Docker搭建私有仓库Harbor
一、harbor介绍
Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器。
由下面几个组件组成:
proxy:nginx前端代理,主要是分发前端页面ui访问和镜像上传和下载流量
registry:镜像仓库,负责存储镜像文件
核心服务:提供web ui,数据库,token认证,webhook等功能
日志服务
database:用来存储核心服务的一些数据
因为是vmware出品的,所以支持下面几种部署方式
在线安装
离线安装
ova安装,这个直接在vcenter上导入就可以了
官方最小配置
2个cpu
4g内存
40g硬盘,因为是存储镜像的所以推荐硬盘大点
二、搭建过程
Install Docker CE
root@localhost:~# apt-get updateroot@localhost:~# apt-get install apt-transport-https ca-certificates software-properties-common curlroot@localhost:~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg |sudo apt-key add -root@localhost:~# apt-key fingerprint 0EBFCD88root@localhost:~# add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"root@localhost:~# apt-get updateroot@localhost:~# apt-get install docker-ce
Install Docker-compose
root@localhost:~# curl -L "https://github.com/docker/compose/releases/download/1.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-composeroot@localhost:~# chmod +x /usr/local/bin/docker-compose#查看版本root@localhost:~# docker --versionDocker version 18.09.0, build 4d60db4root@localhost:~# docker-compose --versiondocker-compose version 1.22.0, build f46880fe
Install harbor
root@localhost:~# wget https://storage.googleapis.com/harbor-releases/release-1.6.0/harbor-offline-installer-v1.6.0.tgzroot@localhost:~# tar -zxvf harbor-offline-installer-v1.6.0.tgz#编辑配置文件root@localhost:~# cd harbor/root@localhost:~/harbor# vim harbor.cfghostname = 114.112.34.27project_creation_restriction = adminonly#Python环境root@localhost:~/harbor# apt-get install pythonroot@localhost:~/harbor# export LC_ALL=Croot@localhost:~/harbor# ln -s /usr/bin/python3 /usr/bin/python#安装服务root@localhost:~/harbor# ./install.sh看到以下内容,说明安装成功:
启动服务:root@localhost:~/harbor# docker-compose startStarting log ... doneStarting registry ... doneStarting postgresql ... doneStarting adminserver ... doneStarting ui ... doneStarting redis ... doneStarting jobservice ... doneStarting proxy ... doneroot@localhost:~/harbor# docker-compose psName Command State Ports-------------------------------------------------------------------------------------------------------------------------------------harbor-adminserver /harbor/start.sh Up (healthy)harbor-db /entrypoint.sh postgres Up (healthy) 5432/tcpharbor-jobservice /harbor/start.sh Upharbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcpharbor-ui /harbor/start.sh Up (healthy)nginx nginx -g daemon off; Up (healthy) 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcpredis docker-entrypoint.sh redis ... Up 6379/tcpregistry /entrypoint.sh /etc/regist ... Up (healthy) 5000/t配置HTTPS##如果不做HTTPS,只需将hostname设置为IP,protocol改为HTTP即可,也不必生成CAroot@localhost:~/harbor# vi harbor.cfg
#创建目录root@localhost:~/harbor# mkdir -p /data/cert/#生成ca证书和签名root@localhost:~/harbor# openssl genrsa -out /data/cert/ca.key 2048root@localhost:~/harbor# openssl req -x509 -new -nodes -key /data/cert/ca.key -subj "/CN=test.harbor.com" -days 5000 -out /data/cert/ca.crt#启动服务root@localhost:~/harbor# ./prepareroot@localhost:~/harbor# docker-compose downroot@localhost:~/harbor# docker-compose up -d
测试
| 1 2 3 4 5 6 |
|
登录成功后会看到如下页面:
添加项目:
进入此项目,可以看到推送镜像的命令:
删除项目:
确认项目不再使用时,选中项目,点击删除
点击删除:
在服务器进行测试
修改本地Docker默认仓库,指向Harbor
root@localhost:/data/cert# cp ca.crt /usr/local/share/ca-certificates/root@localhost:/data/cert# update-ca-certificates#修改docker配置文件,指向Harborroot@localhost:~/harbor# vi /etc/default/docker#添加一行内容DOCKER_OPTS="--insecure-registry=test.harbor.com"#重启docker服务root@localhost:~# service docker restart
| 1 |
|
#将本地镜像打一个tagroot@localhost:~# docker tag ubuntu:16.04 test.harbor.com/paas/ubuntu:v1.0#推送到Harbor上root@localhost:~/harbor# docker push test.harbor.com/paas/ubuntu:v1.0
| 1 |
|
root@localhost:~/harbor# docker pull test.harbor.com/paas/ubuntu:v1.0v1.0: Pulling from paas/ubuntuDigest: sha256:078d30763ae6697b7d55e49f4cb9e61407abd2137cafb5625f131aa47c1a47afStatus: Downloaded newer image for test.harbor.com/paas/ubuntu:v1.0
转发:https://www.cnblogs.com/zhaomeng/p/10115115.html
青旅半醒
深藏阁楼爱情的钟
还没有评论,来说两句吧...