1、文件下载

# wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v1.5.1.tgz

安装官网参考

https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md

2、安装docker-compose(pip方式)

yum添加源

# yum install epel-release -y

清空yum缓存文件

# yum clean all

安装python-pip

# yum install python-pip -y

安装docker-compost

# pip install -U docker-compose

查看docker-compose版本

# docker-compose -v

解压

# tar zxvf harbor-online-installer-v1.5.1.tgz

修改Harbor的配置文件

# vi harbor.cfg

只修改hostname选项其他不需要改动

## Configuration file of Harbor

# hostname设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost
hostname = 172.16.1.146 # 访问协议,默认是http,也可以设置https,如果设置https,则nginx ssl需要设置on
ui_url_protocol = http # mysql数据库root用户默认密码root123,实际使用时修改下
db_password = root123 # 是否开启自注册,on开启,off关闭,可以关闭掉。
self_registration = off # 启动Harbor后,管理员UI登录的密码,默认是Harbor12345
harbor_admin_password = Harbor12345 #镜像同步job数量
max_job_workers = customize_crt = on #https时候使用
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA # 邮件设置,发送重置密码邮件时使用
email_identity =
email_server = smtp.mydomain.com
email_server_port =
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false # 认证方式,这里支持多种认证方式,如LADP、本次存储、数据库认证。默认是db_auth,mysql数据库认证
auth_mode = db_auth # LDAP认证时配置项
#ldap_url = ldaps://ldap.mydomain.com
#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com
#ldap_search_pwd = password
#ldap_basedn = ou=people,dc=mydomain,dc=com
#ldap_filter = (objectClass=person)
#ldap_uid = uid
#ldap_scope =
#ldap_timeout = # Token有效时间,默认30分钟
token_expiration = # 用户创建项目权限控制,默认是everyone(所有人),也可以设置为adminonly(只能管理员)
project_creation_restriction = everyone verify_remote_cert = on #日志数量
log_rotate_count = #单个日志大小
log_rotate_size = 200M

docker-compost配置修改(视情况修改)

修改页面端口

# vi docker-compose.yml

proxy:
image: vmware/nginx-photon:v1.5.1
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
#如果需要,可以修改对外端口为
# - 8888:80
- :
- :
- :
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"

修改common/templates/registry/onfig.yml

# cd common/templates/registry/

# vi config.yml

注意:不需要做任何改动

version: 0.1
log:
level: info
fields:
service: registry
storage:
cache:
layerinfo: inmemory
$storage_provider_info
maintenance:
uploadpurging:
enabled: false
delete:
enabled: true
http:
addr: :
secret: placeholder
debug:
addr: localhost:
auth:
token:
issuer: harbor-token-issuer
#如果需要,可以添加端口8888
#realm: $public_url/service/token
rootcertbundle: /etc/registry/root.crt
service: harbor-registry
notifications:
endpoints:
- name: harbor
disabled: false
url: $ui_url/service/notifications
timeout: 3000ms
threshold:
backoff: 1s

修改docker-compose.yml

# vi docker-compose.yml

version: ''
services:
log:
image: vmware/harbor-log:v1.5.1
container_name: harbor-log
restart: always
volumes:
#harbor日志目录
- /var/log/harbor/:/var/log/docker/:z
- ./common/config/log/:/etc/logrotate.d/:z
ports:
- 127.0.0.1::
networks:
- harbor
registry:
image: vmware/registry-photon:v2.6.2-v1.5.1
container_name: registry
restart: always
volumes:
#registry存储目录
- /data/registry:/storage:z
- ./common/config/registry/:/etc/registry/:z
networks:
- harbor
ports:
   - 5000:5000
environment:
- GODEBUG=netdns=cgo
command:
["serve", "/etc/registry/config.yml"]
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "registry"
mysql:
image: vmware/harbor-db:v1.5.1
container_name: harbor-db
restart: always
volumes:
- /data/database:/var/lib/mysql:z
networks:
- harbor
env_file:
- ./common/config/db/env
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "mysql"
adminserver:
image: vmware/harbor-adminserver:v1.5.1
container_name: harbor-adminserver
env_file:
- ./common/config/adminserver/env
restart: always
volumes:
- /data/config/:/etc/adminserver/config/:z
- /data/secretkey:/etc/adminserver/key:z
- /data/:/data/:z
networks:
- harbor
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "adminserver"
ui:
image: vmware/harbor-ui:v1.5.1
container_name: harbor-ui
env_file:
- ./common/config/ui/env
restart: always
volumes:
- ./common/config/ui/app.conf:/etc/ui/app.conf:z
- ./common/config/ui/private_key.pem:/etc/ui/private_key.pem:z
- ./common/config/ui/certificates/:/etc/ui/certificates/:z
- /data/secretkey:/etc/ui/key:z
- /data/ca_download/:/etc/ui/ca/:z
- /data/psc/:/etc/ui/token/:z
networks:
- harbor
depends_on:
- log
- adminserver
- registry
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "ui"
jobservice:
image: vmware/harbor-jobservice:v1.5.1
container_name: harbor-jobservice
env_file:
- ./common/config/jobservice/env
restart: always
volumes:
- /data/job_logs:/var/log/jobs:z
- ./common/config/jobservice/config.yml:/etc/jobservice/config.yml:z
networks:
- harbor
depends_on:
- redis
- ui
- adminserver
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "jobservice"
redis:
image: vmware/redis-photon:v1.5.1
container_name: redis
restart: always
volumes:
- /data/redis:/data
networks:
- harbor
depends_on:
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "redis"
proxy:
image: vmware/nginx-photon:v1.5.1
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
#如果需要,可以修改对外端口为
# - 8888:80
- :
- :
- :
depends_on:
- mysql
- registry
- ui
- log
logging:
driver: "syslog"
options:
syslog-address: "tcp://127.0.0.1:1514"
tag: "proxy"
networks:
harbor:
external: false

安装

[root@localhost harbor]# sudo ./install.sh  --with-clair

# docker-compose ps

由于是http,直接登录会报错

[root@localhost harbor]# docker login 192.168.100.117
Username: admin
Password:
Error response from daemon: Get https://192.168.100.117/v2/: dial tcp 192.168.100.117:443: connect: connection refused

客户端配置修改

免https修改

修改/etc/docker/daemon.json,添加{"insecure-registries":["192.168.100.117"]}

# echo '{"insecure-registries":["192.168.100.117"]}' >> /etc/docker/daemon.json

# cat /etc/docker/daemon.json

# systemctl daemon-reload

# systemctl restart docker

再次登录

# docker-compose ps

# docker login 192.168.100.117

[root@localhost harbor]# docker login 192.168.100.117
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded

页面访问

启动完成后,我们访问刚设置的hostname即可http://192.168.100.117/,默认是80端口,如果端口占用,我们可以去修改docker-compose.yml文件中,对应服务的端口映射。

http://192.168.100.117/harbor/sign-in

页面正常访问

用户名:admin 
密码:Harbor12345

新建一个项目

查看如何push镜像到demo-project

# docker images

打标签并且上传

给镜像打tag

# docker tag centos:latest 192.168.100.117/demo-project/centos:latest

push到仓库

# docker push 192.168.100.117/demo-project/centos:latest

# docker images

查看是否成功

删除本地镜像,重新下载

# docker rmi 192.168.100.117/demo-project/centos

# docker pull 192.168.100.117/demo-project/centos

启动之后停止或启动harbor的话,可以使用命令:

$ sudo docker-compose -f ./docker-compose.yml -f ./docker-compose.chartmuseum.yml [ up|down|ps|stop|start ]

# sudo docker-compose -f /root/harbor/docker-compose.yml -f /root/harbor/docker-compose.clair.yml start

# sudo docker-compose -f /root/harbor/docker-compose.yml -f /root/harbor/docker-compose.clair.yml stop

更多使用说明参考:

https://github.com/vmware/harbor/blob/master/docs/user_guide.md

参考博客:

harbor安装和简单使用

https://blog.csdn.net/qq_30062125/article/details/82772087

docker私库harbor的搭建

https://www.cnblogs.com/smilezgy/p/9545553.html

docker镜像仓库harbor之搭建及配置

https://blog.csdn.net/aixiaoyang168/article/details/73549898

centos7.3搭建harbor
https://blog.csdn.net/qq12547345/article/details/79482468

docker私库harbor的搭建的更多相关文章

  1. docker私库Harbor部署(转载)

    系统环境 centos7.3docker-ce docker version: 18.03.0docker-compose version: 1.21.0 Install Docker CE 安装依赖 ...

  2. ubuntu16搭建docker私库

    测试环境如下: 一.docker的安装 安装方法请查看这里的 安装教程 二.设置普通用户 1. centos的设置方法 $ sudo gpasswd -a docker ${USER} 2. ubun ...

  3. Docker镜像仓库Harbor之搭建及配置

    目录 Harbor介绍环境.软件准备Harbor服务搭建Harbor跨数据复制配置FAQ1.Harbor 介绍 Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的 ...

  4. Easypack容器系列之:Nexus 3:Docker私库

    Nexus作为私库管理最为流行的工具之中的一个,用于包的管理和Docker镜像管理的私库管理场景中非经常常使用.Easypack利用最新版本号的oss版Nexus作为基础镜像用于提供相似服务. 本文将 ...

  5. ubuntu 14.04 https 形式安装docker 私有库 harbor

    起始目录/root,root 登陆后,直接在该目录进行下面的命令 下载harbor 预编译包 0.4.5 准备通过域名 reg.server.com 来访问镜像库所以需要在/etc/hosts 文件中 ...

  6. Docker: vmware企业级docker镜像私服--Harbor的搭建

    1.下载harbor,地址https://github.com/vmware/harbor2.进入harbor-master/Deploy目录,修改harbor.cfg文件,主要修改以下信息      ...

  7. Docker4-docker私库的搭建及常用方法-docker-registry方式

    一.简单介绍 前面已经介绍,可以使用Docker Hub公共仓库,但是大多数情况企业都需要创建一个本地仓库供自己使用.这里介绍几种搭建私库的方法 私库的好处有几点 1.节约带宽 2.可以自己定制系统 ...

  8. Docker version 1.12.5建立registry私库

    sudo docker run -d -p 5000:5000 -v /opt/data/registry:/var/lib/registry registry :前面的是宿主机的地址(/opt/da ...

  9. mesos+marathon+zookeeper的docker管理集群亲手搭建实例(环境Centos6.8)

    资源:3台centos6.8虚拟机 4cpu 8G内存 ip 10.19.54.111-113 1台centos6.8虚拟机2cpu 8G ip 10.19.53.55 1.System Requir ...

随机推荐

  1. hdu4289 Control 最大流最小割

    You, the head of Department of Security, recently received a top-secret information that a group of ...

  2. 使用tailor 轻松方便的集成web 框架react&&vue

    tailor 是一款很方便的layout 服务,类似facebook 的bigpipe,我们可以使用此工具 方便的集成各类web 框架,实现micro-fronteds 开发 参考demo https ...

  3. 02HDFS架构

    https://www.cnblogs.com/zhoujingyu/p/5040957.html https://blog.csdn.net/firstchange/article/details/ ...

  4. mysql全备和增量备份以及恢复过程(percona工具)

    实验环境 系统环境,内核版本和xtrabackup工具版本 [root@linux-node1 mysql]# cat /etc/redhat-release CentOS Linux release ...

  5. Zabbix-2.4-安装-2

    zabbix自定义报警-动作   打开资产自动接收   这里看到主机资产有数据了,这里的数据,就是来自下面的关联 上面的数据就是设置login-user时候设置的关联    有些关联显示的慢,比如下面 ...

  6. href="javacript:;" href="javacript:void(0);" href="#"区别。。。

    一.href="javacript:;"  这种用法不正确,这么用的话会出现浏览器访问“javascript:;”这个地址的现象: 二.href="javacript:v ...

  7. .ajax向后台传递数组(转)

    js部分代码 //创建一个测试数组 var boxIds = new Array(); boxIds.push(12182); boxIds.push(12183); boxIds.push(1218 ...

  8. 'ascii' codec can't encode characters in position 0-2: ordinal not in range(128)

    问题 rds_content = "{}, 执行了变更,sql语句:{}".format(ExecuteTime, sqls) 'ascii' codec can't encode ...

  9. Spark代码Eclipse远程调试

    我们在编写Spark Application或者是阅读源码的时候,我们很想知道代码的运行情况,比如参数设置的是否正确等等.用Logging方式来调试是一个可以选择的方式,但是,logging方式调试代 ...

  10. Sql Server Report Service 的部署问题(Reporting Service 2014為什麼不需要IIS就可以運行)

    http://www.cnblogs.com/syfblog/p/4651621.html Sql Server Report Service 的部署问题 近期在研究SSRS部署问题,因为以前也用到过 ...