Docker笔记之企业级仓库harbor搭建 | 二丫讲梵

本站和网页 https://wiki.eryajf.net/pages/2314.html#_2-%E5%AE%89%E8%A3%85-docker-compose%E3%80%82 的作者无关,不对其内容负责。快照谨为网络故障时之索引,不代表被搜索网站的即时页面。

Docker笔记之企业级仓库harbor搭建 | 二丫讲梵
二丫讲梵 首页运维 运维 最佳实践 迎刃而解 Nginx Php Zabbix Prometheus Grafana CentOS Systemd Docker Rancker Ansible Ldap Gitlab GitHub Etcd Consul RabbitMQ Kafka MySql MongoDB OpenVPN KVM VMware Other专题 专题 ELK K8S Nexus Jenkins生活 生活 随写编年 家人物语 追忆青春 父亲的朋友圈 电影音乐 效率工具 博客相关编程 编程 Shell 前端实践 Vue学习笔记 Golang学习笔记 Golang编程技巧周刊 周刊 学习周刊 Obsidian插件周刊关于友链推广页面 页面 本站索引 分类标签归档本站页面 导航打赏我的工具
备忘录清单
(opens new window)
网站状态
(opens new window)
json2go
(opens new window)
微信MD编辑
(opens new window)
国内镜像
(opens new window)
出口IP查询
(opens new window)
代码高亮工具
(opens new window)外站页面
开往
(opens new window)
ldapdoc
(opens new window)
HowToStartOpenSource
(opens new window)
vdoing-template
(opens new window)
GitHub
(opens new window) 二丫讲梵 行者常至,为者常成 首页运维 运维 最佳实践 迎刃而解 Nginx Php Zabbix Prometheus Grafana CentOS Systemd Docker Rancker Ansible Ldap Gitlab GitHub Etcd Consul RabbitMQ Kafka MySql MongoDB OpenVPN KVM VMware Other专题 专题 ELK K8S Nexus Jenkins生活 生活 随写编年 家人物语 追忆青春 父亲的朋友圈 电影音乐 效率工具 博客相关编程 编程 Shell 前端实践 Vue学习笔记 Golang学习笔记 Golang编程技巧周刊 周刊 学习周刊 Obsidian插件周刊关于友链推广页面 页面 本站索引 分类标签归档本站页面 导航打赏我的工具
备忘录清单
(opens new window)
网站状态
(opens new window)
json2go
(opens new window)
微信MD编辑
(opens new window)
国内镜像
(opens new window)
出口IP查询
(opens new window)
代码高亮工具
(opens new window)外站页面
开往
(opens new window)
ldapdoc
(opens new window)
HowToStartOpenSource
(opens new window)
vdoing-template
(opens new window)
GitHub
(opens new window) 最佳实践 迎刃而解 Nginx Php Zabbix Prometheus Grafana CentOS Supervisord Systemd Docker docker的几种安装方式docker配置加速器的几种方案docker搭建官方版私有仓库(了解)Docker笔记之企业级仓库harbor搭建1,简单介绍。2,主要组件。3,安装。1,安装 docker。2,安装 docker-compose。3,安装 harbor。4,客户端验证。1,安装 docker。3,验证拉取镜像。认识了解Dockerfile利用Dockerfile创建一些基础镜像Docker笔记之与镜像相关的命令整理从docker容器时间问题探究到Namespace问题Docker笔记之制作kafka镜像Docker笔记之制作lnmp镜像Docker笔记之使用apline镜像Docker笔记之修改默认数据存储目录Docker笔记之修改默认网段docker磁盘或者镜像清理相关内容centos镜像添加chrome浏览器以及中文字体利用buildx构建支持多CPU架构平台的docker镜像docker exec命令中含有通配符执行失败的问题Docker 调试构建失败的 Dockerfile 的方法Docker-Compose Rancher Ansible OpenLdap GitLab GitHub Etcd Consul RabbitMQ Kafka Mysql MongoDB OpenVPN Kvm VMware 配置文件详解 Other 运维观止Docker 二丫讲梵 2018-12-27 目录 Docker笔记之企业级仓库harbor搭建
这篇文章的发布时间较早,其中的内容可能已经过时,阅读时请注意甄别。
# 1,简单介绍。 Harbor,是一个英文单词,意思是港湾,港湾是干什么的呢,就是停放货物的,而货物呢,是装在集装箱中的,说到集装箱,就不得不提到 Docker 容器,因为 docker 容器的技术正是借鉴了集装箱的原理。所以,Harbor 正是一个用于存储 Docker 镜像的企业级 Registry 服务。 Harbor 是 Vmvare 中国团队开发的开源 registry 仓库,相比 docker 官方拥有更丰富的权限权利和完善的架构设计,适用大规模 docker 集群部署提供仓库服务。 # 2,主要组件。 Proxy:Harbor 的 registry, UI, token 等服务,通过一个前置的反向代理统一接收浏览器、Docker 客户端的请求,并将请求转发给后端不同的服务。 Registry: 负责储存 Docker 镜像,并处理 docker push/pull 命令。由于我们要对用户进行访问控制,即不同用户对 Docker image 有不同的读写权限,Registry 会指向一个 token 服务,强制用户的每次 docker pull/push 请求都要携带一个合法的 token, Registry 会通过公钥对 token 进行解密验证。 Core services: 这是 Harbor 的核心功能,主要提供以下服务: 1,UI:提供图形化界面,帮助用户管理 registry 上的镜像(image), 并对用户进行授权。
2,webhook:为了及时获取 registry 上 image 状态变化的情况, 在 Registry 上配置 webhook,把状态变化传递给 UI 模块。
3,token 服务:负责根据用户权限给每个 docker push/pull 命令签发 token. Docker 客户端向 Regiøstry 服务发起的请求, 如果不包含 token,会被重定向到这里,获得 token 后再重新向 Registry 进行请求。 Database:为 core services 提供数据库服务,负责储存用户权限、审计日志、Docker image 分组信息等数据。 Log collector:为了帮助监控 Harbor 运行,负责收集其他组件的 log,供日后进行分析。 有架构图如下: 运行环境 (opens new window) CentOS:7.3 docker-ce:17.12.1 docker-compose:version-1.18.0 harbor-offline:v1.5.1 # 3,安装。 # 1,安装 docker。 wget http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo && mv docker-ce.repo /etc/yum.repos.d
yum -y install docker-ce-17.12.1.ce-1.el7.centos
12启动服务。 systemctl enable docker
systemctl start docker
systemctl status docker
123# 2,安装 docker-compose。 源码地址:https://github.com/docker/compose/releases 下载指定版本。 curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
1添加执行权限。 chmod +x /usr/local/bin/docker-compose
1验证一下。 $docker-compose --version
输出:
docker-compose version 1.18.0, build 8dd22a9
1234# 3,安装 harbor。 源码地址:https://github.com/goharbor/harbor/releases 项目分有在线版,以及离线版,这里介绍离线版的安装。 下载安装包。 wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.1.tgz
1或许用迅雷下载,速度更佳。 解压安装包。 $tar xf harbor-offline-installer-v1.5.1.tgz
$ls harbor
common docker-compose.clair.yml docker-compose.notary.yml docker-compose.yml ha harbor.cfg harbor.v1.5.1.tar.gz install.sh LICENSE NOTICE prepare
123更改配置。 $vim harbor.cfg
将hostname更改为本机ip即可。
hostname = 192.168.111.5
1234其他的配置保持默认即可,还有一些常用配置,如果需要,可以自行按需修改。 执行安装。 $bash install.sh
[Step 0]: checking installation environment ...
Note: docker version: 17.12.1
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
52ef9064d2e4: Loading layer [==================================================>] 135.9MB/135.9MB
4a6862dbadda: Loading layer [==================================================>] 23.25MB/23.25MB
58b7d0c522b2: Loading layer [==================================================>] 24.4MB/24.4MB
9cd4bb748634: Loading layer [==================================================>] 7.168kB/7.168kB
c81302a14908: Loading layer [==================================================>] 10.56MB/10.56MB
7848e9ba72a3: Loading layer [==================================================>] 24.39MB/24.39MB
Loaded image: vmware/harbor-ui:v1.5.1
f1691b5a5198: Loading layer [==================================================>] 73.15MB/73.15MB
a529013c99e4: Loading layer [==================================================>] 3.584kB/3.584kB
d9b4853cff8b: Loading layer [==================================================>] 3.072kB/3.072kB
3d305073979e: Loading layer [==================================================>] 4.096kB/4.096kB
c9e17074f54a: Loading layer [==================================================>] 3.584kB/3.584kB
956055840e30: Loading layer [==================================================>] 9.728kB/9.728kB
Loaded image: vmware/harbor-log:v1.5.1
185db06a02d0: Loading layer [==================================================>] 23.25MB/23.25MB
835213979c70: Loading layer [==================================================>] 20.9MB/20.9MB
f74eeb41c1c9: Loading layer [==================================================>] 20.9MB/20.9MB
Loaded image: vmware/harbor-jobservice:v1.5.1
9bd5c7468774: Loading layer [==================================================>] 23.25MB/23.25MB
5fa6889b9a6d: Loading layer [==================================================>] 2.56kB/2.56kB
bd3ac235b209: Loading layer [==================================================>] 2.56kB/2.56kB
cb5d493833cc: Loading layer [==================================================>] 2.048kB/2.048kB
557669a074de: Loading layer [==================================================>] 22.8MB/22.8MB
f02b4f30a9ac: Loading layer [==================================================>] 22.8MB/22.8MB
Loaded image: vmware/registry-photon:v2.6.2-v1.5.1
5d3b562db23e: Loading layer [==================================================>] 23.25MB/23.25MB
8edca1b0e3b0: Loading layer [==================================================>] 12.16MB/12.16MB
ce5f11ea46c0: Loading layer [==================================================>] 17.3MB/17.3MB
93750d7ec363: Loading layer [==================================================>] 15.87kB/15.87kB
36f81937e80d: Loading layer [==================================================>] 3.072kB/3.072kB
37e5df92b624: Loading layer [==================================================>] 29.46MB/29.46MB
Loaded image: vmware/notary-server-photon:v0.5.1-v1.5.1
0a2f8f90bd3a: Loading layer [==================================================>] 401.3MB/401.3MB
41fca4deb6bf: Loading layer [==================================================>] 9.216kB/9.216kB
f2e28262e760: Loading layer [==================================================>] 9.216kB/9.216kB
68677196e356: Loading layer [==================================================>] 7.68kB/7.68kB
2b006714574e: Loading layer [==================================================>] 1.536kB/1.536kB
Loaded image: vmware/mariadb-photon:v1.5.1
a8c4992c632e: Loading layer [==================================================>] 156.3MB/156.3MB
0f37bf842677: Loading layer [==================================================>] 10.75MB/10.75MB
9f34c0cd38bf: Loading layer [==================================================>] 2.048kB/2.048kB
91ca17ca7e16: Loading layer [==================================================>] 48.13kB/48.13kB
5a7e0da65127: Loading layer [==================================================>] 10.8MB/10.8MB
Loaded image: vmware/clair-photon:v2.0.1-v1.5.1
0e782fe069e7: Loading layer [==================================================>] 23.25MB/23.25MB
67fc1e2f7009: Loading layer [==================================================>] 15.36MB/15.36MB
8db2141aa82c: Loading layer [==================================================>] 15.36MB/15.36MB
Loaded image: vmware/harbor-adminserver:v1.5.1
3f87a34f553c: Loading layer [==================================================>] 4.772MB/4.772MB
Loaded image: vmware/nginx-photon:v1.5.1
Loaded image: vmware/photon:1.0
ad58f3ddcb1b: Loading layer [==================================================>] 10.95MB/10.95MB
9b50f12509bf: Loading layer [==================================================>] 17.3MB/17.3MB
2c21090fd212: Loading layer [==================================================>] 15.87kB/15.87kB
38bec864f23e: Loading layer [==================================================>] 3.072kB/3.072kB
6e81ea7b0fa6: Loading layer [==================================================>] 28.24MB/28.24MB
Loaded image: vmware/notary-signer-photon:v0.5.1-v1.5.1
897a26fa09cb: Loading layer [==================================================>] 95.02MB/95.02MB
16e3a10a21ba: Loading layer [==================================================>] 6.656kB/6.656kB
85ecac164331: Loading layer [==================================================>] 2.048kB/2.048kB
37a2fb188706: Loading layer [==================================================>] 7.68kB/7.68kB
Loaded image: vmware/postgresql-photon:v1.5.1
bed9f52be1d1: Loading layer [==================================================>] 11.78kB/11.78kB
d731f2986f6e: Loading layer [==================================================>] 2.56kB/2.56kB
c3fde9a69f96: Loading layer [==================================================>] 3.072kB/3.072kB
Loaded image: vmware/harbor-db:v1.5.1
7844feb13ef3: Loading layer [==================================================>] 78.68MB/78.68MB
de0fd8aae388: Loading layer [==================================================>] 3.072kB/3.072kB
3f79efb720fd: Loading layer [==================================================>] 59.9kB/59.9kB
1c02f801c2e8: Loading layer [==================================================>] 61.95kB/61.95kB
Loaded image: vmware/redis-photon:v1.5.1
454c81edbd3b: Loading layer [==================================================>] 135.2MB/135.2MB
e99db1275091: Loading layer [==================================================>] 395.4MB/395.4MB
051e4ee23882: Loading layer [==================================================>] 9.216kB/9.216kB
6cca4437b6f6: Loading layer [==================================================>] 9.216kB/9.216kB
1d48fc08c8bc: Loading layer [==================================================>] 7.68kB/7.68kB
0419724fd942: Loading layer [==================================================>] 1.536kB/1.536kB
543c0c1ee18d: Loading layer [==================================================>] 655.2MB/655.2MB
4190aa7e89b8: Loading layer [==================================================>] 103.9kB/103.9kB
Loaded image: vmware/harbor-migrator:v1.5.0
[Step 2]: preparing environment ...
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
Creating harbor-log ... done
[Step 3]: checking existing instance of Harbor ...
Creating harbor-adminserver ... done
Creating harbor-ui ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-adminserver ...
Creating registry ...
Creating harbor-db ...
Creating redis ...
Creating harbor-ui ...
Creating nginx ...
Creating harbor-jobservice ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://192.168.111.5.
For more details, please visit https://github.com/vmware/harbor .
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125看到这些输出,说明安装已经完成。 查看一下服务: $docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
55a0c9372840 vmware/harbor-jobservice:v1.5.1 "/harbor/start.sh" About an hour ago Up About an hour harbor-jobservice
50bd7c7a0a85 vmware/nginx-photon:v1.5.1 "nginx -g 'daemon of…" About an hour ago Up About an hour (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
b683e14ba917 vmware/harbor-ui:v1.5.1 "/harbor/start.sh" About an hour ago Up About an hour (healthy) harbor-ui
a397a6785014 vmware/redis-photon:v1.5.1 "docker-entrypoint.s…" About an hour ago Up About an hour 6379/tcp redis
832f201f3c8d vmware/harbor-adminserver:v1.5.1 "/harbor/start.sh" About an hour ago Up About an hour (healthy) harbor-adminserver
a0eacf22bfec vmware/harbor-db:v1.5.1 "/usr/local/bin/dock…" About an hour ago Up About an hour (healthy) 3306/tcp harbor-db
1c2cf0565a97 vmware/registry-photon:v2.6.2-v1.5.1 "/entrypoint.sh serv…" About an hour ago Up About an hour (healthy) 5000/tcp registry
7ec39f149caa vmware/harbor-log:v1.5.1 "/bin/sh -c /usr/loc…" About an hour ago Up About an hour (healthy) 127.0.0.1:1514->10514/tcp harbor-log
12345678910有哪些: $docker-compose ps
Name Command State Ports
------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver /harbor/start.sh Up
harbor-db /usr/local/bin/docker-entr ... Up 3306/tcp
harbor-jobservice /harbor/start.sh Up
harbor-log /bin/sh -c /usr/local/bin/ ... Up 127.0.0.1:1514->10514/tcp
harbor-ui /harbor/start.sh Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
redis docker-entrypoint.sh redis ... Up 6379/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
1234567891011访问私服仓库。 192.168.111.5 默认用户名 / 密码:admin/Harbor12345 登陆之后可以修改一下密码。 # 4,客户端验证。 在另外一台主机上安装 docker 服务,验证私服可用性。 # 1,安装 docker。 wget http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo && mv docker-ce.repo /etc/yum.repos.d
yum -y install docker-ce-17.12.1.ce-1.el7.centos
12启动服务。 systemctl enable docker
systemctl start docker
systemctl status docker
1232,配置私服连接。 cat > /etc/docker/daemon.json << EOF
{ "insecure-registries":["192.168.111.5"] }
EOF
123重启 docker。 systemctl daemon-reload
systemctl restart docker
12登陆私服,如果登陆失败,可能是两台主机时间不同步。 $docker login -u admin -p Harbor12345 192.168.111.5
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
123# 3,验证拉取镜像。 先本地 pull 一个镜像。 $docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
90e01955edcd: Pull complete
Digest: sha256:2a03a6059f21e150ae84b0973863609494aad70f0a80eaeb64bddd8d92465812
Status: Downloaded newer image for busybox:latest
$docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
busybox latest 59788edf1f3e 2 months ago 1.15MB
12345678910更改一下 tag,测试一下 push。 $docker tag busybox 192.168.111.5/library/busybox:1
$docker push 192.168.111.5/library/busybox:1
The push refers to repository [192.168.111.5/library/busybox]
8a788232037e: Pushed
1: digest: sha256:915f390a8912e16d4beb8689720a17348f3f6d1a7b659697df850ab625ea29d5 size: 527
12345可以在私服当中看到这个镜像: 本地删除镜像,然后测试一下 pull。 查看镜像。
$docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.111.5/library/busybox 1 59788edf1f3e 2 months ago 1.15MB
busybox latest 59788edf1f3e 2 months ago 1.15MB
删除本地镜像。
$docker rmi -f 59788edf1f3e 59788edf1f3e
从本地私服pull镜像。
$docker pull 192.168.111.5/library/busybox:1
1: Pulling from library/busybox
90e01955edcd: Pull complete
Digest: sha256:915f390a8912e16d4beb8689720a17348f3f6d1a7b659697df850ab625ea29d5
Status: Downloaded newer image for 192.168.111.5/library/busybox:1
再次查看镜像。
$docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.111.5/library/busybox 1 59788edf1f3e 2 months ago 1.15MB
1234567891011121314151617181920
打赏
#docker#harbor 上次更新: 2022/08/19, 09:49:20
docker搭建官方版私有仓库(了解) 认识了解Dockerfile→
最近更新 01
openLDAP入门系列笔记第三篇--ldapsearch查询语法整理入门
02-2002
Vuepress项目编译时报routines的错误
02-1803
学习周刊-总第94期-2023年第07周
02-17 更多文章>
Theme by
Vdoing
| Copyright © 2017-2023
| | 浙ICP备18057030号
跟随系统
浅色模式
深色模式
阅读模式