docker私库Harbor部署(转载)
系统环境
centos7.3
docker-ce docker version: 18.03.0
docker-compose version: 1.21.0
Install Docker CE
安装依赖包
sudo yum install -y yum-utils \
device-mapper-persistent-data \
lvm2
添加仓库文件
sudo yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
安装docker-ce
sudo yum install docker-ce -y
启动docker-ce和开机自启动
sudo systemctl start docker
sudo systemctl enable docker
测试docker
sudo docker run hello-world
安装 docker-compose
pip install docker-compose
pip install --upgrade backports.ssl_match_hostname
安装compose会安装一下东西
Successfully installed PyYAML-3.12 backports.ssl-match-hostname-3.5.0.1 cached-property-1.4.2 certifi-2018.4.16 chardet-3.0.4 docker-3.2.1 docker-compose-1.21.0 docker-pycreds-0.2.2 dockerpty-0.4.1 docopt-0.6.2 enum34-1.1.6 functools32-3.2.3.post2 idna-2.6 ipaddress-1.0.22 jsonschema-2.6.0 requests-2.18.4 six-1.11.0 texttable-0.9.1 urllib3-1.22 websocket-client-0.47.0
安装harhor
创建证书
#创建证书目录
mkdir -p /data/cert
cd /data/cert/
#创建CA根证书
openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt -subj "/C=CN/L=shenzhen/O=yanconggod/CN=harbor-registry"
#生成一个证书签名, 设置访问域名为 harbor.yanconggod.cn
openssl req -newkey rsa:4096 -nodes -sha256 -keyout harbor.yanconggod.cn.key -out server.csr -subj "/C=CN/L=shenzhen/O=yanconggod/CN=harbor.yanconggod.cn"
#生成主机的证书
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out harbor.yanconggod.cn.crt
查看openssl生成的文件
[root@centos-docker cert]# ll
total 24
-rw-r--r--. 1 root root 1948 Apr 17 14:27 ca.crt
-rw-r--r--. 1 root root 3276 Apr 17 14:27 ca.key
-rw-r--r--. 1 root root 17 Apr 17 14:27 ca.srl
-rw-r--r--. 1 root root 1838 Apr 17 14:27 harbor.yanconggod.cn.crt
-rw-r--r--. 1 root root 3272 Apr 17 14:27 harbor.yanconggod.cn.key
-rw-r--r--. 1 root root 1671 Apr 17 14:27 server.csr
下载Harbor
wget http://harbor.orientsoft.cn/harbor-v1.4.0/harbor-offline-installer-v1.4.0.tgz
tar -zxf harbor-offline-installer-v1.4.0.tgz
cd harbor
更改Harbor配置文件
vim /opt/harbor/harbor.cfg
[root@centos-docker harbor]# grep -Ev "^$|^[#;]" harbor.cfg
# 指定私有仓库的主机名,可以是IP地址,也可以是域名
hostname = 10.0.40.134
# 用户访问私仓时使用的协议,默认时http,配置成https
ui_url_protocol = https
max_job_workers = 3
customize_crt = on
# 设置证书文件路径
ssl_cert = /data/cert/harbor.yanconggod.cn.crt
# 设置证书密钥文件路径
ssl_cert_key = /data/cert/harbor.yanconggod.cn.key
secretkey_path = /data
admiral_url = NA
log_rotate_count = 50
log_rotate_size = 200M
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
email_insecure = false
# harbor的管理员账户密码
harbor_admin_password = Harbor12345
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid
ldap_scope = 2
ldap_timeout = 5
ldap_verify_cert = true
self_registration = on
token_expiration = 30
project_creation_restriction = everyone
db_host = mysql
# 指定mysql数据库管理员密码
db_password = root123
db_port = 3306
db_user = root
redis_url =
clair_db_host = postgres
clair_db_password = password
clair_db_port = 5432
clair_db_username = postgres
clair_db = postgres
uaa_endpoint = uaa.mydomain.org
uaa_clientid = id
uaa_clientsecret = secret
uaa_verify_cert = true
uaa_ca_cert = /path/to/ca.pem
registry_storage_provider_name = filesystem
registry_storage_provider_config =
安装harbor
[root@centos-docker harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 18.03.0
Note: docker-compose version: 1.21.0
[Step 1]: loading Harbor images ...
651f69aef02c: Loading layer 135.8MB/135.8MB
40a1aad64343: Loading layer 23.24MB/23.24MB
3fe2713e4072: Loading layer 12.16MB/12.16MB
ba3a1eb0e375: Loading layer 17.3MB/17.3MB
447427ec5e1a: Loading layer 15.87kB/15.87kB
4ccb4026663c: Loading layer 3.072kB/3.072kB
16faa95946a1: Loading layer 29.46MB/29.46MB
Loaded image: vmware/notary-server-photon:v0.5.1-v1.4.0
fa7ba9fd42c9: Loading layer 10.95MB/10.95MB
4e400f9ae23e: Loading layer 17.3MB/17.3MB
2802fb27c88b: Loading layer 15.87kB/15.87kB
e6367a4e1e1e: Loading layer 3.072kB/3.072kB
8ece8dfcdd98: Loading layer 28.24MB/28.24MB
Loaded image: vmware/notary-signer-photon:v0.5.1-v1.4.0
a7dd1a8afcaf: Loading layer 396.7MB/396.7MB
05adebbe496f: Loading layer 9.216kB/9.216kB
86eb534949fa: Loading layer 9.216kB/9.216kB
d7f127c69380: Loading layer 7.68kB/7.68kB
5ac1c4dc5ee9: Loading layer 1.536kB/1.536kB
d0bec56b5b1a: Loading layer 9.728kB/9.728kB
4bbe83860556: Loading layer 2.56kB/2.56kB
e526f9e6769f: Loading layer 3.072kB/3.072kB
Loaded image: vmware/harbor-db:v1.4.0
1cff102bbda2: Loading layer 154.1MB/154.1MB
04c9f3e07de1: Loading layer 10.75MB/10.75MB
7b6c7bf54f5c: Loading layer 2.048kB/2.048kB
42f8acdb7fe3: Loading layer 48.13kB/48.13kB
5b6299d0a1df: Loading layer 10.8MB/10.8MB
Loaded image: vmware/clair-photon:v2.0.1-v1.4.0
6534131f457c: Loading layer 94.76MB/94.76MB
73f582101e4b: Loading layer 6.656kB/6.656kB
86d847823c48: Loading layer 6.656kB/6.656kB
Loaded image: vmware/postgresql-photon:v1.4.0
5cd250d5a352: Loading layer 23.24MB/23.24MB
ad3fd52b54f3: Loading layer 14.99MB/14.99MB
13b1e24cc368: Loading layer 14.99MB/14.99MB
Loaded image: vmware/harbor-adminserver:v1.4.0
c26c69706710: Loading layer 23.24MB/23.24MB
223f6fe02cc8: Loading layer 23.45MB/23.45MB
1fc843c8698a: Loading layer 7.168kB/7.168kB
e09293610ee7: Loading layer 10.39MB/10.39MB
d59f9780b1d8: Loading layer 23.44MB/23.44MB
Loaded image: vmware/harbor-ui:v1.4.0
dd4753242e59: Loading layer 73.07MB/73.07MB
95aed61ca251: Loading layer 3.584kB/3.584kB
1864f9818562: Loading layer 3.072kB/3.072kB
da2a19f80b81: Loading layer 4.096kB/4.096kB
058531639e75: Loading layer 3.584kB/3.584kB
a84e69fb619b: Loading layer 10.24kB/10.24kB
Loaded image: vmware/harbor-log:v1.4.0
b1056051f246: Loading layer 23.24MB/23.24MB
07678065e08b: Loading layer 19.19MB/19.19MB
a2d9bdb8f5fb: Loading layer 19.19MB/19.19MB
Loaded image: vmware/harbor-jobservice:v1.4.0
7f58ce57cd5e: Loading layer 4.805MB/4.805MB
Loaded image: vmware/nginx-photon:v1.4.0
4c8965978b77: Loading layer 23.24MB/23.24MB
1466c942edde: Loading layer 2.048kB/2.048kB
ac5c17331735: Loading layer 2.048kB/2.048kB
86824c7c466a: Loading layer 2.048kB/2.048kB
fd3bd0e70d67: Loading layer 22.8MB/22.8MB
b02195d77636: Loading layer 22.8MB/22.8MB
Loaded image: vmware/registry-photon:v2.6.2-v1.4.0
Loaded image: vmware/photon:1.0
Loaded image: vmware/mariadb-photon:v1.4.0
454c81edbd3b: Loading layer 135.2MB/135.2MB
e99db1275091: Loading layer 395.4MB/395.4MB
051e4ee23882: Loading layer 9.216kB/9.216kB
6cca4437b6f6: Loading layer 9.216kB/9.216kB
1d48fc08c8bc: Loading layer 7.68kB/7.68kB
0419724fd942: Loading layer 1.536kB/1.536kB
526b2156bd7a: Loading layer 637.8MB/637.8MB
9ebf6900ecbd: Loading layer 78.34kB/78.34kB
Loaded image: vmware/harbor-db-migrator:1.4
[Step 2]: preparing environment ...
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db ... done
Creating harbor-adminserver ... done
Creating registry ... done
Creating harbor-ui ... done
Creating nginx ... done
Creating harbor-jobservice ... done
:heavy_check_mark: ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at https://10.0.40.134\.
For more details, please visit https://github.com/vmware/harbor .
web登陆Harhor
创建多一个公开仓库和私有仓库
docker客户端上传镜像
docker客户端能访问web页面即可
#docker登陆Harbor私库
[root@docker-test ~]# docker login -u admin -p Harbor12345 10.0.40.134
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
[root@docker-test ~]#
docker 拉取最新的nginx镜像
[root@docker-test ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
2a72cbf407d6: Pull complete
04b2d3302d48: Pull complete
e7f619103861: Pull complete
Digest: sha256:18156dcd747677b03968621b2729d46021ce83a5bc15118e5bcced925fb4ebb9
Status: Downloaded newer image for nginx:latest
打标签并上传到私有仓库
[root@docker-test ~]# docker tag nginx:latest 10.0.40.134/library/ningx:v1.0
[root@docker-test ~]# docker push 10.0.40.134/library/ningx:v1.0
The push refers to a repository [10.0.40.134/library/ningx]
77e23640b533: Pushed
757d7bb101da: Pushed
3358360aedad: Pushed
v1.0: digest: sha256:d903fe3076f89ad76afe1cbd0e476d9692d79b3835895b5b3541654c85422bf1 size: 948
docker私库Harbor部署(转载)的更多相关文章
- docker私库harbor的搭建
1.文件下载 # wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v1.5.1.tgz 安装官网 ...
- docker 镜像仓库 Harbor 部署 以及 跨数据复制
docker 镜像仓库 Harbor 部署 跨数据复制 Harbor 是 Vmwar 公司开源的 企业级的 Docker Registry 管理项目 它主要 提供 Dcoker Registry 管理 ...
- docker开源仓库Harbor部署笔记
Harbor介绍Harbor是Vmvare团队开发的开源企业级registry仓库,相比docker官方拥有更丰富的权限权利和完善的架构设计,适用大规模docker集群部署提供仓库服务.项目地址:ht ...
- Easypack容器系列之:Nexus 3:Docker私库
Nexus作为私库管理最为流行的工具之中的一个,用于包的管理和Docker镜像管理的私库管理场景中非经常常使用.Easypack利用最新版本号的oss版Nexus作为基础镜像用于提供相似服务. 本文将 ...
- ubuntu16搭建docker私库
测试环境如下: 一.docker的安装 安装方法请查看这里的 安装教程 二.设置普通用户 1. centos的设置方法 $ sudo gpasswd -a docker ${USER} 2. ubun ...
- Docker私有仓库Harbor部署与使用
一.harbor介绍 Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器. 由下面几个组件组成: proxy:nginx前端代理,主要是分发前端页面ui访问和镜像上传和下载 ...
- 企业级Docker镜像仓库Harbor部署与使用
yum install docker 官网地址:https://docs.docker.com/compose/install/ 运行此命令以下载Docker Compose的当前稳定版本 1 sud ...
- Docker镜像仓库Harbor部署
一.Harbor组件 组件 功能 harbor-adminserver 配置管理中心 harbor-db Mysql数据库 harbor-jobservice 负责镜像复制 harbor-log 记录 ...
- docker 系列 - 企业级私有镜像仓库Harbor部署(转载)
本文转载自 搜云库 的文章 https://www.jianshu.com/p/7d76850de03f , 感谢作者 3.png 上一篇文章搭建了一个具有基础功能,权限认证.TLS 的私有仓库, ...
随机推荐
- linux随机字符串
pwgen -s 32 1 openssl passwd -salt openssl rand -base64 32 openssl rand -hex 100
- 尚硅谷springboot学习34-整合SpringData JPA
SpringData简介
- .net core 2.0 HTTPS request fails using HttpClient 安全错误
最近.net core 项目中遇到一个问题,通过Httpclient 访问https的接口报错,错误如下: WinHttpException: A security error occurred Sy ...
- 团队作业6—《Spring_Four》团队项目系统设计改进与详细设计
一.修改完善团队项目系统设计说明书 a.分析<考信项目系统设计说明书>初稿的不足:数据库建模不足 b. 团队项目Github仓库中更新:https://github.com/gzyt/SR ...
- 排序算法(Gif动图演示)
冒牌排序(BubbleSort) 冒泡排序是一种比较简单的排序算法,它循环走过需要排序的元素,依次比较相邻的两个元素,如果顺序错误就交换,直至没有元素交换,完成排序. 若对n个人进行排序,我们需要n- ...
- Arcmap 空间连接,在通过面包含面的空间关系做属性关联的时候,发生关联冗余的问题。
处理过程: (1)用 空间关联 工具实现 面与面的 空间和属性关联. (2) 问题描述: 一个子面要素对应多个父面要素,出现数据冗余. 问题根源: 解决办法: 取子面要素的 中心点,在用中心点和 ...
- 【笔记】Python基础六:模块module介绍及常用模块
一,module模块和包的介绍 1,在Python中,一个.py文件就称之为一个模块(Module). 2,使用模块的好处? 最大的好处是大大提高了代码的可维护性 其次,编写代码不必从零开始,我们编写 ...
- 第八周博客作业 <西北师范大学| 周安伟>
第八周博客作业 助教博客链接https://home.cnblogs.com/u/zaw-315/ 作业要求博客链接https://www.cnblogs.com/nwnu-daizh/p/10687 ...
- laravel 模型操作
1. 简介 2. 创建模型 //模型文件默认创建在app目录下,也可以指定创建在某个文件夹下,如Model/Goods 1. php artisan make:model Goods 2. 这种方式会 ...
- 某公司的U3D笔试题
某公司的U3D笔试题 今天这套笔试题感觉做得一般. 随后是二对一的技术面试,但涉及的技术细节相对较少,更多的是对以前工作.项目经历的询问. 然后说今天先到这里,让我等通知. 我还特意问了一下,通知 ...