docker-仓库(二)--harbor的搭建
1.harbor的搭建
docker 官方提供的私有仓库 registry,用起来虽然简单 ,但在管理的功能上存在不足。 Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器,harbor使用的是官方的docker registry(v2命名是distribution)服务去完成。harbor在docker distribution的基础上增加了一些安全、访问控制、管理的功能以满足企业对于镜像仓库的需求。
2.harbor下载
2.1 官方地址(速度慢)
https://github.com/goharbor/harbor/releases
2.2 国内代理地址(速度快)
wget https://ghproxy.com/https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz
下载完毕得到 harbor.v2.5.3.tar.gz包
3.解压harbor包
[root@VM-4-13-centos harbor]# tar -zxvf harbor-offline-installer-v2.5.3.tgz harbor/harbor.v2.5.3.tar.gz harbor/prepare harbor/LICENSE harbor/install.sh harbor/common.sh harbor/harbor.yml.tmpl
3.1 配置文件修改
cp harbor.yml.tmpl harbor.yml
在harbor.yml中修改hostname为本机IP
hostname: 43.143.98.52
同时将https相关内容注释,不注释的话,在执行install.sh脚本时,会报ERROR:root:Error: The protocol is https but attribute ssl_cert is not set
#设置secretkey_path 的路径为 当前目录的data下
secretkey_path = ./data
4. 安装docker-compose
4.1 下载docker-compose
[root@VM-4-13-centos bin]# curl -L https://github.com/docker/compose/releases/download/1.21.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 100 10.3M 100 10.3M 0 0 340k 0 0:00:31 0:00:31 --:--:-- 1060k
给docker-compose添加执行权限
chmod +x /usr/local/bin/docker-compose
查看docker-compose版本
[root@VM-4-13-centos bin]# docker-compose --version docker-compose version 1.21.1, build 5a3f1a3
5.安装harbor
直接执行install.sh
[root@VM-4-13-centos harbor]# ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 18.09.6 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.21.1 [Step 2]: loading Harbor images ... Loaded image: goharbor/harbor-portal:v2.5.3 Loaded image: goharbor/harbor-core:v2.5.3 Loaded image: goharbor/redis-photon:v2.5.3 Loaded image: goharbor/prepare:v2.5.3 Loaded image: goharbor/harbor-db:v2.5.3 Loaded image: goharbor/chartmuseum-photon:v2.5.3 Loaded image: goharbor/harbor-jobservice:v2.5.3 Loaded image: goharbor/harbor-registryctl:v2.5.3 Loaded image: goharbor/nginx-photon:v2.5.3 Loaded image: goharbor/notary-signer-photon:v2.5.3 Loaded image: goharbor/harbor-log:v2.5.3 Loaded image: goharbor/harbor-exporter:v2.5.3 Loaded image: goharbor/registry-photon:v2.5.3 Loaded image: goharbor/notary-server-photon:v2.5.3 Loaded image: goharbor/trivy-adapter-photon:v2.5.3 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ... prepare base dir is set to /home/harbor/harbor WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https Generated configuration file: /config/portal/nginx.conf Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/registryctl/config.yml Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml Generated and saved secret to file: /data/secret/keys/secretkey Successfully called func: create_root_cert Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir [Step 5]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating registryctl ... done Creating redis ... done Creating registry ... done Creating harbor-portal ... done Creating harbor-db ... done Creating harbor-core ... done Creating harbor-jobservice ... done Creating nginx ... done ✔ ----Harbor has been installed and started successfully.----
6.访问验证
直接在浏览器访问服务器IP http://43.143.98.52/ 进行验证
