一、https 需要的ca证书创建
1056 mkdir -p /data/cert && cd /data/cert
1057 openssl genrsa -out ca.key 2048
1058 openssl req -x509 -new -nodes -key ca.key -days 10000 -out ca.crt -subj "/CN=Harbor-ca"
1059 ll
1060 openssl req -newkey rsa:4096 -nodes -sha256 -keyout server.key -out server.csr
1061 ll
1062 echo subjectAltName = IP:192.168.0.169 > extfile.cnf
1063 cat extfile.cnf
1064 openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -days 365 -extfile extfile.cnf -out server.crt
二、x509: certificate signed by unknown authority 登录时候报错
[root@169_test harbor]# cat /etc/docker/daemon.json
{
"insecure-registries": ["192.168.0.169"]
}
[root@169_test harbor]#
三、harbor.yml配置项目
[root@169_test harbor]# cat harbor.yml |grep -v "#"
hostname: 192.168.0.169
https:
port: 443
certificate: /data/cert/server.crt
private_key: /data/cert/server.key
四、goharbor/nginx-photon:v1.8.0 启动失败
Error response from daemon: configured logging driver does not support reading
关注docker-compose.yml 以下选项是否对应
[root@169_test harbor]# cat docker-compose.yml |grep cert
source: /data/cert/server.key
target: /etc/cert/server.key
source: /data/cert/server.crt
target: /etc/cert/server.crt
[root@169_test harbor]#
五、mytest项目没有创建,用户没有相关项目操作权限,导致报没有权限
[root@169_test ~]# docker login 192.168.0.169
Authenticating with existing credentials...
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@169_test ~]# docker push 192.168.0.169/mytest/mariadb10.3
The push refers to repository [192.168.0.169/mytest/mariadb10.3]
9fe1346a8e46: Preparing
44b71d929e12: Preparing
23402936133c: Preparing
d4149884a4c1: Preparing
c80bf439605a: Preparing
21e1e894139d: Waiting
d69483a6face: Waiting
denied: requested access to the resource is denied
备注:
软件版本:harbor.v1.8.0.tar.gz
备注
上传命令:
登录 docker login 192.168.0.169
查看镜像 docker images
给镜像打标签 docker tag mytest/mariadb10.3:latest 192.168.0.169/mytest/mariadb10.3:latest
查看镜像信息 docker images
上传镜像,注意要有mytest项目 docker push 192.168.0.169/mytest/mariadb10.3