本子资源紧张,虚拟机harbor和master共用了一台主机
准备一个docker-compose 1 2 mv docker-compose /usr/local/bin/ chmod +x /usr/local/bin/docker-compose
准备安装包harbor 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 tar -xvf harbor-offline-installer-v1.2.0.tgz mv harbor /usr/local/ #编辑配置文件 [root@k8s-master harbor]# egrep -v "^$|^#" harbor.cfg hostname = hub.islocal.cc #harbor域名 ui_url_protocol = https #采用https协议 db_password = root123 #数据库密码 max_job_workers = 3 customize_crt = on ssl_cert = /data/cert/server.crt #证书 ssl_cert_key = /data/cert/server.key secretkey_path = /data admiral_url = NA clair_db_password = password email_identity = email_server = smtp.mydomain.com email_server_port = 25 email_username = sample_admin@mydomain.com email_password = abc email_from = admin <sample_admin@mydomain.com> email_ssl = false harbor_admin_password = Harbor12345 #harbor 访问密码 auth_mode = db_auth ldap_url = ldaps://ldap.mydomain.com ldap_basedn = ou=people,dc=mydomain,dc=com ldap_uid = uid ldap_scope = 3 ldap_timeout = 5 self_registration = on token_expiration = 30 project_creation_restriction = everyone verify_remote_cert = on
生成证书 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 mkdir -p /data/cert/ cd /data/cert/ #生成私钥 [root@k8s-master cert]# openssl genrsa -des3 -out server.key 2048 Generating RSA private key, 2048 bit long modulus ...+++ ......................+++ e is 65537 (0x10001) Enter pass phrase for server.key: #输入密码 Verifying - Enter pass phrase for server.key: #再次输入密码 #生成证书 [root@k8s-master cert]# openssl req -new -key server.key -out server.csr Enter pass phrase for server.key: #输入生成秘钥时候设置的密码 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN #输入国家名 State or Province Name (full name) []:SHAANXI #输入省份 Locality Name (eg, city) [Default City]:XI'AN #输入城市名 Organization Name (eg, company) [Default Company Ltd]:islocal #输入组织名 Organizational Unit Name (eg, section) []:islocal #输入组织名 Common Name (eg, your name or your server's hostname) []:hub.islocal.cc #输入域名 Email Address []:10887272@qq.com #输入电子邮箱地址 Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: #不修改密码 An optional company name []: #备份一下证书 cp server.key server.key.org #转换证书,退掉密码 [root@k8s-master cert]# openssl rsa -in server.key.org -out server.key Enter pass phrase for server.key.org: writing RSA key #签名证书 [root@k8s-master cert]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt Signature ok subject=/C=CN/ST=SHAANXI/L=XI'AN/O=islocal/OU=islocal/CN=hub.islocal.cc/emailAddress=10887272@qq.com Getting Private key #添加权限 chmod +x /data/cert/*
安装Harbor 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 [root@k8s-master harbor]# pwd /usr/local/harbor [root@k8s-master harbor]# ./install.sh [Step 0]: checking installation environment ... Note: docker version: 20.10.21 Note: docker-compose version: 1.23.1 [Step 1]: loading Harbor images ... dd60b611baaa: Loading layer [==================================================>] 133.2MB/133.2MB 2e814f7ef645: Loading layer [==================================================>] 2.048kB/2.048kB bc5742b580db: Loading layer [==================================================>] 2.048kB/2.048kB 5413bcdb81b0: Loading layer [==================================================>] 2.56kB/2.56kB c4e2be066795: Loading layer [==================================================>] 3.584kB/3.584kB a4ea62be60b0: Loading layer [==================================================>] 22.8MB/22.8MB 800a351ae5da: Loading layer [==================================================>] 22.8MB/22.8MB Loaded image: vmware/registry:2.6.2-photon Loaded image: photon:1.0 a39bd6a7f897: Loading layer [==================================================>] 10.95MB/10.95MB 6f79b8337a1f: Loading layer [==================================================>] 17.3MB/17.3MB 74bbd0e81dd0: Loading layer [==================================================>] 15.87kB/15.87kB Loaded image: vmware/notary-photon:signer-0.5.0 c192a34d4ff4: Loading layer [==================================================>] 155.2MB/155.2MB d012a9276a83: Loading layer [==================================================>] 10.75MB/10.75MB b8befd881cb5: Loading layer [==================================================>] 10.75MB/10.75MB Loaded image: vmware/clair:v2.0.1-photon e0b3d6a2361d: Loading layer [==================================================>] 1.536kB/1.536kB 3a527b0785bc: Loading layer [==================================================>] 22.48MB/22.48MB 1efe51df48d0: Loading layer [==================================================>] 7.168kB/7.168kB c20026b42fab: Loading layer [==================================================>] 5.338MB/5.338MB 615c076c8d0a: Loading layer [==================================================>] 9.728kB/9.728kB 133d7170cbc1: Loading layer [==================================================>] 2.56kB/2.56kB 8e5b68c51d96: Loading layer [==================================================>] 22.48MB/22.48MB Loaded image: vmware/harbor-ui:v1.2.0 9463fb852970: Loading layer [==================================================>] 75.37MB/75.37MB e6020d0bad7b: Loading layer [==================================================>] 3.584kB/3.584kB 3fbf59525988: Loading layer [==================================================>] 3.072kB/3.072kB 37bccef91571: Loading layer [==================================================>] 3.072kB/3.072kB Loaded image: vmware/harbor-log:v1.2.0 5d6cbe0dbcf9: Loading layer [==================================================>] 129.2MB/129.2MB 435f2dfbd884: Loading layer [==================================================>] 344.6kB/344.6kB 814d7b59f0cc: Loading layer [==================================================>] 4.657MB/4.657MB aae399245bd0: Loading layer [==================================================>] 1.536kB/1.536kB 21e2ae955f72: Loading layer [==================================================>] 33.84MB/33.84MB a2d0f7b84059: Loading layer [==================================================>] 25.09kB/25.09kB 819fa6af55b8: Loading layer [==================================================>] 3.584kB/3.584kB 78914c99a468: Loading layer [==================================================>] 167.7MB/167.7MB 36e79c658afb: Loading layer [==================================================>] 6.144kB/6.144kB f73503aca003: Loading layer [==================================================>] 9.216kB/9.216kB a21b39f6da59: Loading layer [==================================================>] 1.536kB/1.536kB d7141699e1d4: Loading layer [==================================================>] 8.704kB/8.704kB af296516d219: Loading layer [==================================================>] 4.608kB/4.608kB b1ea8c380e6d: Loading layer [==================================================>] 4.608kB/4.608kB Loaded image: vmware/harbor-db:v1.2.0 7ebf4b23a7e8: Loading layer [==================================================>] 19.6MB/19.6MB Loaded image: vmware/nginx-photon:1.11.13 bbda1562018e: Loading layer [==================================================>] 101.6MB/101.6MB 1171ab08cc04: Loading layer [==================================================>] 6.656kB/6.656kB 6df81d3a0683: Loading layer [==================================================>] 6.656kB/6.656kB Loaded image: vmware/postgresql:9.6.4-photon 1576c9b2b2cd: Loading layer [==================================================>] 7.07MB/7.07MB 1812ceac4c95: Loading layer [==================================================>] 7.07MB/7.07MB Loaded image: vmware/harbor-adminserver:v1.2.0 0050db551e77: Loading layer [==================================================>] 18.31MB/18.31MB af9394226ea3: Loading layer [==================================================>] 18.31MB/18.31MB Loaded image: vmware/harbor-jobservice:v1.2.0 4a050fccec52: Loading layer [==================================================>] 12.16MB/12.16MB d918d73369ec: Loading layer [==================================================>] 17.3MB/17.3MB 22898836924e: Loading layer [==================================================>] 15.87kB/15.87kB Loaded image: vmware/notary-photon:server-0.5.0 78dbfa5b7cbc: Loading layer [==================================================>] 130.9MB/130.9MB 5f70bf18a086: Loading layer [==================================================>] 1.024kB/1.024kB 8deec01122be: Loading layer [==================================================>] 344.6kB/344.6kB 574ab36807f2: Loading layer [==================================================>] 1.536kB/1.536kB d8f2cde2eef8: Loading layer [==================================================>] 20.48kB/20.48kB eaa3924b054e: Loading layer [==================================================>] 5.12kB/5.12kB 8aa2c772121c: Loading layer [==================================================>] 184.3MB/184.3MB c3014bbccb0b: Loading layer [==================================================>] 8.704kB/8.704kB 978a35efaa8c: Loading layer [==================================================>] 4.608kB/4.608kB c2385ae7d6e5: Loading layer [==================================================>] 16.6MB/16.6MB Loaded image: vmware/harbor-notary-db:mariadb-10.1.10 [Step 2]: preparing environment ... Generated and saved secret to file: /data/secretkey Generated configuration file: ./common/config/nginx/nginx.conf Generated configuration file: ./common/config/adminserver/env Generated configuration file: ./common/config/ui/env Generated configuration file: ./common/config/registry/config.yml Generated configuration file: ./common/config/db/env Generated configuration file: ./common/config/jobservice/env Generated configuration file: ./common/config/jobservice/app.conf Generated configuration file: ./common/config/ui/app.conf Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt The configuration files are ready, please use docker-compose to start the service. [Step 3]: checking existing instance of Harbor ... [Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-adminserver ... done Creating harbor-db ... done Creating registry ... done Creating harbor-ui ... done Creating harbor-jobservice ... done Creating nginx ... done ✔ ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at https://hub.islocal.cc. For more details, please visit https://github.com/vmware/harbor .
添加hosts记录 1 echo "192.168.111.201 hub.islocal.cc" >> /etc/hosts
配置docker登录 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 [root@k8s-master harbor]# docker login https://hub.islocal.cc Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@k8s-master harbor]# cat /etc/docker/daemon.json { "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "insecure-registries": ["https://hub.islocal.cc"] }
测试镜像上传/下载 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 #上传 [root@k8s-master harbor]# docker image ls |grep nginx nginx latest 88736fe82739 12 days ago 142MB vmware/nginx-photon 1.11.13 285492ff20d6 5 years ago 147MB [root@k8s-master harbor]# docker tag nginx:latest hub.islocal.cc/library/nginx:latest [root@k8s-master harbor]# docker push hub.islocal.cc/library/nginx:latest The push refers to repository [hub.islocal.cc/library/nginx] 6cffb086835a: Pushed e2d75d87993c: Pushed 5a5bafd53f76: Pushed f86e88a471f4: Pushed f7ed3797e296: Pushed ec4a38999118: Pushed latest: digest: sha256:6ad8394ad31b269b563566998fd80a8f259e8decf16e807f8310ecc10c687385 size: 1570 #下载 [root@k8s-master harbor]# docker rmi 88736fe82739 -f Untagged: nginx:latest Untagged: nginx@sha256:e209ac2f37c70c1e0e9873a5f7231e91dcd83fdf1178d8ed36c2ec09974210ba Untagged: hub.islocal.cc/library/nginx:latest Untagged: hub.islocal.cc/library/nginx@sha256:6ad8394ad31b269b563566998fd80a8f259e8decf16e807f8310ecc10c687385 Deleted: sha256:88736fe827391462a4db99252117f136b2b25d1d31719006326a437bb40cb12d Deleted: sha256:2f7529ffbbe947eb797a3610d36b66cc2c5448e3ed8488a3ca7106469022a75b Deleted: sha256:c238310d555716ef00849e741c8bdf5847e0b88170a9e2fa2fc6d3bb1ec1d416 Deleted: sha256:ff134a07bc6f8802b26ba81ddb9c4f1c2d2c2fd32a79589b6a49667cec84d2b9 Deleted: sha256:4a99c0c60c4efd8c1ddfc759d7d01c47168a68d2368bfe33f191c0874930cad2 Deleted: sha256:760987b83c508d5e44ab34ad2cdaa9590ae527957a8fdb3c789592d798486730 Deleted: sha256:ec4a38999118b78eab6899b913a548cb0b2c9b68fd05aff846a56b628b597f38 [root@k8s-master harbor]# docker pull hub.islocal.cc/library/nginx:latest latest: Pulling from library/nginx a603fa5e3b41: Pull complete c39e1cda007e: Pull complete 90cfefba34d7: Pull complete a38226fb7aba: Pull complete 62583498bae6: Pull complete 9802a2cfdb8d: Pull complete Digest: sha256:6ad8394ad31b269b563566998fd80a8f259e8decf16e807f8310ecc10c687385 Status: Downloaded newer image for hub.islocal.cc/library/nginx:latest hub.islocal.cc/library/nginx:latest
启动关闭Harbor 1 2 3 4 启动harbor docker-compose start 关闭harbor docker-compose start
