【Docker】Harbor 分布式仓库管理
一、Harbor 介绍
Harbor 是 VMware 公司开源的企业级 Docker Registry 项目,其目标是帮助用户迅速搭建一个企业级的 Docker Registry (私有仓库)服务。
Harbor以 Docker 公司开源的 Registry 为基础,提供了图形管理 UI 、基于角色的访问控制(Role Based AccessControl) 、AD/LDAP 集成、以及审计日志(Auditlogging) 等企业用户需求的功能,同时还原生支持中文。
Harbor 的每个组件都是以 Docker 容器的形式构建的,使用 docker-compose 来对它进行部署。用于部署 Harbor 的 docker-compose 模板位于 harbor/docker-compose.yml
Harbor的特性
- 基于角色控制:用户和仓库都是基于项目进行组织的,而用户在项目中可以拥有不同的权限。
- 基于镜像的复制策略:镜像可以在多个Harbor实例之间进行复制(同步)。
- 支持 LDAP/AD:Harbor 可以集成企业内部已有的 AD/LDAP(类似数据库的一张表),用于对已经存在的用户认证和管理。
- 镜像删除和垃圾回收:镜像可以被删除,也可以回收镜像占用的空间。
- 图形化用户界面:用户可以通过浏览器来浏览,搜索镜像仓库以及对项目进行管理。
- 审计管理:所有针对镜像仓库的操作都可以被记录追溯,用于审计管理。
- 支持 RESTful API:RESTful API 提供给管理员对于 Harbor 更多的操控, 使得与其它管理软件集成变得更容易。
- Harbor和docker registry的关系:Harbor实质上是对docker registry做了封装,扩展了自己的业务模板。
Harbor官方项目:https://github.com/goharbor
Harbor官方网站:https://goharbor.io/
Harbor官方文档:https://goharbor.io/docs/2.8.0/
二、Harbor 架构
如上图所示是 Harbor 2.0 的架构图,从上到下可分为代理层、功能层和数据层。
- 代理层:代理层实质上是一个 Nginx 反向代理,负责接收不同类型的客户端请求,包括浏览器、用户脚本、Docker 等,并根据请求类型和 URI 转发给不同的后端服务进行处理。
- 功能层:
- Portal:是一个基于 Argular 的前端应用,提供 Harbor 用户访问的界面。
- Core:是 Harbor 中的核心组件,封装了 Harbor 绝大部分的业务逻辑。
- JobService:异步任务组件,负责 Harbor 中很多比较耗时的功能,比如 Artifact 复制、扫描、垃圾回收等。
- Docker Distribution:Harbor 通过 Distribution 实现 Artifact 的读写和存取等功能。
- RegistryCtl:Docker Distribution 的控制组件。
- Notary(可选):基于 TUF 提供镜像签名管理的功能。
- 扫描工具(可选):镜像的漏洞检测工具。
- ChartMuseum(可选):提供 API 管理非 OCI 规范的 Helm Chart,随着兼容 OCI 规范的 Helm Chart 在社区上被更广泛地接受,Helm Chart 能以 Artifact 的形式在 Harbor 中存储和管理,不再依赖 ChartMuseum,因此 Harbor 可能会在后续版本中移除对 ChartMuseum 的支持。
- 数据层:
- Redis:主要作为缓存服务存储一些生命周期较短的数据,同时对于 JobService 还提供了类似队列的功能。
- PostgreSQL:存储 Harbor 的应用数据,比如项目信息、用户与项目的关系、管理策略、配置信息、Artifact 的元数据等等。
- Artifact 存储:存储 Artifact 本身的内容,也就是每次推送镜像、Helm Chart 或其他 Artifact 时,数据最终存储的地方。默认情况下,Harbor 会把 Artifact 写入本地文件系统中。用户也可以修改配置,将 Artifact 存储在外部存储中,例如亚马逊的对象存储 S3、谷歌云存储 GCS、阿里云的对象存储 OSS 等等。
三、Harbor 安装与配置
Harbor安装需要确保满足资源要求,磁盘必须大于40G,否则安装过程中会提示空间不足
1、安装Docker
[root@Harbor-Ubu1804-9:~]# cat docker_install_ubu1804_online.sh
#!/bin/bash
#
#********************************************************************
#Author: janzen
#Date: 2023-05-04
#FileName: docker_install_ubu1804_apt.sh
#Description: The test script
#Copyright (C): 2023 All rights reserved
#********************************************************************
COLOR="echo -e \\033[1;31m"
END="\033[m"
DOCKER_VERSION="5:19.03.15~3-0~ubuntu-bionic" install_docker(){
$COLOR"准备安装 Docker......"$END
sleep 10
apt update &> /dev/null
apt install -y ca-certificates curl gnupg && \
install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
chmod a+r /etc/apt/keyrings/docker.gpg && \ echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null apt update
$COLOR"Docker 可安装版本:"$END
apt-cache madison docker-ce | awk '{ print $3 }'
$COLOR"10 秒后即将安装:Docker-"$DOCKER_VERSION"版本"$END
$COLOR"安装其他版本情使用 Ctrl+C 退出,重新选择版本"$END
sleep 10 apt install -y docker-ce=$DOCKER_VERSION docker-ce-cli=$DOCKER_VERSION
mkdir -p /etc/docker
tee /etc/docker/daemon.json << 'EOF'
{
"registry-mirrors": ["https://hub-mirror.c.163.com","https://po3g231a.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn"]
}
EOF
systemctl daemon-reload
systemctl enable --now docker docker --version && $COLOR"Docker-"$DOCKER_VERSION"安装成功"$END || $COLOR"Docker-"$DOCKER_VERSION"安装失败"$END
} dpkg -s docker-ce &> /dev/null && { $COLOR"Docker 已安装,程序退出"$END;exit; } || install_docker
[root@Harbor-Ubu1804-9:~]# bash docker_install_ubu1804_online.sh
准备安装 Docker......
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20211016ubuntu0.18.04.1).
ca-certificates set to manually installed.
curl is already the newest version (7.58.0-2ubuntu3.24).
curl set to manually installed.
The following additional packages will be installed:
dirmngr gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server gpgconf gpgsm gpgv
Suggested packages:
dbus-user-session pinentry-gnome3 tor parcimonie xloadimage scdaemon
The following packages will be upgraded:
dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server gpgconf gpgsm gpgv
11 upgraded, 0 newly installed, 0 to remove and 115 not upgraded.
Need to get 0 B/2153 kB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ... 108264 files and directories currently installed.)
Preparing to unpack .../00-gpg-wks-client_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpg-wks-client (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../01-dirmngr_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking dirmngr (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../02-gpg_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpg (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../03-gnupg-utils_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gnupg-utils (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../04-gnupg-l10n_2.2.4-1ubuntu1.6_all.deb ...
Unpacking gnupg-l10n (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../05-gpg-agent_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpg-agent (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../06-gpgsm_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpgsm (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../07-gpgconf_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpgconf (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../08-gnupg_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gnupg (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../09-gpg-wks-server_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpg-wks-server (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Preparing to unpack .../10-gpgv_2.2.4-1ubuntu1.6_amd64.deb ...
Unpacking gpgv (2.2.4-1ubuntu1.6) over (2.2.4-1ubuntu1.3) ...
Setting up gpgv (2.2.4-1ubuntu1.6) ...
Setting up gpgconf (2.2.4-1ubuntu1.6) ...
Setting up gpg-agent (2.2.4-1ubuntu1.6) ...
Setting up gnupg-l10n (2.2.4-1ubuntu1.6) ...
Setting up gpgsm (2.2.4-1ubuntu1.6) ...
Setting up gnupg-utils (2.2.4-1ubuntu1.6) ...
Setting up dirmngr (2.2.4-1ubuntu1.6) ...
Setting up gpg (2.2.4-1ubuntu1.6) ...
Setting up gpg-wks-server (2.2.4-1ubuntu1.6) ...
Setting up gpg-wks-client (2.2.4-1ubuntu1.6) ...
Setting up gnupg (2.2.4-1ubuntu1.6) ...
Processing triggers for install-info (6.5.0.dfsg.1-2) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Hit:1 http://cn.archive.ubuntu.com/ubuntu bionic InRelease
Hit:2 http://cn.archive.ubuntu.com/ubuntu bionic-updates InRelease
Get:3 https://download.docker.com/linux/ubuntu bionic InRelease [64.4 kB]
Hit:4 http://cn.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:5 http://cn.archive.ubuntu.com/ubuntu bionic-security InRelease
Get:6 https://download.docker.com/linux/ubuntu bionic/stable amd64 Packages [36.6 kB]
Fetched 101 kB in 1s (70.1 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
115 packages can be upgraded. Run 'apt list --upgradable' to see them.
Docker 可安装版本:
5:23.0.5-1~ubuntu.18.04~bionic
5:23.0.4-1~ubuntu.18.04~bionic
5:23.0.3-1~ubuntu.18.04~bionic
5:23.0.2-1~ubuntu.18.04~bionic
5:23.0.1-1~ubuntu.18.04~bionic
5:23.0.0-1~ubuntu.18.04~bionic
5:20.10.24~3-0~ubuntu-bionic
5:20.10.23~3-0~ubuntu-bionic
5:20.10.22~3-0~ubuntu-bionic
5:20.10.21~3-0~ubuntu-bionic
5:20.10.20~3-0~ubuntu-bionic
5:20.10.19~3-0~ubuntu-bionic
5:20.10.18~3-0~ubuntu-bionic
5:20.10.17~3-0~ubuntu-bionic
5:20.10.16~3-0~ubuntu-bionic
5:20.10.15~3-0~ubuntu-bionic
5:20.10.14~3-0~ubuntu-bionic
5:20.10.13~3-0~ubuntu-bionic
5:20.10.12~3-0~ubuntu-bionic
5:20.10.11~3-0~ubuntu-bionic
5:20.10.10~3-0~ubuntu-bionic
5:20.10.9~3-0~ubuntu-bionic
5:20.10.8~3-0~ubuntu-bionic
5:20.10.7~3-0~ubuntu-bionic
5:20.10.6~3-0~ubuntu-bionic
5:20.10.5~3-0~ubuntu-bionic
5:20.10.4~3-0~ubuntu-bionic
5:20.10.3~3-0~ubuntu-bionic
5:20.10.2~3-0~ubuntu-bionic
5:20.10.1~3-0~ubuntu-bionic
5:20.10.0~3-0~ubuntu-bionic
5:19.03.15~3-0~ubuntu-bionic
5:19.03.14~3-0~ubuntu-bionic
5:19.03.13~3-0~ubuntu-bionic
5:19.03.12~3-0~ubuntu-bionic
5:19.03.11~3-0~ubuntu-bionic
5:19.03.10~3-0~ubuntu-bionic
5:19.03.9~3-0~ubuntu-bionic
5:19.03.8~3-0~ubuntu-bionic
5:19.03.7~3-0~ubuntu-bionic
5:19.03.6~3-0~ubuntu-bionic
5:19.03.5~3-0~ubuntu-bionic
5:19.03.4~3-0~ubuntu-bionic
5:19.03.3~3-0~ubuntu-bionic
5:19.03.2~3-0~ubuntu-bionic
5:19.03.1~3-0~ubuntu-bionic
5:19.03.0~3-0~ubuntu-bionic
5:18.09.9~3-0~ubuntu-bionic
5:18.09.8~3-0~ubuntu-bionic
5:18.09.7~3-0~ubuntu-bionic
5:18.09.6~3-0~ubuntu-bionic
5:18.09.5~3-0~ubuntu-bionic
5:18.09.4~3-0~ubuntu-bionic
5:18.09.3~3-0~ubuntu-bionic
5:18.09.2~3-0~ubuntu-bionic
5:18.09.1~3-0~ubuntu-bionic
5:18.09.0~3-0~ubuntu-bionic
18.06.3~ce~3-0~ubuntu
18.06.2~ce~3-0~ubuntu
18.06.1~ce~3-0~ubuntu
18.06.0~ce~3-0~ubuntu
18.03.1~ce~3-0~ubuntu
10 秒后即将安装:Docker-5:19.03.15~3-0~ubuntu-bionic版本
安装其他版本情使用 Ctrl+C 退出,重新选择版本
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
aufs-tools cgroupfs-mount containerd.io libltdl7 pigz
The following NEW packages will be installed:
aufs-tools cgroupfs-mount containerd.io docker-ce docker-ce-cli libltdl7 pigz
0 upgraded, 7 newly installed, 0 to remove and 115 not upgraded.
Need to get 95.5 MB of archives.
After this operation, 414 MB of additional disk space will be used.
Get:1 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 pigz amd64 2.4-1 [57.4 kB]
Get:2 https://download.docker.com/linux/ubuntu bionic/stable amd64 containerd.io amd64 1.6.20-1 [28.3 MB]
Get:3 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 aufs-tools amd64 1:4.9+20170918-1ubuntu1 [104 kB]
Get:4 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 cgroupfs-mount all 1.4 [6320 B]
Get:5 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 libltdl7 amd64 2.4.6-2 [38.8 kB]
Get:6 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce-cli amd64 5:19.03.15~3-0~ubuntu-bionic [44.2 MB]
Get:7 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce amd64 5:19.03.15~3-0~ubuntu-bionic [22.8 MB]
Fetched 95.5 MB in 19s (5086 kB/s)
Selecting previously unselected package pigz.
(Reading database ... 108264 files and directories currently installed.)
Preparing to unpack .../0-pigz_2.4-1_amd64.deb ...
Unpacking pigz (2.4-1) ...
Selecting previously unselected package aufs-tools.
Preparing to unpack .../1-aufs-tools_1%3a4.9+20170918-1ubuntu1_amd64.deb ...
Unpacking aufs-tools (1:4.9+20170918-1ubuntu1) ...
Selecting previously unselected package cgroupfs-mount.
Preparing to unpack .../2-cgroupfs-mount_1.4_all.deb ...
Unpacking cgroupfs-mount (1.4) ...
Selecting previously unselected package containerd.io.
Preparing to unpack .../3-containerd.io_1.6.20-1_amd64.deb ...
Unpacking containerd.io (1.6.20-1) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../4-docker-ce-cli_5%3a19.03.15~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce-cli (5:19.03.15~3-0~ubuntu-bionic) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../5-docker-ce_5%3a19.03.15~3-0~ubuntu-bionic_amd64.deb ...
Unpacking docker-ce (5:19.03.15~3-0~ubuntu-bionic) ...
Selecting previously unselected package libltdl7:amd64.
Preparing to unpack .../6-libltdl7_2.4.6-2_amd64.deb ...
Unpacking libltdl7:amd64 (2.4.6-2) ...
Setting up aufs-tools (1:4.9+20170918-1ubuntu1) ...
Setting up containerd.io (1.6.20-1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /lib/systemd/system/containerd.service.
Setting up cgroupfs-mount (1.4) ...
Setting up libltdl7:amd64 (2.4.6-2) ...
Setting up docker-ce-cli (5:19.03.15~3-0~ubuntu-bionic) ...
Setting up pigz (2.4-1) ...
Setting up docker-ce (5:19.03.15~3-0~ubuntu-bionic) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Processing triggers for libc-bin (2.27-3ubuntu1.5) ...
Processing triggers for systemd (237-3ubuntu10.50) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
{
"registry-mirrors": ["https://hub-mirror.c.163.com","https://po3g231a.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn"]
}
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
Docker version 19.03.15, build 99e3ed8919
Docker-5:19.03.15~3-0~ubuntu-bionic安装成功
2、安装 docker-compose
Harbor是使用docker-compose进行部署,必须先安装 docke-compose
2.1、通过pip安装,版本较新推荐使用
#apt安装python3-pip
[root@Harbor-Ubu1804-9:~]# apt install -y python3-pip
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
dh-python libexpat1-dev libpython3-dev libpython3.6 libpython3.6-dev libpython3.6-minimal libpython3.6-stdlib python-pip-whl python3-crypto
python3-dev python3-distutils python3-keyring python3-keyrings.alt python3-lib2to3 python3-secretstorage python3-setuptools python3-wheel
python3-xdg python3.6 python3.6-dev python3.6-minimal
Suggested packages:
python-crypto-doc gnome-keyring libkf5wallet-bin gir1.2-gnomekeyring-1.0 python-secretstorage-doc python-setuptools-doc python3.6-venv
python3.6-doc binfmt-support
The following NEW packages will be installed:
dh-python libexpat1-dev libpython3-dev libpython3.6-dev python-pip-whl python3-crypto python3-dev python3-distutils python3-keyring
python3-keyrings.alt python3-lib2to3 python3-pip python3-secretstorage python3-setuptools python3-wheel python3-xdg python3.6-dev
The following packages will be upgraded:
libpython3.6 libpython3.6-minimal libpython3.6-stdlib python3.6 python3.6-minimal
5 upgraded, 17 newly installed, 0 to remove and 112 not upgraded.
Need to get 48.2 MB/53.7 MB of archives.
After this operation, 87.3 MB of additional disk space will be used.
Get:1 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-lib2to3 all 3.6.9-1~18.04 [77.4 kB]
Get:2 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-distutils all 3.6.9-1~18.04 [144 kB]
Get:3 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 dh-python all 3.20180325ubuntu2 [89.2 kB]
Get:4 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libexpat1-dev amd64 2.2.5-3ubuntu0.9 [124 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libpython3.6-dev amd64 3.6.9-1~18.04ubuntu1.12 [44.9 MB]
Get:6 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libpython3-dev amd64 3.6.7-1~18.04 [7328 B]
Get:7 http://cn.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 python-pip-whl all 9.0.1-2.3~ubuntu1.18.04.8 [1653 kB]
Get:8 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python3-crypto amd64 2.6.1-8ubuntu2 [244 kB]
Get:9 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3.6-dev amd64 3.6.9-1~18.04ubuntu1.12 [511 kB]
Get:10 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-dev amd64 3.6.7-1~18.04 [1288 B]
Get:11 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python3-secretstorage all 2.3.1-2 [12.1 kB]
Get:12 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python3-keyring all 10.6.0-1 [26.7 kB]
Get:13 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python3-keyrings.alt all 3.0-1 [16.6 kB]
Get:14 http://cn.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 python3-pip all 9.0.1-2.3~ubuntu1.18.04.8 [114 kB]
Get:15 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-setuptools all 39.0.1-2ubuntu0.1 [248 kB]
Get:16 http://cn.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 python3-wheel all 0.30.0-0.2ubuntu0.1 [36.7 kB]
Get:17 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-xdg all 0.25-4ubuntu1.1 [31.3 kB]
Fetched 48.2 MB in 15s (3133 kB/s)
(Reading database ... 108578 files and directories currently installed.)
Preparing to unpack .../00-libpython3.6_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking libpython3.6:amd64 (3.6.9-1~18.04ubuntu1.12) over (3.6.9-1~18.04ubuntu1.4) ...
Preparing to unpack .../01-python3.6_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking python3.6 (3.6.9-1~18.04ubuntu1.12) over (3.6.9-1~18.04ubuntu1.4) ...
Preparing to unpack .../02-libpython3.6-stdlib_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking libpython3.6-stdlib:amd64 (3.6.9-1~18.04ubuntu1.12) over (3.6.9-1~18.04ubuntu1.4) ...
Preparing to unpack .../03-python3.6-minimal_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking python3.6-minimal (3.6.9-1~18.04ubuntu1.12) over (3.6.9-1~18.04ubuntu1.4) ...
Preparing to unpack .../04-libpython3.6-minimal_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking libpython3.6-minimal:amd64 (3.6.9-1~18.04ubuntu1.12) over (3.6.9-1~18.04ubuntu1.4) ...
Selecting previously unselected package python3-lib2to3.
Preparing to unpack .../05-python3-lib2to3_3.6.9-1~18.04_all.deb ...
Unpacking python3-lib2to3 (3.6.9-1~18.04) ...
Selecting previously unselected package python3-distutils.
Preparing to unpack .../06-python3-distutils_3.6.9-1~18.04_all.deb ...
Unpacking python3-distutils (3.6.9-1~18.04) ...
Selecting previously unselected package dh-python.
Preparing to unpack .../07-dh-python_3.20180325ubuntu2_all.deb ...
Unpacking dh-python (3.20180325ubuntu2) ...
Selecting previously unselected package libexpat1-dev:amd64.
Preparing to unpack .../08-libexpat1-dev_2.2.5-3ubuntu0.9_amd64.deb ...
Unpacking libexpat1-dev:amd64 (2.2.5-3ubuntu0.9) ...
Selecting previously unselected package libpython3.6-dev:amd64.
Preparing to unpack .../09-libpython3.6-dev_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking libpython3.6-dev:amd64 (3.6.9-1~18.04ubuntu1.12) ...
Selecting previously unselected package libpython3-dev:amd64.
Preparing to unpack .../10-libpython3-dev_3.6.7-1~18.04_amd64.deb ...
Unpacking libpython3-dev:amd64 (3.6.7-1~18.04) ...
Selecting previously unselected package python-pip-whl.
Preparing to unpack .../11-python-pip-whl_9.0.1-2.3~ubuntu1.18.04.8_all.deb ...
Unpacking python-pip-whl (9.0.1-2.3~ubuntu1.18.04.8) ...
Selecting previously unselected package python3-crypto.
Preparing to unpack .../12-python3-crypto_2.6.1-8ubuntu2_amd64.deb ...
Unpacking python3-crypto (2.6.1-8ubuntu2) ...
Selecting previously unselected package python3.6-dev.
Preparing to unpack .../13-python3.6-dev_3.6.9-1~18.04ubuntu1.12_amd64.deb ...
Unpacking python3.6-dev (3.6.9-1~18.04ubuntu1.12) ...
Selecting previously unselected package python3-dev.
Preparing to unpack .../14-python3-dev_3.6.7-1~18.04_amd64.deb ...
Unpacking python3-dev (3.6.7-1~18.04) ...
Selecting previously unselected package python3-secretstorage.
Preparing to unpack .../15-python3-secretstorage_2.3.1-2_all.deb ...
Unpacking python3-secretstorage (2.3.1-2) ...
Selecting previously unselected package python3-keyring.
Preparing to unpack .../16-python3-keyring_10.6.0-1_all.deb ...
Unpacking python3-keyring (10.6.0-1) ...
Selecting previously unselected package python3-keyrings.alt.
Preparing to unpack .../17-python3-keyrings.alt_3.0-1_all.deb ...
Unpacking python3-keyrings.alt (3.0-1) ...
Selecting previously unselected package python3-pip.
Preparing to unpack .../18-python3-pip_9.0.1-2.3~ubuntu1.18.04.8_all.deb ...
Unpacking python3-pip (9.0.1-2.3~ubuntu1.18.04.8) ...
Selecting previously unselected package python3-setuptools.
Preparing to unpack .../19-python3-setuptools_39.0.1-2ubuntu0.1_all.deb ...
Unpacking python3-setuptools (39.0.1-2ubuntu0.1) ...
Selecting previously unselected package python3-wheel.
Preparing to unpack .../20-python3-wheel_0.30.0-0.2ubuntu0.1_all.deb ...
Unpacking python3-wheel (0.30.0-0.2ubuntu0.1) ...
Selecting previously unselected package python3-xdg.
Preparing to unpack .../21-python3-xdg_0.25-4ubuntu1.1_all.deb ...
Unpacking python3-xdg (0.25-4ubuntu1.1) ...
Setting up python-pip-whl (9.0.1-2.3~ubuntu1.18.04.8) ...
Setting up python3-crypto (2.6.1-8ubuntu2) ...
Setting up python3-xdg (0.25-4ubuntu1.1) ...
Setting up python3-keyrings.alt (3.0-1) ...
Setting up python3-wheel (0.30.0-0.2ubuntu0.1) ...
Setting up libpython3.6-minimal:amd64 (3.6.9-1~18.04ubuntu1.12) ...
Setting up libexpat1-dev:amd64 (2.2.5-3ubuntu0.9) ...
Setting up python3-lib2to3 (3.6.9-1~18.04) ...
Setting up python3-secretstorage (2.3.1-2) ...
Setting up python3-distutils (3.6.9-1~18.04) ...
Setting up libpython3.6-stdlib:amd64 (3.6.9-1~18.04ubuntu1.12) ...
Setting up python3-keyring (10.6.0-1) ...
Setting up python3.6-minimal (3.6.9-1~18.04ubuntu1.12) ...
Setting up python3-pip (9.0.1-2.3~ubuntu1.18.04.8) ...
Setting up python3-setuptools (39.0.1-2ubuntu0.1) ...
Setting up dh-python (3.20180325ubuntu2) ...
Setting up libpython3.6:amd64 (3.6.9-1~18.04ubuntu1.12) ...
Setting up python3.6 (3.6.9-1~18.04ubuntu1.12) ...
Setting up libpython3.6-dev:amd64 (3.6.9-1~18.04ubuntu1.12) ...
Setting up python3.6-dev (3.6.9-1~18.04ubuntu1.12) ...
Setting up libpython3-dev:amd64 (3.6.7-1~18.04) ...
Setting up python3-dev (3.6.7-1~18.04) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for libc-bin (2.27-3ubuntu1.5) ... #升级pip3版本
[root@Harbor-Ubu1804-9:~]# python3 -m pip install --upgrade pip
Collecting pip
Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)
100% |████████████████████████████████| 1.7MB 310kB/s
Installing collected packages: pip
Found existing installation: pip 9.0.1
Not uninstalling pip at /usr/lib/python3/dist-packages, outside environment /usr
Successfully installed pip-21.3.1 #pip3安装docker-compose
[root@Harbor-Ubu1804-9:~]# pip3 install docker-compose
WARNING: pip is being invoked by an old script wrapper. This will fail in a future version of pip.
Please see https://github.com/pypa/pip/issues/5599 for advice on fixing the underlying issue.
To avoid this problem you can invoke Python with '-m pip' instead of running pip directly.
Collecting docker-compose
Using cached docker_compose-1.29.2-py2.py3-none-any.whl (114 kB)
Requirement already satisfied: PyYAML<6,>=3.10 in /usr/lib/python3/dist-packages (from docker-compose) (3.12)
Collecting cached-property<2,>=1.2.0
Using cached cached_property-1.5.2-py2.py3-none-any.whl (7.6 kB)
Collecting texttable<2,>=0.9.0
Using cached texttable-1.6.7-py2.py3-none-any.whl (10 kB)
Requirement already satisfied: jsonschema<4,>=2.5.1 in /usr/lib/python3/dist-packages (from docker-compose) (2.6.0)
Collecting dockerpty<1,>=0.4.1
Using cached dockerpty-0.4.1.tar.gz (13 kB)
Preparing metadata (setup.py) ... done
Collecting python-dotenv<1,>=0.13.0
Using cached python_dotenv-0.20.0-py3-none-any.whl (17 kB)
Collecting distro<2,>=1.5.0
Using cached distro-1.8.0-py3-none-any.whl (20 kB)
Collecting websocket-client<1,>=0.32.0
Using cached websocket_client-0.59.0-py2.py3-none-any.whl (67 kB)
Collecting docker[ssh]>=5
Using cached docker-5.0.3-py2.py3-none-any.whl (146 kB)
Collecting docopt<1,>=0.6.1
Using cached docopt-0.6.2.tar.gz (25 kB)
Preparing metadata (setup.py) ... done
Collecting requests<3,>=2.20.0
Using cached requests-2.27.1-py2.py3-none-any.whl (63 kB)
Collecting paramiko>=2.4.2
Using cached paramiko-3.1.0-py3-none-any.whl (211 kB)
Requirement already satisfied: six>=1.3.0 in /usr/lib/python3/dist-packages (from dockerpty<1,>=0.4.1->docker-compose) (1.11.0)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/lib/python3/dist-packages (from requests<3,>=2.20.0->docker-compose) (1.22)
Requirement already satisfied: idna<4,>=2.5 in /usr/lib/python3/dist-packages (from requests<3,>=2.20.0->docker-compose) (2.6)
Collecting charset-normalizer~=2.0.0
Using cached charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3/dist-packages (from requests<3,>=2.20.0->docker-compose) (2018.1.18)
Collecting cryptography>=3.3
Downloading cryptography-40.0.2-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.7 MB)
|████████████████████████████████| 3.7 MB 5.6 MB/s
Collecting pynacl>=1.5
Downloading PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl (856 kB)
|████████████████████████████████| 856 kB 6.8 MB/s
Collecting bcrypt>=3.2
Downloading bcrypt-4.0.1-cp36-abi3-manylinux_2_24_x86_64.whl (593 kB)
|████████████████████████████████| 593 kB 6.1 MB/s
Collecting cffi>=1.12
Downloading cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB)
|████████████████████████████████| 402 kB 6.7 MB/s
Collecting pycparser
Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB)
|████████████████████████████████| 118 kB 6.7 MB/s
Building wheels for collected packages: dockerpty, docopt
Building wheel for dockerpty (setup.py) ... done
Created wheel for dockerpty: filename=dockerpty-0.4.1-py3-none-any.whl size=15382 sha256=33b5b9afbc2c8997e84638ac0042225a216ec8bacbbef30e38f9e25daaa57119
Stored in directory: /root/.cache/pip/wheels/61/8f/e3/247046231ee138b48be905e4a748d570630e1f3ec24632b00b
Building wheel for docopt (setup.py) ... done
Created wheel for docopt: filename=docopt-0.6.2-py2.py3-none-any.whl size=19852 sha256=2292e4aab1e61506744fc93262cc4e8b861f4895e7850d1c20acbb0ef4e6f779
Stored in directory: /root/.cache/pip/wheels/3f/2a/fa/4d7a888e69774d5e6e855d190a8a51b357d77cc05eb1c097c9
Successfully built dockerpty docopt
Installing collected packages: pycparser, charset-normalizer, cffi, websocket-client, requests, pynacl, cryptography, bcrypt, paramiko, docker, texttable, python-dotenv, docopt, dockerpty, distro, cached-property, docker-compose
Attempting uninstall: requests
Found existing installation: requests 2.18.4
Uninstalling requests-2.18.4:
Successfully uninstalled requests-2.18.4
Attempting uninstall: cryptography
Found existing installation: cryptography 2.1.4
Uninstalling cryptography-2.1.4:
Successfully uninstalled cryptography-2.1.4
Successfully installed bcrypt-4.0.1 cached-property-1.5.2 cffi-1.15.1 charset-normalizer-2.0.12 cryptography-40.0.2 distro-1.8.0 docker-5.0.3 docker-compose-1.29.2 dockerpty-0.4.1 docopt-0.6.2 paramiko-3.1.0 pycparser-2.21 pynacl-1.5.0 python-dotenv-0.20.0 requests-2.27.1 texttable-1.6.7 websocket-client-0.59.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv #查看docker-compose版本
[root@Harbor-Ubu1804-9:~]# docker-compose --version
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
docker-compose version 1.29.2, build unknown
2.2、直接从github下载安装对应版本
官方github地址:https://github.com/docker/compose/releases
[root@Harbor-Ubu1804-10:~]# curl -L https://github.com/docker/compose/releases/download/v2.17.3/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
100 51.9M 100 51.9M 0 0 15242 0 0:59:33 0:59:33 --:--:-- 11665
[root@Harbor-Ubu1804-10:~]# chmod +x /usr/local/bin/docker-compose
[root@Harbor-Ubu1804-10:~]# docker-compose --version
Docker Compose version v2.17.3
2.3、apt直接安装,版本较低,不推荐
ed: sha256:eeb6ee3f44bd0b5103bb561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9
Deleted: sha256:174f5685490326fc0a1c0f5570b8663732189b327007e47ff13d2ca59673db02
Error: No such image: 0bb6d36c85ca
Error: No such image: b9d392225b3e
Error: No such image: 7614ae9453d1
Error: No such image: feb5d9fea6a5
[root@Docker-Ubu1804-p11:~]# df -Th
Filesystem Type Size Used Avail Use% Mounted on
udev devtmpfs 447M 0 447M 0% /dev
tmpfs tmpfs 96M 924K 96M 1% /run
/dev/mapper/ubuntu--vg-ubuntu--lv ext4 8.8G 6.7G 1.7G 81% /
tmpfs tmpfs 480M 0 480M 0% /dev/shm
tmpfs tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs tmpfs 480M 0 480M 0% /sys/fs/cgroup
/dev/sda2 ext4 974M 152M 755M 17% /boot
tmpfs tmpfs 96M 0 96M 0% /run/user/1000
[root@Docker-Ubu1804-p11:~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@Docker-Ubu1804-p11:~]#
[root@Docker-Ubu1804-p11:~]# apt install -y docker-compose
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
docker-ce docker-ce-cli golang-docker-credential-helpers libpython-stdlib libpython2.7-minimal libpython2.7-stdlib libsecret-1-0
libsecret-common python python-asn1crypto python-backports.ssl-match-hostname python-cached-property python-certifi python-cffi-backend
python-chardet python-cryptography python-docker python-dockerpty python-dockerpycreds python-docopt python-enum34 python-funcsigs
python-functools32 python-idna python-ipaddress python-jsonschema python-minimal python-mock python-openssl python-pbr python-pkg-resources
python-requests python-six python-texttable python-urllib3 python-websocket python-yaml python2.7 python2.7-minimal
Suggested packages:
python-doc python-tk python-cryptography-doc python-cryptography-vectors python-enum34-doc python-funcsigs-doc python-mock-doc
python-openssl-doc python-openssl-dbg python-setuptools python-socks python-ntlm python2.7-doc binfmt-support
Recommended packages:
docker-ce-rootless-extras docker-buildx-plugin docker-compose-plugin docker.io
The following NEW packages will be installed:
docker-compose golang-docker-credential-helpers libpython-stdlib libpython2.7-minimal libpython2.7-stdlib libsecret-1-0 libsecret-common
python python-asn1crypto python-backports.ssl-match-hostname python-cached-property python-certifi python-cffi-backend python-chardet
python-cryptography python-docker python-dockerpty python-dockerpycreds python-docopt python-enum34 python-funcsigs python-functools32
python-idna python-ipaddress python-jsonschema python-minimal python-mock python-openssl python-pbr python-pkg-resources python-requests
python-six python-texttable python-urllib3 python-websocket python-yaml python2.7 python2.7-minimal
The following packages will be upgraded:
docker-ce docker-ce-cli
2 upgraded, 38 newly installed, 0 to remove and 61 not upgraded.
Need to get 41.3 MB of archives.
After this operation, 135 MB disk space will be freed.
Get:1 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libpython2.7-minimal amd64 2.7.17-1~18.04ubuntu1.11 [335 kB]
Get:2 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce-cli amd64 5:23.0.5-1~ubuntu.18.04~bionic [13.2 MB]
Get:3 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python2.7-minimal amd64 2.7.17-1~18.04ubuntu1.11 [1294 kB]
Get:4 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-minimal amd64 2.7.15~rc1-1 [28.1 kB]
Get:5 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 libpython2.7-stdlib amd64 2.7.17-1~18.04ubuntu1.11 [1919 kB]
Get:6 https://download.docker.com/linux/ubuntu bionic/stable amd64 docker-ce amd64 5:23.0.5-1~ubuntu.18.04~bionic [22.0 MB]
Get:7 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python2.7 amd64 2.7.17-1~18.04ubuntu1.11 [248 kB]
Get:8 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 libpython-stdlib amd64 2.7.15~rc1-1 [7620 B]
Get:9 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python amd64 2.7.15~rc1-1 [140 kB]
Get:10 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-backports.ssl-match-hostname all 3.5.0.1-1 [7024 B]
Get:11 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-pkg-resources all 39.0.1-2ubuntu0.1 [128 kB]
Get:12 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-cached-property all 1.3.1-1 [7568 B]
Get:13 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-six all 1.11.0-2 [11.3 kB]
Get:14 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 libsecret-common all 0.18.6-1 [4452 B]
Get:15 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 libsecret-1-0 amd64 0.18.6-1 [94.6 kB]
Get:16 http://cn.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 golang-docker-credential-helpers amd64 0.5.0-2ubuntu0.1 [477 kB]
Get:17 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-dockerpycreds all 0.2.1-1 [4138 B]
Get:18 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-certifi all 2018.1.18-2 [144 kB]
Get:19 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-chardet all 3.0.4-1 [80.3 kB]
Get:20 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-idna all 2.6-1 [32.4 kB]
Get:21 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-urllib3 all 1.22-1ubuntu0.18.04.2 [86.0 kB]
Get:22 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-requests all 2.18.4-2ubuntu0.1 [58.5 kB]
Get:23 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-websocket all 0.44.0-0ubuntu2 [30.7 kB]
Get:24 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-ipaddress all 1.0.17-1 [18.2 kB]
Get:25 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-docker all 2.5.1-1 [69.0 kB]
Get:26 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-dockerpty all 0.4.1-1 [10.8 kB]
Get:27 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-docopt all 0.6.2-1build1 [25.6 kB]
Get:28 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-enum34 all 1.1.6-2 [34.8 kB]
Get:29 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-functools32 all 3.2.3.2-3 [10.8 kB]
Get:30 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-funcsigs all 1.0.2-4 [13.5 kB]
Get:31 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-pbr all 3.1.1-3ubuntu3 [53.7 kB]
Get:32 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-mock all 2.0.0-3 [47.4 kB]
Get:33 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-jsonschema all 2.6.0-2 [31.5 kB]
Get:34 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 python-texttable all 0.9.1-1 [8160 B]
Get:35 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-yaml amd64 3.12-1build2 [115 kB]
Get:36 http://cn.archive.ubuntu.com/ubuntu bionic/universe amd64 docker-compose all 1.17.1-2 [76.3 kB]
Get:37 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-asn1crypto all 0.24.0-1 [72.7 kB]
Get:38 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-cffi-backend amd64 1.11.5-1 [63.4 kB]
Get:39 http://cn.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python-cryptography amd64 2.1.4-1ubuntu1.4 [276 kB]
Get:40 http://cn.archive.ubuntu.com/ubuntu bionic/main amd64 python-openssl all 17.5.0-1ubuntu1 [41.3 kB]
Fetched 41.3 MB in 26s (1612 kB/s)
Extracting templates from packages: 100%
Selecting previously unselected package libpython2.7-minimal:amd64.
(Reading database ... 108939 files and directories currently installed.)
Preparing to unpack .../0-libpython2.7-minimal_2.7.17-1~18.04ubuntu1.11_amd64.deb ...
Unpacking libpython2.7-minimal:amd64 (2.7.17-1~18.04ubuntu1.11) ...
Selecting previously unselected package python2.7-minimal.
Preparing to unpack .../1-python2.7-minimal_2.7.17-1~18.04ubuntu1.11_amd64.deb ...
Unpacking python2.7-minimal (2.7.17-1~18.04ubuntu1.11) ...
Selecting previously unselected package python-minimal.
Preparing to unpack .../2-python-minimal_2.7.15~rc1-1_amd64.deb ...
Unpacking python-minimal (2.7.15~rc1-1) ...
Selecting previously unselected package libpython2.7-stdlib:amd64.
Preparing to unpack .../3-libpython2.7-stdlib_2.7.17-1~18.04ubuntu1.11_amd64.deb ...
Unpacking libpython2.7-stdlib:amd64 (2.7.17-1~18.04ubuntu1.11) ...
Selecting previously unselected package python2.7.
Preparing to unpack .../4-python2.7_2.7.17-1~18.04ubuntu1.11_amd64.deb ...
Unpacking python2.7 (2.7.17-1~18.04ubuntu1.11) ...
Selecting previously unselected package libpython-stdlib:amd64.
Preparing to unpack .../5-libpython-stdlib_2.7.15~rc1-1_amd64.deb ...
Unpacking libpython-stdlib:amd64 (2.7.15~rc1-1) ...
Setting up libpython2.7-minimal:amd64 (2.7.17-1~18.04ubuntu1.11) ...
Setting up python2.7-minimal (2.7.17-1~18.04ubuntu1.11) ...
Linking and byte-compiling packages for runtime python2.7...
Setting up python-minimal (2.7.15~rc1-1) ...
Selecting previously unselected package python.
(Reading database ... 109687 files and directories currently installed.)
Preparing to unpack .../00-python_2.7.15~rc1-1_amd64.deb ...
Unpacking python (2.7.15~rc1-1) ...
Preparing to unpack .../01-docker-ce-cli_5%3a23.0.5-1~ubuntu.18.04~bionic_amd64.deb ...
Unpacking docker-ce-cli (5:23.0.5-1~ubuntu.18.04~bionic) over (5:19.03.15~3-0~ubuntu-bionic) ...
Preparing to unpack .../02-docker-ce_5%3a23.0.5-1~ubuntu.18.04~bionic_amd64.deb ...
Unpacking docker-ce (5:23.0.5-1~ubuntu.18.04~bionic) over (5:19.03.15~3-0~ubuntu-bionic) ...
Selecting previously unselected package python-backports.ssl-match-hostname.
Preparing to unpack .../03-python-backports.ssl-match-hostname_3.5.0.1-1_all.deb ...
Unpacking python-backports.ssl-match-hostname (3.5.0.1-1) ...
Selecting previously unselected package python-pkg-resources.
Preparing to unpack .../04-python-pkg-resources_39.0.1-2ubuntu0.1_all.deb ...
Unpacking python-pkg-resources (39.0.1-2ubuntu0.1) ...
Selecting previously unselected package python-cached-property.
Preparing to unpack .../05-python-cached-property_1.3.1-1_all.deb ...
Unpacking python-cached-property (1.3.1-1) ...
Selecting previously unselected package python-six.
Preparing to unpack .../06-python-six_1.11.0-2_all.deb ...
Unpacking python-six (1.11.0-2) ...
Selecting previously unselected package libsecret-common.
Preparing to unpack .../07-libsecret-common_0.18.6-1_all.deb ...
Unpacking libsecret-common (0.18.6-1) ...
Selecting previously unselected package libsecret-1-0:amd64.
Preparing to unpack .../08-libsecret-1-0_0.18.6-1_amd64.deb ...
Unpacking libsecret-1-0:amd64 (0.18.6-1) ...
Selecting previously unselected package golang-docker-credential-helpers.
Preparing to unpack .../09-golang-docker-credential-helpers_0.5.0-2ubuntu0.1_amd64.deb ...
Unpacking golang-docker-credential-helpers (0.5.0-2ubuntu0.1) ...
Selecting previously unselected package python-dockerpycreds.
Preparing to unpack .../10-python-dockerpycreds_0.2.1-1_all.deb ...
Unpacking python-dockerpycreds (0.2.1-1) ...
Selecting previously unselected package python-certifi.
Preparing to unpack .../11-python-certifi_2018.1.18-2_all.deb ...
Unpacking python-certifi (2018.1.18-2) ...
Selecting previously unselected package python-chardet.
Preparing to unpack .../12-python-chardet_3.0.4-1_all.deb ...
Unpacking python-chardet (3.0.4-1) ...
Selecting previously unselected package python-idna.
Preparing to unpack .../13-python-idna_2.6-1_all.deb ...
Unpacking python-idna (2.6-1) ...
Selecting previously unselected package python-urllib3.
Preparing to unpack .../14-python-urllib3_1.22-1ubuntu0.18.04.2_all.deb ...
Unpacking python-urllib3 (1.22-1ubuntu0.18.04.2) ...
Selecting previously unselected package python-requests.
Preparing to unpack .../15-python-requests_2.18.4-2ubuntu0.1_all.deb ...
Unpacking python-requests (2.18.4-2ubuntu0.1) ...
Selecting previously unselected package python-websocket.
Preparing to unpack .../16-python-websocket_0.44.0-0ubuntu2_all.deb ...
Unpacking python-websocket (0.44.0-0ubuntu2) ...
Selecting previously unselected package python-ipaddress.
Preparing to unpack .../17-python-ipaddress_1.0.17-1_all.deb ...
Unpacking python-ipaddress (1.0.17-1) ...
Selecting previously unselected package python-docker.
Preparing to unpack .../18-python-docker_2.5.1-1_all.deb ...
Unpacking python-docker (2.5.1-1) ...
Selecting previously unselected package python-dockerpty.
Preparing to unpack .../19-python-dockerpty_0.4.1-1_all.deb ...
Unpacking python-dockerpty (0.4.1-1) ...
Selecting previously unselected package python-docopt.
Preparing to unpack .../20-python-docopt_0.6.2-1build1_all.deb ...
Unpacking python-docopt (0.6.2-1build1) ...
Selecting previously unselected package python-enum34.
Preparing to unpack .../21-python-enum34_1.1.6-2_all.deb ...
Unpacking python-enum34 (1.1.6-2) ...
Selecting previously unselected package python-functools32.
Preparing to unpack .../22-python-functools32_3.2.3.2-3_all.deb ...
Unpacking python-functools32 (3.2.3.2-3) ...
Selecting previously unselected package python-funcsigs.
Preparing to unpack .../23-python-funcsigs_1.0.2-4_all.deb ...
Unpacking python-funcsigs (1.0.2-4) ...
Selecting previously unselected package python-pbr.
Preparing to unpack .../24-python-pbr_3.1.1-3ubuntu3_all.deb ...
Unpacking python-pbr (3.1.1-3ubuntu3) ...
Selecting previously unselected package python-mock.
Preparing to unpack .../25-python-mock_2.0.0-3_all.deb ...
Unpacking python-mock (2.0.0-3) ...
Selecting previously unselected package python-jsonschema.
Preparing to unpack .../26-python-jsonschema_2.6.0-2_all.deb ...
Unpacking python-jsonschema (2.6.0-2) ...
Selecting previously unselected package python-texttable.
Preparing to unpack .../27-python-texttable_0.9.1-1_all.deb ...
Unpacking python-texttable (0.9.1-1) ...
Selecting previously unselected package python-yaml.
Preparing to unpack .../28-python-yaml_3.12-1build2_amd64.deb ...
Unpacking python-yaml (3.12-1build2) ...
Selecting previously unselected package docker-compose.
Preparing to unpack .../29-docker-compose_1.17.1-2_all.deb ...
Unpacking docker-compose (1.17.1-2) ...
Selecting previously unselected package python-asn1crypto.
Preparing to unpack .../30-python-asn1crypto_0.24.0-1_all.deb ...
Unpacking python-asn1crypto (0.24.0-1) ...
Selecting previously unselected package python-cffi-backend.
Preparing to unpack .../31-python-cffi-backend_1.11.5-1_amd64.deb ...
Unpacking python-cffi-backend (1.11.5-1) ...
Selecting previously unselected package python-cryptography.
Preparing to unpack .../32-python-cryptography_2.1.4-1ubuntu1.4_amd64.deb ...
Unpacking python-cryptography (2.1.4-1ubuntu1.4) ...
Selecting previously unselected package python-openssl.
Preparing to unpack .../33-python-openssl_17.5.0-1ubuntu1_all.deb ...
Unpacking python-openssl (17.5.0-1ubuntu1) ...
Setting up libsecret-common (0.18.6-1) ...
Setting up docker-ce-cli (5:23.0.5-1~ubuntu.18.04~bionic) ...
Setting up libsecret-1-0:amd64 (0.18.6-1) ...
Setting up libpython2.7-stdlib:amd64 (2.7.17-1~18.04ubuntu1.11) ...
Setting up docker-ce (5:23.0.5-1~ubuntu.18.04~bionic) ...
Setting up python2.7 (2.7.17-1~18.04ubuntu1.11) ...
Setting up libpython-stdlib:amd64 (2.7.15~rc1-1) ...
Setting up golang-docker-credential-helpers (0.5.0-2ubuntu0.1) ...
Setting up python (2.7.15~rc1-1) ...
Setting up python-idna (2.6-1) ...
Setting up python-texttable (0.9.1-1) ...
Setting up python-functools32 (3.2.3.2-3) ...
Setting up python-yaml (3.12-1build2) ...
Setting up python-asn1crypto (0.24.0-1) ...
Setting up python-certifi (2018.1.18-2) ...
Setting up python-pkg-resources (39.0.1-2ubuntu0.1) ...
Setting up python-backports.ssl-match-hostname (3.5.0.1-1) ...
Setting up python-cffi-backend (1.11.5-1) ...
Setting up python-six (1.11.0-2) ...
Setting up python-dockerpty (0.4.1-1) ...
Setting up python-pbr (3.1.1-3ubuntu3) ...
update-alternatives: using /usr/bin/python2-pbr to provide /usr/bin/pbr (pbr) in auto mode
Setting up python-enum34 (1.1.6-2) ...
Setting up python-funcsigs (1.0.2-4) ...
Setting up python-docopt (0.6.2-1build1) ...
Setting up python-ipaddress (1.0.17-1) ...
Setting up python-cached-property (1.3.1-1) ...
Setting up python-urllib3 (1.22-1ubuntu0.18.04.2) ...
Setting up python-chardet (3.0.4-1) ...
Setting up python-dockerpycreds (0.2.1-1) ...
Setting up python-mock (2.0.0-3) ...
Setting up python-websocket (0.44.0-0ubuntu2) ...
update-alternatives: using /usr/bin/python2-wsdump to provide /usr/bin/wsdump (wsdump) in auto mode
Setting up python-cryptography (2.1.4-1ubuntu1.4) ...
Setting up python-requests (2.18.4-2ubuntu0.1) ...
Setting up python-jsonschema (2.6.0-2) ...
update-alternatives: using /usr/bin/python2-jsonschema to provide /usr/bin/jsonschema (jsonschema) in auto mode
Setting up python-openssl (17.5.0-1ubuntu1) ...
Setting up python-docker (2.5.1-1) ...
Setting up docker-compose (1.17.1-2) ...
Processing triggers for systemd (237-3ubuntu10.57) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for mime-support (3.60ubuntu1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for libc-bin (2.27-3ubuntu1.5) ...
[root@Docker-Ubu1804-p11:~]# docker-compose --version
docker-compose version 1.17.1, build unknown
3、下载Harbor安装包并解压
官方github地址:https://github.com/goharbor/harbor/releases
3.1、下载并解压离线安装包
[root@Harbor-Ubu1804-9:~]# wget https://github.com/goharbor/harbor/releases/download/v2.8.0/harbor-offline-installer-v2.8.0.tgz
--2023-05-04 06:44:13-- https://github.com/goharbor/harbor/releases/download/v2.8.0/harbor-offline-installer-v2.8.0.tgz
Resolving github.com (github.com)... 20.205.243.166
Connecting to github.com (github.com)|20.205.243.166|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/3264ff53-d69e-4d73-b601-285a81844054?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230503%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230503T224414Z&X-Amz-Expires=300&X-Amz-Signature=56f78b1f71515177b32050e70d8364172789ee7061978bff34970e8b9979e021&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-offline-installer-v2.8.0.tgz&response-content-type=application%2Foctet-stream [following]
--2023-05-04 06:44:14-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/3264ff53-d69e-4d73-b601-285a81844054?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230503%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230503T224414Z&X-Amz-Expires=300&X-Amz-Signature=56f78b1f71515177b32050e70d8364172789ee7061978bff34970e8b9979e021&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-offline-installer-v2.8.0.tgz&response-content-type=application%2Foctet-stream
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.111.133
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.111.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 633942863 (605M) [application/octet-stream]
Saving to: ‘harbor-offline-installer-v2.8.0.tgz’ harbor-offline-installer-v2.8.0.tgz 100%[===================================================================>] 604.57M 5.90MB/s in 1m 43s 2023-05-04 06:45:59 (5.85 MB/s) - ‘harbor-offline-installer-v2.8.0.tgz’ saved [633942863/633942863] [root@Harbor-Ubu1804-9:~]# ls
disk.sh docker_install_ubu1804_online.sh harbor-offline-installer-v2.8.0.tgz issue os.version redis_install.sh system_info.sh
[root@Harbor-Ubu1804-9:~]# mkdir /apps
[root@Harbor-Ubu1804-9:~]# tar xvf harbor-offline-installer-v2.8.0.tgz -C /apps/
harbor/harbor.v2.8.0.tar.gz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
[root@Harbor-Ubu1804-9:~]# tree /apps/
/apps/
└── harbor
├── LICENSE
├── common.sh
├── harbor.v2.8.0.tar.gz
├── harbor.yml.tmpl
├── install.sh
└── prepare 1 directory, 6 files
3.2、下载并解压在线安装包
[root@Harbor-Ubu1804-10:~]# wget https://github.com/goharbor/harbor/releases/download/v2.8.0/harbor-online-installer-v2.8.0.tgz
--2023-05-04 22:34:03-- https://github.com/goharbor/harbor/releases/download/v2.8.0/harbor-online-installer-v2.8.0.tgz
Resolving github.com (github.com)... 20.205.243.166
Connecting to github.com (github.com)|20.205.243.166|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/5b13b62e-9582-430d-937c-7add3750b641?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230504%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230504T143403Z&X-Amz-Expires=300&X-Amz-Signature=00160a898b7b7e86a791af42a75b2ac9f4b1ee834dfcf31b310ec10a7116c999&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.8.0.tgz&response-content-type=application%2Foctet-stream [following]
--2023-05-04 22:34:04-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/5b13b62e-9582-430d-937c-7add3750b641?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230504%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230504T143403Z&X-Amz-Expires=300&X-Amz-Signature=00160a898b7b7e86a791af42a75b2ac9f4b1ee834dfcf31b310ec10a7116c999&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.8.0.tgz&response-content-type=application%2Foctet-stream
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.111.133, 185.199.109.133, 185.199.108.133, ...
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.111.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11022 (11K) [application/octet-stream]
Saving to: ‘harbor-online-installer-v2.8.0.tgz’ harbor-online-installer-v2.8.0.tgz 100%[===================================================================>] 10.76K 56.5KB/s in 0.2s 2023-05-04 22:34:05 (56.5 KB/s) - ‘harbor-online-installer-v2.8.0.tgz’ saved [11022/11022]
[root@Harbor-Ubu1804-10:~]# ls
disk.sh docker-compose-Linux-x86_64.1 harbor-online-installer-v2.8.0.tgz os.version system_info.sh
docker-compose-Linux-x86_64 docker_install_ubu1804_online.sh issue redis_install.sh
[root@Harbor-Ubu1804-10:~]# mkdir /apps -p
[root@Harbor-Ubu1804-10:~]# tar zxvf harbor-online-installer-v2.8.0.tgz -C /apps
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
[root@Harbor-Ubu1804-10:~]# tree /apps
/apps
└── harbor
├── LICENSE
├── common.sh
├── harbor.yml.tmpl
├── install.sh
└── prepare 1 directory, 5 files
4、编辑配置文件 harbor.yml.tmpl 生成 harbor.yml
[root@Harbor-Ubu1804-9:~]# sed -e "/^hostname: .*$/c hostname: 10.0.0.10" \
-e "/harbor_admin_password: .*$/c harbor_admin_password: janzen" \
-e "/https:/s/^/#/" \
-e "/port: 443/s/^/#/" \
-e "/certificate:/s/^/#/" \
-e "/private_key:/s/^/#/" \
/apps/harbor/harbor.yml.tmpl > /apps/harbor/harbor.yml
5、运行Harbor安装脚本
5.1、离线安装包安装
[root@Harbor-Ubu1804-9:/apps/harbor]# ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.15 [Step 1]: checking docker-compose is installed ...
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend Note: docker-compose version: 1.29.2 [Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-log:v2.8.0
Loaded image: goharbor/notary-signer-photon:v2.8.0
Loaded image: goharbor/harbor-registryctl:v2.8.0
Loaded image: goharbor/harbor-exporter:v2.8.0
Loaded image: goharbor/redis-photon:v2.8.0
Loaded image: goharbor/notary-server-photon:v2.8.0
Loaded image: goharbor/prepare:v2.8.0
Loaded image: goharbor/harbor-jobservice:v2.8.0
Loaded image: goharbor/trivy-adapter-photon:v2.8.0
Loaded image: goharbor/registry-photon:v2.8.0
Loaded image: goharbor/harbor-portal:v2.8.0
Loaded image: goharbor/harbor-core:v2.8.0
Loaded image: goharbor/harbor-db:v2.8.0
Loaded image: goharbor/nginx-photon:v2.8.0 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ...
prepare base dir is set to /apps/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir Note: stopping existing Harbor instance ...
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
Removing network harbor_harbor
WARNING: Network harbor_harbor not found. [Step 5]: starting Harbor ...
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating registry ... done
Creating redis ... done
Creating registryctl ... done
Creating harbor-portal ... done
Creating harbor-db ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
----Harbor has been installed and started successfully.----
[root@Harbor-Ubu1804-9:/apps/harbor]#
5.2、在线安装包安装
[root@Harbor-Ubu1804-10:~]# bash /apps/harbor/install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.15 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 2.17.3 [Step 2]: preparing environment ... [Step 3]: preparing harbor configs ...
prepare base dir is set to /apps/harbor
Unable to find image 'goharbor/prepare:v2.8.0' locally
v2.8.0: Pulling from goharbor/prepare
bf71dcb41a4d: Pull complete
484253c2f382: Pull complete
e74d2a96ccb2: Pull complete
01db2f770c78: Pull complete
b560365c90c1: Pull complete
1f3dd0d587a1: Pull complete
838bdf6426be: Pull complete
51525c7a4951: Pull complete
7afee3de0d7c: Pull complete
3613dc8f55e8: Pull complete
Digest: sha256:2e3945da3cf6e444177e1c99b46e302fd89a61b24dd9787df3b9d2713ab1b6c3
Status: Downloaded newer image for goharbor/prepare:v2.8.0
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir Note: stopping existing Harbor instance ... [Step 4]: starting Harbor ...
[+] Running 60/25
log 7 layers [⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 57.8s
registry 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 7.4s
redis 4 layers [⣿⣿⣿⣿] 0B/0B Pulled 40.9s
proxy 1 layers [⣿] 0B/0B Pulled 874.6s
registryctl 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 20.4s
postgresql 10 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 144.4s
core 9 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 41.3s
jobservice 5 layers [⣿⣿⣿⣿⣿] 0B/0B Pulled 96.2s
portal 3 layers [⣿⣿⣿] 0B/0B Pulled 54.7s [+] Running 10/10
Network harbor_harbor Created 0.1s
Container harbor-log Started 1.5s
Container redis Started 5.0s
Container registryctl Started 2.9s
Container harbor-db Started 4.3s
Container harbor-portal Started 4.1s
Container registry Started 4.2s
Container harbor-core Started 5.6s
Container nginx Started 7.5s
Container harbor-jobservice Started 7.6s
----Harbor has been installed and started successfully.----
6、实现开机自启动
6.1、systemd
[root@Harbor-Ubu1804-9:/apps/harbor]# vim /lib/systemd/system/harbor.service
[root@Harbor-Ubu1804-9:/apps/harbor]# cat /lib/systemd/system/harbor.service
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-reslove.service
Requires=docker.service
Documentation=http://github.com/vmware/harbor [Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/local/bin/docker-compose -f /apps/harbor/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f /apps/harbor/docker-compose.yml down [Install]
WantedBy=multi-user.target [root@Harbor-Ubu1804-9:/apps/harbor]# systemctl daemon-reload
[root@Harbor-Ubu1804-9:/apps/harbor]# systemctl enable --now harbor.service
Created symlink /etc/systemd/system/multi-user.target.wants/harbor.service → /lib/systemd/system/harbor.service.
7、访问 Harbor Web界面
四、Harbor 单机使用配置
1、创建项目
2、命令行登录Harbor
[root@Docker-Ubu1804-p11:~]# docker login 10.0.0.10
Username: admin
Password:
Error response from daemon: Get https://10.0.0.10/v2/: dial tcp 10.0.0.10:443: connect: connection refused
#提示需要使用https协议访问,但是由于目标harbor并未开启SSL认证,修改docker默认配置允许对目标使用http协议访问
修改仓库连接使用协议
#方法一:修改 daemon.json 配置允许使用http协议访问
[root@Docker-Ubu1804-p11:~]# sed -i.bak "/{/a \"insecure-registries\" : [\"10.0.0.10\",\"10.0.0.9\"]," /etc/docker/daemon.json
[root@Docker-Ubu1804-p11:~]# cat /etc/docker//daemon.json
{
"insecure-registries" : ["10.0.0.10","10.0.0.9"],
"registry-mirrors": ["https://hub-mirror.c.163.com","https://po3g231a.mirror.aliyuncs.com","https://docker.mirrors.ustc.edu.cn"],
"bip": "172.17.1.1/24",
"fixed-cidr": "172.17.1.0/24"
}
[root@Docker-Ubu1804-p11:~]# systemctl daemon-reload
[root@Docker-Ubu1804-p11:~]# systemctl restart docker
[root@Docker-Ubu1804-p11:~]# docker login 10.0.0.10
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded #方法二:修改docker.service文件
[root@Docker-Ubu1804-p11:~]# sed -i.bak '/ExecStart=/s/$/ --insecure-registry "10.0.0.9"/' /lib/systemd/system/docker.service
[root@Docker-Ubu1804-p11:~]# sed -i.bak '/ExecStart=/s/$/ --insecure-registry "10.0.0.10"/' /lib/systemd/system/docker.service
[root@Docker-Ubu1804-p11:~]# cat /lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
BindsTo=containerd.service
After=network-online.target firewalld.service containerd.service
Wants=network-online.target
Requires=docker.socket [Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry "10.0.0.9" --insecure-registry "10.0.0.10"
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutSec=0
RestartSec=2
Restart=always # Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3 # Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s # Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity # Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity # set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes # kill only the docker process, not all processes in the cgroup
KillMode=process [Install]
WantedBy=multi-user.target
[root@Docker-Ubu1804-p11:~]# systemctl daemon-reload ; systemctl restart docker
[root@Docker-Ubu1804-p11:~]# docker login 10.0.0.10
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
[root@Docker-Ubu1804-p11:~]# docker login 10.0.0.9
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
3、对本地进行打标签并上传到Harbor
修改image名称,不使用指定格式命名image无法进行上传
image标准命名格式:仓库地址:<仓库端口 默认80>/项目名/image名称:<版本信息 默认latest>
[root@Docker-Ubu1804-p11:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
janzen/app1 latest f65a9531bfc7 7 days ago 572MB
janzen/app1 v3.0 f65a9531bfc7 7 days ago 572MB
janzen/nginx-centos7 1.20.1-v2.0 4919aacb5ea0 7 days ago 562MB
janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
mysql latest 8189e588b0e8 2 weeks ago 564MB
busybox 1.36 7cfbbec8963d 6 weeks ago 4.86MB
busybox 1.35.0 a711f05d3384 16 months ago 1.24MB
busybox latest beae173ccac6 16 months ago 1.24MB
nginx latest 605c77e624dd 16 months ago 141MB
redis latest 7614ae9453d1 16 months ago 113MB
alpine latest c059bfaa849c 17 months ago 5.59MB
redis 5.0.14-alpine3.14 2089be2db78e 17 months ago 29.4MB
ubuntu 18.04 5a214d77f5d7 19 months ago 63.1MB
hello-world latest feb5d9fea6a5 19 months ago 13.3kB
centos 7 eeb6ee3f44bd 19 months ago 204MB
[root@Docker-Ubu1804-p11:~]# docker tag janzen/centos7:v1.0 10.0.0.10/janzen/centos7:v1.0
[root@Docker-Ubu1804-p11:~]# docker tag janzen/centos7:v1.0 10.0.0.10/janzen/centos7
[root@Docker-Ubu1804-p11:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
janzen/app1 latest f65a9531bfc7 7 days ago 572MB
janzen/app1 v3.0 f65a9531bfc7 7 days ago 572MB
janzen/nginx-centos7 1.20.1-v2.0 4919aacb5ea0 7 days ago 562MB
10.0.0.10/janzen/centos7 latest b9d392225b3e 10 days ago 529MB
10.0.0.10/janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
mysql latest 8189e588b0e8 2 weeks ago 564MB
busybox 1.36 7cfbbec8963d 6 weeks ago 4.86MB
busybox 1.35.0 a711f05d3384 16 months ago 1.24MB
busybox latest beae173ccac6 16 months ago 1.24MB
nginx latest 605c77e624dd 16 months ago 141MB
redis latest 7614ae9453d1 16 months ago 113MB
alpine latest c059bfaa849c 17 months ago 5.59MB
redis 5.0.14-alpine3.14 2089be2db78e 17 months ago 29.4MB
ubuntu 18.04 5a214d77f5d7 19 months ago 63.1MB
hello-world latest feb5d9fea6a5 19 months ago 13.3kB
centos 7 eeb6ee3f44bd 19 months ago 204MB
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.10/janzen/centos7
The push refers to repository [10.0.0.10/janzen/centos7]
ae552106ea81: Pushed
174f56854903: Pushed
latest: digest: sha256:51a4e1432a50d31261ca2a34d565f0cbbfd7cc17fd0bd6162516899c851cfff3 size: 742
ae552106ea81: Layer already exists
174f56854903: Layer already exists
v1.0: digest: sha256:51a4e1432a50d31261ca2a34d565f0cbbfd7cc17fd0bd6162516899c851cfff3 size: 742
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.10/janzen/centos7:v1.0
The push refers to repository [10.0.0.10/janzen/centos7]
ae552106ea81: Layer already exists
174f56854903: Layer already exists
v1.0: digest: sha256:51a4e1432a50d31261ca2a34d565f0cbbfd7cc17fd0bd6162516899c851cfff3 size: 742
4、下载Harbor上的镜像
[root@temp-ubuntu-1804-server:~]# docker pull 10.0.0.10/janzen/centos7
Using default tag: latest
latest: Pulling from janzen/centos7
2d473b07cdd5: Pull complete
b92dee35c852: Pull complete
Digest: sha256:51a4e1432a50d31261ca2a34d565f0cbbfd7cc17fd0bd6162516899c851cfff3
Status: Downloaded newer image for 10.0.0.10/janzen/centos7:latest
10.0.0.10/janzen/centos7:latest
[root@temp-ubuntu-1804-server:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
10.0.0.10/janzen/centos7 latest b9d392225b3e 10 days ago 529MB
5、修改Harbor配置
方法一:/apps/harbor/prepare
[root@Harbor-Ubu1804-10:~]# systemctl stop harbor.service
[root@Harbor-Ubu1804-10:~]# vim /apps/harbor/harbor.yml http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 8080 [root@Harbor-Ubu1804-10:~]# /apps/harbor/prepare
prepare base dir is set to /apps/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/db/env
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[root@Harbor-Ubu1804-10:~]# systemctl start harbor.service
[root@Harbor-Ubu1804-10:~]# ss -ntlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 0.0.0.0:* users:(("docker-proxy",pid=123526,fd=4))
LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=836,fd=13))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=928,fd=3))
LISTEN 0 128 127.0.0.1:6010 0.0.0.0:* users:(("sshd",pid=1376,fd=10))
LISTEN 0 128 *:8080 *:* users:(("docker-proxy",pid=124252,fd=4))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=928,fd=4))
LISTEN 0 128 [::1]:6010 [::]:* users:(("sshd",pid=1376,fd=9))
方法二:/apps/harbor/install.sh
[root@Harbor-Ubu1804-10:~]# vim /apps/harbor/harbor.yml http:
port: 80 [root@Harbor-Ubu1804-10:~]# /apps/harbor/install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.15 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 2.17.3 [Step 2]: preparing environment ... [Step 3]: preparing harbor configs ...
prepare base dir is set to /apps/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registry/root.crt
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/db/env
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir Note: stopping existing Harbor instance ...
[+] Running 10/10
Container nginx Removed 0.5s
Container harbor-jobservice Removed 0.4s
Container registryctl Removed 10.3s
Container harbor-portal Removed 0.4s
Container harbor-core Removed 0.4s
Container harbor-db Removed 0.7s
Container registry Removed 0.4s
Container redis Removed 0.5s
Container harbor-log Removed 10.3s
Network harbor_harbor Removed 0.1s [Step 4]: starting Harbor ...
[+] Running 10/10
Network harbor_harbor Created 0.1s
Container harbor-log Started 1.3s
Container registryctl Started 3.9s
Container harbor-db Started 3.2s
Container redis Started 3.0s
Container harbor-portal Started 5.5s
Container registry Started 4.2s
Container harbor-core Started 4.5s
Container nginx Started 6.5s
Container harbor-jobservice Started 6.0s
----Harbor has been installed and started successfully.----
[root@Harbor-Ubu1804-10:~]# ss -ntlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 0.0.0.0:* users:(("docker-proxy",pid=126673,fd=4))
LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=836,fd=13))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=928,fd=3))
LISTEN 0 128 127.0.0.1:6010 0.0.0.0:* users:(("sshd",pid=1376,fd=10))
LISTEN 0 128 *:80 *:* users:(("docker-proxy",pid=127375,fd=4))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=928,fd=4))
LISTEN 0 128 [::1]:6010 [::]:* users:(("sshd",pid=1376,fd=9))
6、一键镜像打标签并上传
#!/bin/bash
#
#********************************************************************
#Author: janzen
#Date: 2023-05-05
#FileName:
#Description: The test script
#Copyright (C): 2023 All rights reserved
#******************************************************************** ERR="echo -e \033[1;31m"
SUCC="echo -e \033[1;32m"
WARN="echo -e \033[1;33m"
END="\033[m" DOCS(){
echo "$0 <OPTIONS> [IMAGE] <TAG:-latest>"
echo "<OPTIONS>:"
echo ""
echo "-h show this page"
echo "-b build image from .DockerFile, default; false"
echo "-i <HostIP> set host ip, default: 10.0.0.9"
echo "-u <UserNmae> set username, default: admin"
echo "-p <UserPasswd> set password, default: janzen"
echo "-r <registry> registry, default: janzen"
exit
} image_tag() {
[ `docker images $HOST/$REGISTRY/$IMAGE_NAME:$TAG -q` ] && { $WARN"$HOST/$REGISTRY/$IMAGE_NAME:$TAG is exist"$END;return; } || [ `docker images $IMAGE_NAME:$TAG -q` ] && docker tag $IMAGE_NAME:$TAG $HOST/$REGISTRY/$IMAGE_NAME:$TAG || [ `docker images $REGISTRY\/$IMAGE_NAME:$TAG -q` ] && docker tag $REGISTRY/$IMAGE_NAME:$TAG $HOST/$REGISTRY/$IMAGE_NAME:$TAG || { $ERR"$IMAGE_NAME:$TAG not exist,if you want build image Please Usage $0 -b [IMAGE] <TAG:-latest>"$END; DOCS;}
} while getopts 'hbi:u:p:r:' OPT; do
case $OPT in
b)
BUILD=true
;;
i)
HOST=${OPTARG}
;;
u)
REGISTRY_USER=${OPTARG}
;;
p)
PASSWD=${OPTARG}
;;
r)
REGISTRY=${OPTARG}
;;
h)
DOCS
;;
?)
DOCS
;;
esac
done
shift $(($OPTIND - 1)) IMAGE_NAME=$1
TAG=$2
TAG=${TAG:-latest}
HOST=${HOST:-"10.0.0.9"}
REGISTRY_USER=${REGISTRY_USER:-admin}
PASSWD=${PASSWD:-janzen}
REGISTRY=${REGISTRY:-janzen} [ $BUILD ] && docker build -t $HOST/$REGISTRY/$IMAGE_NAME:$TAG . || image_tag && $SUCC"Tag Image successd"$END docker login $HOST -u $REGISTRY_USER -p $PASSWD && { docker push $HOST/$REGISTRY/$IMAGE_NAME:$TAG; $SUCC"push $HOST/$REGISTRY/$IMAGE_NAME:$TAG to $HOST successed"$END;} || $ERR"login $HOST faild"$END
五、Harbor 分布式集群配置
1、准备两台Harbor服务器
Harbor09
Harbor10
2、在两台Harbor上创建同样的仓库
3、在 Harbor09 的仓库管理中 添加Harbor10仓库信息
4、在 Harbor09 添加复制规则
每分钟自动从 Harbor10 上同步全部镜像
手动执行触发 复制规则
5、验证镜像上传及删除
从客户端上传镜像到Harbor10
[root@Docker-Ubu1804-p11:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
janzen/app1 latest f65a9531bfc7 8 days ago 572MB
janzen/app1 v3.0 f65a9531bfc7 8 days ago 572MB
janzen/nginx-centos7 1.20.1-v2.0 4919aacb5ea0 8 days ago 562MB
10.0.0.10/janzen/centos7 latest b9d392225b3e 10 days ago 529MB
10.0.0.10/janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
mysql latest 8189e588b0e8 2 weeks ago 564MB
busybox 1.36 7cfbbec8963d 6 weeks ago 4.86MB
busybox 1.35.0 a711f05d3384 16 months ago 1.24MB
busybox latest beae173ccac6 16 months ago 1.24MB
nginx latest 605c77e624dd 16 months ago 141MB
redis latest 7614ae9453d1 16 months ago 113MB
alpine latest c059bfaa849c 17 months ago 5.59MB
redis 5.0.14-alpine3.14 2089be2db78e 17 months ago 29.4MB
ubuntu 18.04 5a214d77f5d7 19 months ago 63.1MB
hello-world latest feb5d9fea6a5 19 months ago 13.3kB
centos 7 eeb6ee3f44bd 19 months ago 204MB
[root@Docker-Ubu1804-p11:~]# docker tag janzen/nginx-centos7:1.20.1-v2.0 10.0.0.10/janzen/nginx-centos7:1.20.1-v2.0
[root@Docker-Ubu1804-p11:~]# docker tag janzen/nginx-centos7:1.20.1-v2.0 10.0.0.10/janzen/nginx-centos7
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.10/janzen/nginx-centos7
The push refers to repository [10.0.0.10/janzen/nginx-centos7]
b82538224854: Pushed
174f56854903: Mounted from janzen/centos7
1.20.1-v2.0: digest: sha256:36213ec0d340a5c174e8e7811de648044034dd7ec6a2511a6eadde9d4ac18e37 size: 742
b82538224854: Layer already exists
174f56854903: Layer already exists
latest: digest: sha256:36213ec0d340a5c174e8e7811de648044034dd7ec6a2511a6eadde9d4ac18e37 size: 742
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.10/janzen/nginx-centos7:1.20.1-v2.0
The push refers to repository [10.0.0.10/janzen/nginx-centos7]
b82538224854: Layer already exists
174f56854903: Layer already exists
1.20.1-v2.0: digest: sha256:36213ec0d340a5c174e8e7811de648044034dd7ec6a2511a6eadde9d4ac18e37 size: 742
查看Harbor10上的项目内容
查看Harbor09上的项目内容
6、在Harbor10上重复 1-4 操作,并添加基于事件的push策略,实现双向同步
[root@Docker-Ubu1804-p11:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
janzen/app1 latest f65a9531bfc7 8 days ago 572MB
janzen/app1 v3.0 f65a9531bfc7 8 days ago 572MB
10.0.0.10/janzen/nginx-centos7 1.20.1-v2.0 4919aacb5ea0 8 days ago 562MB
10.0.0.10/janzen/nginx-centos7 latest 4919aacb5ea0 8 days ago 562MB
janzen/nginx-centos7 1.20.1-v2.0 4919aacb5ea0 8 days ago 562MB
10.0.0.10/janzen/centos7 latest b9d392225b3e 10 days ago 529MB
10.0.0.10/janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
janzen/centos7 v1.0 b9d392225b3e 10 days ago 529MB
mysql latest 8189e588b0e8 2 weeks ago 564MB
busybox 1.36 7cfbbec8963d 6 weeks ago 4.86MB
busybox 1.35.0 a711f05d3384 16 months ago 1.24MB
busybox latest beae173ccac6 16 months ago 1.24MB
nginx latest 605c77e624dd 16 months ago 141MB
redis latest 7614ae9453d1 16 months ago 113MB
alpine latest c059bfaa849c 17 months ago 5.59MB
redis 5.0.14-alpine3.14 2089be2db78e 17 months ago 29.4MB
ubuntu 18.04 5a214d77f5d7 19 months ago 63.1MB
hello-world latest feb5d9fea6a5 19 months ago 13.3kB
centos 7 eeb6ee3f44bd 19 months ago 204MB
[root@Docker-Ubu1804-p11:~]# docker tag janzen/app1:v3.0 10.0.0.9/janzen/app1:v3.0
[root@Docker-Ubu1804-p11:~]# docker tag janzen/app1:v3.0 10.0.0.9/janzen/app1
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.9/janzen/app1
The push refers to repository [10.0.0.9/janzen/app1]
f04a4d2ea341: Layer already exists
188c1c5e9297: Layer already exists
b82538224854: Layer already exists
174f56854903: Layer already exists
latest: digest: sha256:c2ff655ee6b16bf088a522ad0868067a6be61167d75b37664d9bc34bf6b3e2ea size: 1161
f04a4d2ea341: Layer already exists
188c1c5e9297: Layer already exists
b82538224854: Layer already exists
174f56854903: Layer already exists
v3.0: digest: sha256:c2ff655ee6b16bf088a522ad0868067a6be61167d75b37664d9bc34bf6b3e2ea size: 1161
[root@Docker-Ubu1804-p11:~]# docker push 10.0.0.9/janzen/app1:v3.0
The push refers to repository [10.0.0.9/janzen/app1]
f04a4d2ea341: Layer already exists
188c1c5e9297: Layer already exists
b82538224854: Layer already exists
174f56854903: Layer already exists
v3.0: digest: sha256:c2ff655ee6b16bf088a522ad0868067a6be61167d75b37664d9bc34bf6b3e2ea size: 1161
[root@Docker-Ubu1804-p11:~]#
六、Harbor 安全之https配置
官方配置HTTPS文档:https://goharbor.io/docs/2.8.0/install-config/configure-https/
1、生成CA证书,并给Harbor主机颁发证书
#创建存放私钥和证书的目录
[root@Harbor-Ubu1804-9:~]# mkdir /apps/harbor/certs
[root@Harbor-Ubu1804-9:~]# cd /apps/harbor/certs/ #生成CA证书
[root@Harbor-Ubu1804-9:/apps/harbor/certs]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -subj "/CN=ca.janzen.com" -days 365 -out ca.crt
Can't load /root/.rnd into RNG
139892179550656:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
Generating a RSA private key
.............................................................................................................................................................................................................++++
...................++++
writing new private key to 'ca.key'
-----
#生成Harbor证书申请
[root@Harbor-Ubu1804-9:/apps/harbor/certs]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.janzen.com.key -subj "/CN=harbor.janzen.com" -out harbor.janzen.com.csr
Can't load /root/.rnd into RNG
140464486539712:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd
Generating a RSA private key
.................................................................................................................................++++
......................................................................................++++
writing new private key to 'harbor.janzen.com.key'
----- #给Harbor颁发证书
[root@Harbor-Ubu1804-9:/apps/harbor/certs]# openssl x509 -req -in harbor.janzen.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out harbor.janzen.com.crt
Signature ok
subject=CN = harbor.janzen.com
Getting CA Private Key [root@Harbor-Ubu1804-9:/apps/harbor/certs]# tree /apps/harbor/certs/
/apps/harbor/certs/
├── ca.crt
├── ca.key
├── ca.srl
├── harbor.janzen.com.crt
├── harbor.janzen.com.csr
└── harbor.janzen.com.key 0 directories, 6 files
#配置x509 v3 版本的 SAN证书
[root@Harbor-Ubu1804-9:/apps/harbor/certs]# cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=janzen.com
DNS.2=harbor.janzen.com
EOF
[root@Harbor-Ubu1804-9:/apps/harbor/certs]# openssl x509 -req -extfile v3.ext -in harbor.janzen.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out harbor.janzen.com.crt
Signature ok
subject=CN = harbor.janzen.com
Getting CA Private Key
2、配置Harbor启用HTTPS
#修改Harbor配置文件
[root@Harbor-Ubu1804-9:~]# vim /apps/harbor/harbor.yml
hostname: harbor.janzen.com
https:
# https port for harbor, default is 443
port: 443
# The path of cert and key files for nginx
certificate: /apps/harbor/certs/harbor.janzen.com.crt
private_key: /apps/harbor/certs/harbor.janzen.com.key #停用Harbor服务(针对已安装Harbor,未安装情况下直接执行安装即可)
[root@Harbor-Ubu1804-9:~]# docker-compose -f /apps/harbor/docker-compose.yml down
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
Stopping harbor-jobservice ... done
Stopping nginx ... done
Stopping harbor-core ... done
Stopping registry ... done
Stopping redis ... done
Stopping harbor-db ... done
Stopping registryctl ... done
Stopping harbor-portal ... done
Stopping harbor-log ... done
Removing harbor-jobservice ... done
Removing nginx ... done
Removing harbor-core ... done
Removing registry ... done
Removing redis ... done
Removing harbor-db ... done
Removing registryctl ... done
Removing harbor-portal ... done
Removing harbor-log ... done
Removing network harbor_harbor #执行配置更新
[root@Harbor-Ubu1804-9:~]# /apps/harbor/prepare
prepare base dir is set to /apps/harbor
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registry/root.crt
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/db/env
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir #重新启动Harbor服务
[root@Harbor-Ubu1804-9:~]# docker-compose -f /apps/harbor/docker-compose.yml up -d
/usr/local/lib/python3.6/dist-packages/paramiko/transport.py:32: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.backends import default_backend
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating registryctl ... done
Creating redis ... done
Creating harbor-portal ... done
Creating registry ... done
Creating harbor-db ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
3、客户端下载CA证书
#未使用x509 v3 版本证书出现以下报错
[root@Docker-Ubu1804-p11:~]# docker login haobor.janzen.com
Authenticating with existing credentials...
Login did not succeed, error: Error response from daemon: Get "https://harbor.janzen.com/v2/": x509: cannot validate certificate for harbor.janzen.com because it doesn't contain any IP SANs
Username (admin): admin
Password:
Error response from daemon: Get "https://harbor.janzen.com/v2/": x509: cannot validate certificate for harbor.janzen.com because it doesn't contain any SANs
#客户端未配置证书,出现以下报错
[root@Docker-Ubu1804-p11:~]# docker login harbor.janzen.com
Authenticating with existing credentials...
Login did not succeed, error: Error response from daemon: Get "https://harbor.janzen.com/v2/": x509: certificate signed by unknown authority
Username (admin): admin
Password:
Error response from daemon: Get "https://harbor.janzen.com/v2/": x509: certificate signed by unknown authority
#在客户端下载之前生成的CA证书
[root@Docker-Ubu1804-p11:~]# mkdir -pv /etc/docker/certs.d/harbor.janzen.com/
mkdir: created directory '/etc/docker/certs.d'
mkdir: created directory '/etc/docker/certs.d/harbor.janzen.com/'
[root@Docker-Ubu1804-p11:~]# scp -r 10.0.0.9:/apps/harbor/certs/ca.crt /etc/docker/certs.d/harbor.janzen.com/ca.crt
root@10.0.0.9's password:
ca.crt
[root@Docker-Ubu1804-p11:~]# docker login harbor.janzen.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
4、浏览器通过 https 协议访问 Harbor站点
5、客户端使用 https 协议上传和下载镜像
#拉取镜像
[root@Docker-Ubu1804-p11:~]# docker pull harbor.janzen.com/janzen/centos7
Using default tag: latest
latest: Pulling from janzen/centos7
2d473b07cdd5: Pull complete
b0ed90275bd0: Pull complete
Digest: sha256:c77e9270bf47f226ddb76d00a6abf1c645c165efc18121a648279a4c9ae4443e
Status: Downloaded newer image for harbor.janzen.com/janzen/centos7:latest
harbor.janzen.com/janzen/centos7:latest
[root@Docker-Ubu1804-p11:~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
harbor.janzen.com/janzen/centos7 latest f3ad589cce4c 30 hours ago 289MB Successfully built 1a1060e6ff30
Successfully tagged harbor.janzen.com/janzen/centos7:v1.3
Tag Image successd
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store #镜像打包并上传
[root@Docker-Ubu1804-p11:/images/system/centos]# image_push
:latest not exist,if you want build image Please Usage /usr/bin/image_push -b [IMAGE] <TAG:-latest>
/usr/bin/image_push <OPTIONS> [IMAGE] <TAG:-latest>
<OPTIONS>: -h show this page
-b build image from .DockerFile, default; false
-i <HostIP> set host ip, default: 10.0.0.9
-u <UserNmae> set username, default: admin
-p <UserPasswd> set password, default: janzen
-r <registry> registry, default: janzen
[root@Docker-Ubu1804-p11:/images/system/centos]# image_push -b -i harbor.janzen.com centos7 v1.3
Login Succeeded
The push refers to repository [harbor.janzen.com/janzen/centos7]
89022798c4bb: Pushed
174f56854903: Layer already exists
v1.3: digest: sha256:53b65e68f90a0564704a9c3c6ef2ab435ad45e6495c21eefedf1eefa160960b0 size: 742
push harbor.janzen.com/janzen/centos7:v1.3 to harbor.janzen.com successed
【Docker】Harbor 分布式仓库管理的更多相关文章
- Docker Harbor 高可用 1.7.5版本(七)
环境说明: node1 10.10.5.135 仓库 1 node2 10.10.5.136 仓库 2 node3 10.10.5.137 客户端 实验内容: Harbor 可以在两台主机之间相互同步 ...
- selenium结合docker构建分布式测试环境
selenium是目前web和app自动化测试的主要框架.对于web自动化测试而言,由于selenium2.0以后socker服务器由本地浏览器自己启动且直接通过浏览器原生API操作页面,故越来越多的 ...
- 014.Docker Harbor+Keepalived+LVS+共享存储高可用架构
一 多Harbor高可用介绍 共享后端存储是一种比较标准的方案,将多个Harbor实例共享同一个后端存储,任何一个实例持久化到存储的镜像,都可被其他实例中读取.通过前置LB组件,如Keepalived ...
- selenium 结合 docker 构建分布式测试环境 (初学者视角)
前言:随着自动化测试越学越深,深深觉得有太多的东西需要总结. 1.记录下学习中遇到的坑,当做学习笔记.2.有前人路过看到文章中比较落后的做法,请务必一定要指教.(因为是初学者视角,很多东西只是走通而已 ...
- docker harbor 清理释放存储空间
0.harbor界面端清理镜像 1.停止docker harbor docker-compose stop 2.预览运行效果 docker run -it --name gc --rm --volum ...
- ubuntu 安装企业级容器 docker harbor
安装docker harbor 企业级容器 环境说明: 操作系统: ubuntu16.04.5 LTS IP地址: 192.168.31.129 https://github.com/goh ...
- Docker Harbor私有仓库部署与管理 (超详细配图)
Docker Harbor私有仓库部署与管理 1.Harbor 介绍 2.Harbor部署 3.Harbor管理 1.Harbor 介绍: 什么是 Harbor ? Harbor 是 VMware 公 ...
- .NET遇上Docker - Harbor的安装与基本使用
Harbor是一个开源企业级Docker注册中心,可以用于搭建私有的Docker Image仓库.可以实现权限控制等. 安装Harbor 首先,需要安装Docker和Docker Compose,参考 ...
- Docker: Harbor一些小知识
镜像文件上传到私有仓库harbor后,镜像的物理存储位置在哪里? 这些信息记录在docker-compose.yml里,通过观察发现 镜像存储在了宿主机的 volumes: - /data/regis ...
- Hadoop环境搭建--Docker完全分布式部署Hadoop环境(菜鸟采坑吐血整理)
系统:Centos 7,内核版本3.10 本文介绍如何从0利用Docker搭建Hadoop环境,制作的镜像文件已经分享,也可以直接使用制作好的镜像文件. 一.宿主机准备工作 0.宿主机(Centos7 ...
随机推荐
- SqlServer提示对象名无效
执行脚本 exec sp_msforeachtable "sp_changeobjectowner '?','dbo'"
- 转载:VMware Esxi开通SSH功能
转载:https://www.cnblogs.com/dsl146/p/13739953.html ESXi 5.5是直接安装在物理主机上的一个虚拟机系统,本质上是一个Linux系统.平时可以通过VM ...
- VS Code中使用live Server
live server可以实时查看代码更改后的变化.测试十分快速. 1.安装live server 在扩展中搜索 live server,然后点击安装.等待安装完毕进行下一步配置. 2.打开设置界面: ...
- 错误:为仓库 'appstream' 下载元数据失败 : Cannot prepare internal mirrorlist: No URLs in mirrorlist
sudo sed -i -e "s|mirrorlist=|#mirrorlist=|g" /etc/yum.repos.d/CentOS-* sudo sed -i -e &qu ...
- OS基础-四大基本特征
现代计算机操作系统的四大基本特性(并发/共享/虚拟/异步) 1.并发性 1.1.并发与并行区别 并发是指宏观上在一段时间内能同时运行多个程序,而并行则指同一时刻能运行多个指令.并发需要硬件支持,如多流 ...
- ABAC框架-casbin
参考文档:https://www.kancloud.cn/oldlei/casbin/1289455 参考博客:https://www.cnblogs.com/studyzy/p/11380736.h ...
- ROS节点开机自启的方法
ROS节点开机自启的方法(Ubuntu- melodic) 一. 使用命令 sudo apt install ros-melodic-robot-upstart 安装 robot-upstart工具包 ...
- 关于MySQL建立库表时大写自动转换为小写的解决方案
mysql 5.6以上windows对大小写敏感要在my.ini中的[mysqld]下面设置lower_case_table_names = 2 网上有的要改成0 亲测报错 [○・`Д´・ ○]
- Lua基础语法学习笔记
Lua是一门语言,我们可以使用一个库,可以在运行时去编译执行Lua中的代码,从而实现自己的内存中的数据和逻辑: 准备学习环境: 新建一个Lua项目目录,用来写我们的Lua代码: 进入目录,右键使用vs ...
- hyperf协程免费查询快递物流
https://blog.csdn.net/lin5188230/article/details/124920474