录
[root@jindada /opt/harbor]$ mkdir -p /etc/ssl/private/
#2.上传ssl证书
[root@jindada /opt/harbor]$ cd /etc/ssl/private/
[root@jindada /etc/ssl/private]$ rz
#3.查看证书
[root@jindada /etc/ssl/private]$ ll
总用量 4
-rw-r--r-- 1 root root 4081 7月 15 17:02 4913471_www.jinhuino1.cn_nginx.zip
#4.解压证书
[root@jindada /etc/ssl/private]$ unzip 4913471_www.jinhuino1.cn_nginx.zip
Archive: 4913471_www.jinhuino1.cn_nginx.zip
Aliyun Certificate Download
inflating: 4913471_www.jinhuino1.cn.pem
inflating: 4913471_www.jinhuino1.cn.key
六、安装Harbor
#1.生成配置文件
[root@jindada /opt/harbor]$ ./prepare
#2.清空相关容器
[root@jindada /opt/harbor]$ docker-compose down
#3.安装并启动harbor
[root@jindada /opt/harbor]$ ./install.sh
... ....
Creating harbor-portal ... done
Creating harbor-db ... done
Creating redis ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
七、测试登录
# 测试登录
[root@jindada /opt/harbor]$ docker login www.jinhuino1.cn --username=admin --password=Harbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
