创建基于harbor的docker仓库
1.升级系统并重启
yum update -y && reboot
# 安装docker最新版
yum install -y yum-utils
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce
网络环境的配置(docker,yum和/etc/profile)
/etc/yum.conf
proxy=http://10.11.0.148:808
/etc/profile
export ftp_proxy=http://10.11.0.148:808
export socks_proxy="socks://10.11.0.148:808/"
export http_proxy=http://10.11.0.148:808
export https_proxy=https://10.11.0.148:808
# 添加docker下载软件的代理
mkdir /etc/systemd/system/docker.service.d
vim /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://10.11.0.148:808"
# 设置统一时间
timedatectl set-ntp no
timedatectl set-time '2020-08-05 11:58:08'
# docker基础配置
mkdir /data/docker
10.11.0.208
[root@server03 ~]# cat /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com","quay.io","harbor.chinasoft.com"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com"],
"bip": "172.7.208.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true
}
10.11.0.209
[root@server04 ~]# cat /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com","quay.io","harbor.chinasoft.com"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com"],
"bip": "172.7.209.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true
}
10.11.0.210
[root@server05 ~]# cat /etc/docker/daemon.json
{
"graph": "/data/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com","quay.io","harbor.chinasoft.com"],
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com"],
"bip": "172.7.210.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore": true
}
镜像存储的地方也可以这么配置
# more /etc/docker/daemon.json
{
"data-root": "/data/docker",
"log-driver": "json-file",
"log-opts": {"max-size": "100m", "max-file": "3"}
}
私有镜像仓库部署
https://github.com/goharbor/harbor/releases/v1.8.3
wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.3.tgz
tar xf harbor-offline-installer-v1.8.3.tgz -C /usr/local/
cd /usr/local/
mv harbor harbor-v1.8.3
# 生成软连接,方便升级
ln -s harbor-v1.8.3 harbor
配置
安装依赖
# yum install docker-compose -y
修改配置
# vim /usr/local/harbor/harbor.yml
hostname: harbor.chinasoft.com
http:
port: 180
harbor_admin_password: harbor123456
database:
password: root123
data_volume: /data/harbor
log:
location: /data/harbor/log
_version: 1.8.0
执行安装
# ./install.sh
安装nginx作为harbor的前端反向代理
# yum install -y nginx
[root@server05 ~]# cat /etc/nginx/conf.d/harbor.chinasoft.com.conf
server {
listen 80;
server_name harbor.chinasoft.com;
client_max_body_size 1000m;
location / {
proxy_pass http://127.0.0.1:180;
}
}
# 启动nginx
[root@server05 ~]# systemctl start nginx
[root@server05 ~]# systemctl enable nginx
# 添加内部dns解析server01:10.11.0.206
注意修改serial
[root@server01 ~]# vim /var/named/chinasoft.com.zone
登录admin/harbor123456
# 下载nginx镜像,并且打上标签,推送到我们的私有仓库中
[root@server05 ~]# docker pull nginx
[root@server05 ~]# docker tag 4bb46517cac3 harbor.chinasoft.com/public/nginx:v1.7.9
[root@server05 ~]# docker login harbor.chinasoft.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@server05 ~]# docker push harbor.chinasoft.com/public/nginx:v1.7.9