部署 harbor私有仓库
部署 harbor 私有仓库
1.下载 docker-compose-1.12.0
1wget https://github.com/docker/compose/releases/download/1.12.0/docker-compose-Linux-x86_64
2mv docker-compose-Linux-x86_64 /usr/bin/docker-compose
3chmod a+x /usr/bin/docker-compose
2.下载 harbor-1.1.2
1wget --continue https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-offline-installer-v1.1.2.tgz
2tar -xzvf harbor-offline-installer-v1.1.2.tgz
3cd harbor
3.导入离线安装包中 harbor 相关的 docker images:
1docker load -i harbor.v1.1.2.tar.gz
2dd60b611baaa: Loading layer [==================================================>] 133.2MB/133.2MB
30bfc226dc2e8: Loading layer [==================================================>] 1.536kB/1.536kB
466c3231118d2: Loading layer [==================================================>] 17.69MB/17.69MB
5fe2c778bb727: Loading layer [==================================================>] 17.69MB/17.69MB
6Loaded image: vmware/harbor-jobservice:v1.1.2
7fe4c16cbf7a4: Loading layer [==================================================>] 128.9MB/128.9MB
8c4a8b7411af4: Loading layer [==================================================>] 60.57MB/60.57MB
93f117c44afbb: Loading layer [==================================================>] 3.584kB/3.584kB
103569f62067e2: Loading layer [==================================================>] 17.86MB/17.86MB
11Loaded image: vmware/nginx:1.11.5-patched
12Loaded image: photon:1.0
134a050fccec52: Loading layer [==================================================>] 12.16MB/12.16MB
14d918d73369ec: Loading layer [==================================================>] 17.3MB/17.3MB
1522898836924e: Loading layer [==================================================>] 15.87kB/15.87kB
16Loaded image: vmware/notary-photon:server-0.5.0
17a39bd6a7f897: Loading layer [==================================================>] 10.95MB/10.95MB
186f79b8337a1f: Loading layer [==================================================>] 17.3MB/17.3MB
1974bbd0e81dd0: Loading layer [==================================================>] 15.87kB/15.87kB
20Loaded image: vmware/notary-photon:signer-0.5.0
212df722677b4c: Loading layer [==================================================>] 7.062MB/7.062MB
22e5338f288c70: Loading layer [==================================================>] 7.062MB/7.062MB
23Loaded image: vmware/harbor-adminserver:v1.1.2
24b79e6c985050: Loading layer [==================================================>] 21.26MB/21.26MB
25568e827ac2db: Loading layer [==================================================>] 7.168kB/7.168kB
26e120e08d1ae8: Loading layer [==================================================>] 12.92MB/12.92MB
27c678c146825f: Loading layer [==================================================>] 9.728kB/9.728kB
28835ee5702bce: Loading layer [==================================================>] 2.56kB/2.56kB
29eaf7ac0e9e24: Loading layer [==================================================>] 21.26MB/21.26MB
30Loaded image: vmware/harbor-ui:v1.1.2
31c8ef72937018: Loading layer [==================================================>] 67.93MB/67.93MB
3201e57c31fb31: Loading layer [==================================================>] 3.584kB/3.584kB
33ae8312f0516f: Loading layer [==================================================>] 3.072kB/3.072kB
3447b646017cc6: Loading layer [==================================================>] 3.072kB/3.072kB
35Loaded image: vmware/harbor-log:v1.1.2
365d6cbe0dbcf9: Loading layer [==================================================>] 129.2MB/129.2MB
37435f2dfbd884: Loading layer [==================================================>] 344.6kB/344.6kB
38814d7b59f0cc: Loading layer [==================================================>] 4.657MB/4.657MB
39aae399245bd0: Loading layer [==================================================>] 1.536kB/1.536kB
4021e2ae955f72: Loading layer [==================================================>] 33.84MB/33.84MB
41a2d0f7b84059: Loading layer [==================================================>] 25.09kB/25.09kB
42819fa6af55b8: Loading layer [==================================================>] 3.584kB/3.584kB
4378914c99a468: Loading layer [==================================================>] 167.7MB/167.7MB
4436e79c658afb: Loading layer [==================================================>] 6.144kB/6.144kB
45f73503aca003: Loading layer [==================================================>] 9.216kB/9.216kB
46a21b39f6da59: Loading layer [==================================================>] 1.536kB/1.536kB
472f0fcce131fa: Loading layer [==================================================>] 7.68kB/7.68kB
48cbf999ad70ad: Loading layer [==================================================>] 4.608kB/4.608kB
498005207f317c: Loading layer [==================================================>] 4.608kB/4.608kB
50Loaded image: vmware/harbor-db:v1.1.2
5169c25b821c78: Loading layer [==================================================>] 22.79MB/22.79MB
525b403ac6f7ea: Loading layer [==================================================>] 3.584kB/3.584kB
539e2e304b5fe5: Loading layer [==================================================>] 2.048kB/2.048kB
54Loaded image: vmware/registry:2.6.1-photon
5578dbfa5b7cbc: Loading layer [==================================================>] 130.9MB/130.9MB
565f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB
578deec01122be: Loading layer [==================================================>] 344.6kB/344.6kB
58574ab36807f2: Loading layer [==================================================>] 1.536kB/1.536kB
59d8f2cde2eef8: Loading layer [==================================================>] 20.48kB/20.48kB
60eaa3924b054e: Loading layer [==================================================>] 5.12kB/5.12kB
618aa2c772121c: Loading layer [==================================================>] 184.3MB/184.3MB
62c3014bbccb0b: Loading layer [==================================================>] 8.704kB/8.704kB
63978a35efaa8c: Loading layer [==================================================>] 4.608kB/4.608kB
64c2385ae7d6e5: Loading layer [==================================================>] 16.6MB/16.6MB
65Loaded image: vmware/harbor-notary-db:mariadb-10.1.10
4.创建证书
1cd /etc/pki/CA
2
3vim /etc/pki/tls/openssl.cnf
4countryName_default = CN
5stateOrProvinceName_default = GuangDong
6localityName_default = ShenZhen
70.organizationName_default = k8s
8organizationalUnitName_default = System
9
10# 创建根证书
11openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt
12
13# harbor证书签名请求
14openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.key -out harbor.csr
15touch index.txt
16echo '01' > serial
17
18# 解决x509: certificate signed by unknown authority
19echo subjectAltName = IP:192.168.22.137 > extfile.cnf
20
21# 颁发证书
22openssl ca -in harbor.csr -out harbor.crt -cert ca.crt -keyfile ca.key -extfile extfile.cnf -outdir .
23
24mkdir /etc/harbor/ssl -p
25cp harbor.crt harbor.key /etc/harbor/ssl
5.配置 harbor
1vim harbor.cfg
2hostname = 192.168.22.137 # 修改为本机IP或者域名
3ui_url_protocol = https
4ssl_cert = /etc/harbor/ssl/harbor.crt
5ssl_cert_key = /etc/harbor/ssl/harbor.key
6verify_remote_cert = off
6.加载和启动 harbor 镜像
1./install.sh
2
3[Step 0]: checking installation environment ...
4
5Note: docker version: 17.12.1
6
7Note: docker-compose version: 1.12.0
8
9[Step 1]: loading Harbor images ...
10Loaded image: vmware/harbor-jobservice:v1.1.2
11Loaded image: vmware/nginx:1.11.5-patched
12Loaded image: photon:1.0
13Loaded image: vmware/notary-photon:server-0.5.0
14Loaded image: vmware/notary-photon:signer-0.5.0
15Loaded image: vmware/harbor-adminserver:v1.1.2
16Loaded image: vmware/harbor-ui:v1.1.2
17Loaded image: vmware/harbor-log:v1.1.2
18Loaded image: vmware/harbor-db:v1.1.2
19Loaded image: vmware/registry:2.6.1-photon
20Loaded image: vmware/harbor-notary-db:mariadb-10.1.10
21
22
23[Step 2]: preparing environment ...
24Clearing the configuration file: ./common/config/adminserver/env
25Clearing the configuration file: ./common/config/ui/env
26Clearing the configuration file: ./common/config/ui/app.conf
27Clearing the configuration file: ./common/config/ui/private_key.pem
28Clearing the configuration file: ./common/config/db/env
29Clearing the configuration file: ./common/config/jobservice/env
30Clearing the configuration file: ./common/config/jobservice/app.conf
31Clearing the configuration file: ./common/config/registry/config.yml
32Clearing the configuration file: ./common/config/registry/root.crt
33Clearing the configuration file: ./common/config/nginx/nginx.conf
34loaded secret from file: /data/secretkey
35Generated configuration file: ./common/config/nginx/nginx.conf
36Generated configuration file: ./common/config/adminserver/env
37Generated configuration file: ./common/config/ui/env
38Generated configuration file: ./common/config/registry/config.yml
39Generated configuration file: ./common/config/db/env
40Generated configuration file: ./common/config/jobservice/env
41Generated configuration file: ./common/config/jobservice/app.conf
42Generated configuration file: ./common/config/ui/app.conf
43Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
44The configuration files are ready, please use docker-compose to start the service.
45
46
47[Step 3]: checking existing instance of Harbor ...
48
49Note: stopping existing Harbor instance ...
50Stopping harbor-jobservice ... done
51Stopping harbor-ui ... done
52Stopping registry ... done
53Stopping harbor-adminserver ... done
54Stopping harbor-db ... done
55Stopping harbor-log ... done
56Removing nginx ... done
57Removing harbor-jobservice ... done
58Removing harbor-ui ... done
59Removing registry ... done
60Removing harbor-adminserver ... done
61Removing harbor-db ... done
62Removing harbor-log ... done
63Removing network harbor_harbor
64
65[Step 4]: starting Harbor ...
66Creating network "harbor_harbor" with the default driver
67Creating harbor-log
68Creating harbor-adminserver
69Creating registry
70Creating harbor-db
71Creating harbor-ui
72Creating harbor-jobservice
73Creating nginx
74
75✔ ----Harbor has been installed and started successfully.----
76
77Now you should be able to visit the admin portal at https://192.168.22.137.
78For more details, please visit https://github.com/vmware/harbor .
79
7.访问管理界面
浏览器访问 https://192.168.22.137
帐号:admin
密码:Harbor12345 (在harbor.cfg配置文件中)
8.修改 docker 启动项
1# 解决x509: certificate signed by unknown authority
2vim /usr/lib/systemd/system/docker.service
3ExecStart=/usr/bin/dockerd --insecure-registry=192.168.22.137
4
5systemctl daemon-reload
6systemctl restart docker
9.登录 docker registry
1docker login -u admin 192.168.22.137
2Password:
3Login Succeeded
10.打tag
1docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.8.3 192.168.22.137/library/kubernetes-dashboard-amd64:v1.8.3
11.转存image到私有仓库
1docker push 192.168.22.137/library/kubernetes-dashboard-amd64:v1.8.3
2The push refers to repository [192.168.22.137/library/kubernetes-dashboard-amd64]
323ddb8cbb75a: Pushed
4v1.8.3: digest: sha256:050620264fb56824b1bc1b9876f9c17875d96bb9fb96d5c34027ddbf65786f62 size: 529
12.参考文章:
- 原文作者:黄忠德
- 原文链接:https://huangzhongde.cn/post/2018-03-23-deploy-harbor-registry/
- 版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议进行许可,非商业转载请注明出处(作者,原文链接),商业转载请联系作者获得授权。