|NO.Z.00046|——————————|^^ 配置 ^^|——|CI/CD&Jenkins_Harbor部署.V03|——|配置_harbor.v2.0.0.V02|

一、CI/CD.Harbor部署
### --- Harbor上传镜像测试
~~~     操作主机

centos7.x 10.10.10.12 192.168.1.12jenkins
二、部署docker
### --- 安装docker依赖工具

[root@jenkins ~]# yum install -y yum-utils device-mapper-persitent-data lvm2 git
### --- 安装docker扩展源

[root@jenkins ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
~~~     # OR
[root@jenkins ~]# yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
~~~     查看可以选择的docker版本

[root@jenkins ~]# yum list docker-ce --showduplicates|sort -r   
### --- 安装docker
[root@jenkins ~]# yum install -y docker-ce-17.06.0.ce-1.el7.centos.x86_64
 
### --- 启动docker
[root@jenkins ~]# systemctl start docker
### --- 查看docker版本

[root@jenkins ~]# docker -v
Docker version 17.06.0-ce, build 02c1d87
三、harbor私有仓库测试:登入harbor仓库
### --- 登录harbor服务器
~~~     登入harbor服务器
~~~     作为私有仓库的客户端默认情况下使用的是https;需要把daemon.json文件修改一下。 

[root@jenkins ~]# docker login 10.10.10.11:80   
Username: yanqi
Password: Harbor12345
Error response from daemon: Get https://10.10.10.11:80/v2/: http: server gave HTTP response to HTTPS client
### --- 配置harbor地址
[root@jenkins ~]# vim /etc/docker/daemon.json
 { "insecure-registries":["10.10.10.11:80"] }       
 
### --- 重启docker
[root@jenkins ~]# systemctl restart docker                          
### --- 重新登录harbor

[root@jenkins ~]# docker login 10.10.10.11:80                           
Username: yanqi
Password: Harbor12345
Login Succeeded
四、pull和push镜像
### --- pull.nginx镜像到本地

[root@jenkins ~]# docker pull nginx
[root@jenkins ~]# docker images
REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
nginx               latest              7ce4f91ef623        4 hours ago         133MB
### --- 为镜像重新打上tag:为镜像打包标签tag

[root@jenkins ~]# docker tag nginx 10.10.10.11:80/jenkins/nginx:v0  
### --- push到harbor仓库中:将打包标签的镜像上传到私有仓库中

[root@jenkins ~]# docker push 10.10.10.11:80/jenkins/nginx:v0               
The push refers to a repository [10.10.10.11:80/jenkins/nginx]
1914a564711c: Pushed 
db765d5bf9f8: Pushed 
903ae422d007: Pushed 
66f88fdd699b: Pushed 
2ba086d0a00c: Pushed 
346fddbbb0ff: Pushed 
v0: digest: sha256:c137f6c852bfdf74694fe20693bb11e61b51e0b8c50d17dff881f2db05e65de9 size: 1570
五、在web界面中查看镜像是否被上传到仓库中
六、删除手动创建的镜像
### --- 删除手动创建的镜像

[root@jenkins ~]# docker images
10.10.10.11:80/jenkins/nginx   v0                  7ce4f91ef623        4 hours ago         133MB
[root@jenkins ~]# docker rmi 10.10.10.11:80/jenkins/nginx:v0
### --- 重新拉取上传的镜像

[root@jenkins ~]# docker pull 10.10.10.11:80/jenkins/nginx@sha256:c137f6c852bfdf74694fe20693bb11e61b51e0b8c50d17dff881f2db05e65de9
sha256:c137f6c852bfdf74694fe20693bb11e61b51e0b8c50d17dff881f2db05e65de9: Pulling from jenkins/nginx
Digest: sha256:c137f6c852bfdf74694fe20693bb11e61b51e0b8c50d17dff881f2db05e65de9
Status: Image is up to date for 10.10.10.11:80/jenkins/nginx@sha256:c137f6c852bfdf74694fe20693bb11e61b51e0b8c50d17dff881f2db05e65de9
### --- 查看镜像

[root@jenkins ~]# docker images -a
REPOSITORY                     TAG                 IMAGE ID            CREATED             SIZE
nginx                          latest              7ce4f91ef623        4 hours ago         133MB
10.10.10.11:80/jenkins/nginx   <none>              7ce4f91ef623        4 hours ago         133MB
七、Harbor重启
### --- Harbor重启

[root@harbor ~]# cd harbor/
[root@harbor harbor]# docker-compose down
[root@harbor harbor]# vim harbor.yml
[root@harbor harbor]# ./prepare
[root@harbor harbor]# docker-compose up -d
八、重置Harbor登录密码
### --- Harbor信息说明

~~~     harbor现使用postgresql 数据库。不再支持mysql
~~~     卸载重新重新安装也不可以,原因是没有删除harbor的数据,
~~~     harbor数据在/data/目录下边,如果真要重新安装需要将这个也删除,
~~~     备份或者迁移,请使用这个目录的数据。
~~~     harbor版本为:1.8.0
~~~     官方的安装包为: harbor-offline-installer-v1.8.0.tgz
### --- 进入harbor容器内部
~~~     进入[harbor-db]容器内部

[root@harbor ~]# docker exec -it harbor-db /bin/bash
postgres [ / ]$
### --- 进入postgresql命令行,

postgres [ / ]$  psql -h postgresql -d postgres -U postgres         // 这要输入默认密码:root123
Password for user postgres: root123  
postgres [ / ]$  psql -U postgres -d postgres -h 127.0.0.1 -p 5432  // 或者用这个可以不输入密码。
psql (9.6.14)
Type "help" for help
### --- 切换到harbor所在的数据库

postgres=# \c registry
You are now connected to database "registry" as user "postgres".
### --- 查看harbor_user表

registry=# select * from harbor_user;
 user_id | username  |       email        |             password             |    realname    |    comment     | deleted | reset_uuid |               salt               | sysadmin_
flag |       creation_time        |        update_time         | password_version 
---------+-----------+--------------------+----------------------------------+----------------+----------------+---------+------------+----------------------------------+----------
-----+----------------------------+----------------------------+------------------
       2 | anonymous |                    |                                  | anonymous user | anonymous user | t       |            |                                  | f        | 2021-03-31 08:22:54.937769 | 2021-03-31 08:22:55.189956 | sha1
       1 | admin     |                    | 5705da1ab03816503271011bb6a80ce9 | system admin   | admin user     | f       |            | u4ymc25ssuvgupbivm9kdhijx4t2xl3r | t        | 2021-03-31 08:22:54.937769 | 2021-03-31 08:22:55.327036 | sha256
       3 | yanqi     | yanqi_vip@yeah.net | 54302f28a2504ff2dcff03e8fc6be519 | yanqi          | yanqi          | f       |            | 8nyocqzplw0nys70hpwxx9w44dmp3l3s | t        | 2021-03-31 08:35:43        | 2021-03-31 08:37:06.60932  | sha256
(3 rows)
### --- 例如修改admin的密码,修改为初始化密码Harbor12345 ,
~~~     修改好了之后再可以从web ui上再改一次。

registry=#  update harbor_user set password='5705da1ab03816503271011bb6a80ce9', salt='u4ymc25ssuvgupbivm9kdhijx4t2xl3r'  where username='admin';
UPDATE 1
### --- 退出 \q 退出postgresql,exit退出容器。
~~~     完成后通过WEB UI,就可以使用admin 、Harbor12345 这个密码登录了,
~~~     记得修改这个默认密码哦,避免安全问题。
~~~     有更加狠点的招数,将admin账户改成别的名字,减少被攻击面:

registry=# \q
postgres [ / ]$ exit
### --- 更改admin用户名为yanqi    :超级管理员用户      

registry=# update harbor_user set username='yanqi' where user_id=1;
九、Dockerfile配置文件
### --- 创建dockerfile配置文件
~~~     在 centos7.x 10.10.10.12 jenkins服务器中配置

[root@jenkins ~]# mkdir -p /root/jenkins/docker-file/maven-docker-test_war
### --- 编辑Dockerfile配置文件

[root@jenkins ~]# vim /root/jenkins/docker-file/maven-docker-test_war/Dockerfile
# Version 1.0
# Base images.
FROM tomcat:8.0.36-alpine

# Author.
MAINTAINER yanqi <yanqi_vip@yeah.net>

# Add war.
ADD maven-docker-test.war /usr/local/tomcat/webapps/

# Define working directory.
WORKDIR /usr/local/tomcat/bin/

# Define environment variables.
ENV PATH /usr/local/tomcat/bin:$PATH

# Define default command.
CMD ["catalina.sh", "run"]

# Expose ports.
EXPOSE 8080
十、Harbor权限相关:harbor仓库的权限得配置一下,不然curl命令访问不到
 
 
 
 
 
 
 
 
 
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart
                                                                                                                                                   ——W.S.Landor
 

 

posted on   yanqi_vip  阅读(40)  评论(0编辑  收藏  举报

相关博文:
· |NO.Z.00045|——————————|^^ 部署 ^^|——|CI/CD&Jenkins_Harbor部署.V02|——|部署_harbor.v2.0.0.V01|
· |NO.Z.00012|——————————|^^^^ 操作 ^^^^|——|Cloud&Docker镜像.V04|——|Harbor企业级Docker私有仓库|
· Harbor仓库搭建及简单使用
· harbor安装
· Docker基础知识 (5) - 搭建 Harbor 仓库
阅读排行:
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· DeepSeek 开源周回顾「GitHub 热点速览」
< 2025年3月 >
23 24 25 26 27 28 1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31 1 2 3 4 5

导航

统计

点击右上角即可分享
微信分享提示