条件:安装docker&docker-compose

如未安装,请看:linux离线安装docker + docker-compose

harbor

1.下载

下载地址:https://github.com/goharbor/harbor/releases

2.安装

1.上传至服务器,并解压

tar -zxvf harbor-offline-installer-v1.10.6.tgz

2.配置Harbor(我的版本为yml格式,有一些为cfg格式)

# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.

# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.

# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost

hostname: 192.168.1.4 #这里需求修改为ip或者域名

# http related config

http:

  # port for http, default is 80. If https enabled, this port will redirect to https port

  port: 80

# https related config

#因为测试使用 HTTP 协议,故将 HTTPS 配置注释

#生产环境必须要使用 HTTPS,并且 HTTPS 需要额外的配置

#https:

  # https port for harbor, default is 443

#  port: 443

  # The path of cert and key files for nginx

#  certificate: /your/certificate/path

#  private_key: /your/private/key/path

# Uncomment external_url if you want to enable external proxy

# And when it enabled the hostname will no longer used

# external_url: https://reg.mydomain.com:8433

# The initial password of Harbor admin

# It only works in first time to install harbor

# Remember Change the admin password from UI after launching Harbor.

#harbor 系统管理员密码配置,账户admin,密码默认为Harbor12345

harbor_admin_password: Harbor12345

# Harbor DB configuration

#DB配置

database:

  # The password for the root user of Harbor DB. Change this before any production use.

  #密码默认为root123

  password: root123

  # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.

  max_idle_conns: 50

  # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.

  # Note: the default number of connections is 100 for postgres.

  max_open_conns: 100

# The default data volume

data_volume: /data

# Harbor Storage settings by default is using /data dir on local filesystem

# Uncomment storage_service setting If you want to using external storage

# storage_service:

#   # ca_bundle is the path to the custom root ca certificate, which will be injected into the truststore

#   # of registry's and chart repository's containers.  This is usually needed when the user hosts a internal storage with self signed certificate.

#   ca_bundle:

#   # storage backend, default is filesystem, options include filesystem, azure, gcs, s3, swift and oss

#   # for more info about this configuration please refer https://docs.docker.com/registry/configuration/

#   filesystem:

#     maxthreads: 100

#   # set disable to true when you want to disable registry redirect

#   redirect:

#     disabled: false

# Clair configuration

clair:

  # The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.

  updaters_interval: 12

jobservice:

  # Maximum number of job workers in job service

  max_job_workers: 10

notification:

  # Maximum retry count for webhook job

  webhook_job_max_retry: 10

chart:

  # Change the value of absolute_url to enabled can enable absolute url in chart

  absolute_url: disabled

# Log configurations

log:

  # options are debug, info, warning, error, fatal

  level: info

  # configs for logs in local storage

  local:

    # Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.

    rotate_count: 50

    # Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes.

    # If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G

    # are all valid.

    rotate_size: 200M

    # The directory on your host that store log

    location: /var/log/harbor

  # Uncomment following lines to enable external syslog endpoint.

  # external_endpoint:

  #   # protocol used to transmit log to external endpoint, options is tcp or udp

  #   protocol: tcp

  #   # The host of external endpoint

  #   host: localhost

  #   # Port of external endpoint

  #   port: 5140

#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!

_version: 1.10.0

# Uncomment external_database if using external database.

# external_database:

#   harbor:

#     host: harbor_db_host

#     port: harbor_db_port

#     db_name: harbor_db_name

#     username: harbor_db_username

#     password: harbor_db_password

#     ssl_mode: disable

#     max_idle_conns: 2

#     max_open_conns: 0

#   clair:

#     host: clair_db_host

#     port: clair_db_port

#     db_name: clair_db_name

#     username: clair_db_username

#     password: clair_db_password

#     ssl_mode: disable

#   notary_signer:

#     host: notary_signer_db_host

#     port: notary_signer_db_port

#     db_name: notary_signer_db_name

#     username: notary_signer_db_username

#     password: notary_signer_db_password

#     ssl_mode: disable

#   notary_server:

#     host: notary_server_db_host

#     port: notary_server_db_port

#     db_name: notary_server_db_name

#     username: notary_server_db_username

#     password: notary_server_db_password

#     ssl_mode: disable

# Uncomment external_redis if using external Redis server

# external_redis:

#   host: redis

#   port: 6379

#   password:

#   # db_index 0 is for core, it's unchangeable

#   registry_db_index: 1

#   jobservice_db_index: 2

#   chartmuseum_db_index: 3

#   clair_db_index: 4

# Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.

# uaa:

#   ca_file: /path/to/ca

# Global proxy

# Config http proxy for components, e.g. http://my.proxy.com:3128

# Components doesn't need to connect to each others via http proxy.

# Remove component from `components` array if want disable proxy

# for it. If you want use proxy for replication, MUST enable proxy

# for core and jobservice, and set `http_proxy` and `https_proxy`.

# Add domain to the `no_proxy` field, when you want disable proxy

# for some special registry.

proxy:

  http_proxy:

  https_proxy:

  # no_proxy endpoints will appended to 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-server

  no_proxy:

  components:

    - core

    - jobservice

    - clair

3.启动Harbor

修改完配置文件后,在的当前目录执行./install.sh,Harbor服务就会根据当期目录下的docker-compose.yml开始下载依赖的镜像,检测并按照顺序依次启动各个服务

sudo ./install.sh

成功

3、Harbor仓库使用

1)、登录Web Harbor

输入账户密码进入  默认账号/密码:admin/Harbor12345

新建项目

4、Harbor的使用(上传下载镜像)

新建项目后,使用admin用户提交镜像到Harbor仓库

1、使用docker login

docker login 192.168.1.4

使用docker login出现如下问题:

原因:因为使用的是 HTTP协议故需要在客户端进行配置

Username: admin

Password:

Error response from daemon: Get https://192.168.1.4/v2/: dial tcp 192.168.1.4:443: connect: connection refused

解决方案:

1、修改 /etc/docker/daemon.json 文件,加入"insecure-registries" : 服务器i
sudo vi /etc/docker/daemon.json
#文件加入
"insecure-registries":[""]

2.修改后重启 Docker 服务

sudo systemctl restart docker

3、再次登录

登录成功

5、使用

1、 给镜像打tag

进入刚刚创建的test

2、查看推送镜像的DOCKER命令

3、这里使用goharbor/nginx-photon为案例

docker tag goharbor/nginx-photon:v1.10.6 ip/test/harbor-nginx:v1.0.2

4、打完成后,查看

docker images

5、推送

docker push ip/test/harbor-nginx:v1.0.2

6、推送成功,查看

7、下载

docker pull ip/test/harbor-nginx:v1.0.2

linux搭建harbor与使用的更多相关文章

  1. 搭建Harbor企业级docker仓库

    搭建Harbor企业级docker仓库 一.Harbor简介 1.Harbor介绍 Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器,通过添加一些企业必需的功能特性,例如 ...

  2. 搭建Harbor私有镜像仓库--v1.5.1

     搭建Harbor私有镜像仓库--v1.5.1 1.介绍 Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署我们私有环境 ...

  3. Docker私服搭建--Harbor

    Docker私服搭建--Harbor Harbor概述 Harbor的安全机制 Harbor的镜像同步 Harbor的镜像同步机制 Harbor的多级部署 一.安装 1.1 docker安装 1.2 ...

  4. Linux 搭建Nexus

    Linux 安装Maven和nexus代理仓库 1    说明 环境:redhat Enterprise Linux Server5.3-x64. 版本:Maven 3.0.5 ,Nexus-2.5. ...

  5. Linux 搭建SVN 服务器(转)

    一. SVN 简介 Subversion(SVN) 是一个开源的版本控制系統, 也就是说 Subversion 管理着随时间改变的数据. 这些数据放置在一个中央资料档案库 (repository) 中 ...

  6. 原 Linux搭建SVN 服务器2

    原 Linux搭建SVN 服务器 发表于1年前(2014-08-05 17:55)   阅读(12257) | 评论(3) 31人收藏此文章, 我要收藏 赞3 摘要 Linux搭建SVN 服务器 目录 ...

  7. 原 Linux搭建SVN 服务器

    原 Linux搭建SVN 服务器 发表于1年前(2014-08-05 17:55)   阅读(12257) | 评论(3) 31人收藏此文章, 我要收藏 赞3 摘要 Linux搭建SVN 服务器 目录 ...

  8. Linux搭建SVN 服务器

    Linux搭建SVN 服务器 1          安装SVN 2          使用客户端连接 2.1       使用windows的客户端 2.2       使用Linux下的命令行 3  ...

  9. Linux 搭建SVN server

    一. SVN 简单介绍 Subversion(SVN) 是一个开源的版本号控制系統, 也就是说 Subversion 管理着随时间改变的数据. 这些数据放置在一个中央资料档案库 (repository ...

随机推荐

  1. react 实现组件嵌套以及子组件与父组件之间的通信

    当子组件触发onChange事件时,实际调用的是父组件中的handelSelect函数,通俗来说就是父组件通过属性handleSelect实现与子组件之间的通信. 父组件:SignupForm 子组件 ...

  2. ubuntu16安装ROS(包括win10子系统ubuntu同样能用)

    1.  sudo sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > ...

  3. 线程安全之ConcurrentQueue<T>队列

    最近在弄一个小项目,大概600w行的数据,要进行数据清洗,因数据量偏大,如果单线程去执行,会造成效率偏低,只能用多线程了,但采用多线程存在线程安全问题,于是查了下资料,发现有ConcurrentQue ...

  4. 分布式文档存储数据库之MongoDB备份与恢复

    前文我们聊了下mongodb的访问控制以及用户创建和角色分配,回顾请参考https://www.cnblogs.com/qiuhom-1874/p/13974656.html:今天我们来了解下mong ...

  5. httpserver ---tcp参数设置

    1.SO_REUSEADDR选项: 在服务器程序中,SO_REUSEADDR socket选项通常在调用bind()之前被设置.SO_REUSEADDR可以用在以下四种情况下: (摘自<Unix ...

  6. android打包持续集成

    背景: 领导下发需求,要求客户端实现代码自动上传至github的需求,本来我这项目是使用jenkins实现自动化打包操作的,由于两端不统一,再加上如果需要公司所有人看到包,需要给所有人开账号有些许不切 ...

  7. 定位一个网络问题引起的ceph异常

    前言 有一个ceph环境出现了异常,状态就是恢复异常的慢,但是所有数据又都在走,只是非常的慢,本篇将记录探测出问题的过程,以便以后处理类似的问题有个思路 处理过程 问题的现象是恢复的很慢,但是除此以外 ...

  8. ceph集群的安装和配置教程

    本篇主题: 1.怎样配置ssh免登陆访问 2.为什么搭建集群要关闭防火墙和selinux,如何关闭 3.从哪里获取ceph的安装包,怎样安装才是快速正确的 4.为什么要配置时间同步服务,怎样配置 5. ...

  9. 贼厉害,手撸的 SpringBoot 缓存系统,性能杠杠的!

    一.通用缓存接口 二.本地缓存 三.分布式缓存 四.缓存"及时"过期问题 五.二级缓存 缓存是最直接有效提升系统性能的手段之一.个人认为用好用对缓存是优秀程序员的必备基本素质. 本 ...

  10. FTP漏洞利用复现

    目录 FTP弱口令漏洞 FTP后门漏洞利用 FTP弱口令漏洞 漏洞描述 FTP弱口令或匿名登录漏洞,一般指使用FTP的用户启用了匿名登录功能,或系统口令的长度太短.复杂度不够.仅包含数字.或仅包含字母 ...