博文目录

Registry和Harbor的区别

Docker Harbor的优点

Docker Harbor依赖的程序

一、搭建Harbor仓库

1、配置Docker Compose

2、配置Docker Harbor公开仓库

3、配置Docker客户端

4、配置Docker Harbor私有仓库

上一篇博文讲到了Registry私有仓库,今天配置一下Harbor仓库,Harbor呢可以作为公开仓库,也可以作为私有仓库,今天就来配置一下Harbor如何实现公开仓库和私有仓库。

关于Registry公开仓库请访问博文:部署Docker私有仓库Registry

Registry和Harbor的区别

  • Registry:是一个私有镜像仓库,图形化支持较差,小型企业使用;

  • Harbor:支持可视化管理,支持私有仓库和公有仓库,支持镜像的管理控制;

Docker Harbor的优点

  • VMWare公司的开源镜像管理解决方案;

  • 支持图形化管理;

  • 方便访问和配置;

  • 方便镜像访问控制;

  • 支持镜像负责策略;

  • 审计统计用户访问镜像使用情况;

Docker Harbor依赖的程序

  • Python;

  • 安装Docker;

  • Docker Compose;

一、搭建Harbor仓库

案例描述:

  • 两台CentOS7.4,一台服务器端,一台客户端(测试使用);

  • 两台服务器都要安装Docker服务,我这里Docker版本是19.03.9版本;

关于Docker容器的安装请访问:安装Docker.v19。03.9版本

1、配置Docker Compose

访问道云官网,找到安装Docker Compose,复制命令到Docker服务器端:道云

Docker搭建Harbor公开仓库_第1张图片

[root@centos01 ~]# curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.5/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose 

[root@centos01 ~]# chmod +x /usr/local/bin/docker-compose 
[root@centos01 ~]# docker-compose -v          
docker-compose version 1.25.5, build 8a1c60f6

2、配置Docker Harbor公开仓库

1)打开Github官网

打开Github官网搜索harbor,再点击goharbor/harbor,再点击“releases”,根据自己所需,下载相应的版本,上传至服务器(网址如下:https://github.com/goharbor/harbor/releases 也可下载在线安装的包,我没试过,可自行尝试),如下:
Docker搭建Harbor公开仓库_第2张图片

2)配置Harbor仓库

harbor-online-installer-v1.9.1.tgz        
[root@centos01 ~]# tar zxvf harbor-online-installer-v1.9.1.tgz -C /usr/local/
        
[root@centos01 ~]# cd /usr/local/harbor/        
[root@centos01 harbor]# cp harbor.yml harbor.yml.bak   
[root@centos01 harbor]# vim harbor.yml       
  5 hostname: 192.168.100.10         

  8 http:            
10   port: 80       
27 harbor_admin_password: Harbor12345      
[root@centos01 harbor]# ./install.sh          
[Step 0]: checking installation environment ...

Note: docker version: 19.03.9

Note: docker-compose version: 1.25.5
………………        
Creating harbor-log ... done
Creating registryctl   ... done
Creating redis         ... done
Creating harbor-portal ... done
Creating registry      ... done
Creating harbor-db     ... done
Creating harbor-core   ... done
Creating nginx             ... done
Creating harbor-jobservice ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://www.benet.com .
For more details, please visit https://github.com/goharbor/harbor .
         
[root@centos01 ~]# vim /usr/lib/systemd/system/docker.service  
14 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80
 
[root@centos01 harbor]# systemctl daemon-reload           
[root@centos01 harbor]# systemctl restart docker             
[root@centos01 harbor]# docker-compose stop                
[root@centos01 harbor]# docker-compose start                 
[root@centos01 harbor]# netstat -anptu |grep 80   
tcp6       0      0 :::80                   :::*                    LISTEN      23473/docker-proxy

3)安装完成浏览器访问Harbor仓库

Docker搭建Harbor公开仓库_第3张图片

4)创建一个公开仓库

Docker搭建Harbor公开仓库_第4张图片

5)确保image公开仓库已经创建成功

Docker搭建Harbor公开仓库_第5张图片

6)Docker服务器端登录Harbor仓库

[root@centos01 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80  
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded     
[root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/image/nginx:nginx  
          
[root@centos01 ~]# docker push 192.168.100.10:80/image/nginx:nginx
        
[root@centos01 ~]# docker logout 192.168.100.10:80    
Removing login credentials for 192.168.100.10:80

7)Harbor查看镜像是否上传成功

Docker搭建Harbor公开仓库_第6张图片

3、配置Docker客户端



1)修改配置文件加载Docker Harbor服务器
[root@centos02 ~]# vim /usr/lib/systemd/system/docker.service   
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80 
 
[root@centos02 ~]# systemctl daemon-reload      
[root@centos02 ~]# systemctl restart docker        
[root@centos02 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80   
         
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded   
[root@centos02 ~]# docker pull 192.168.100.10:80/image/nginx:nginx   
    
[root@centos02 ~]# docker images     
REPOSITORY                   TAG                 IMAGE ID            CREATED             SIZE
192.168.100.10:80/image/nginx   nginx               1b6b1fe7261e        7 days ago          647MB

4、创建Harbor私有仓库

1)创建私有仓库

Docker搭建Harbor公开仓库_第7张图片

2)创建一个用户

Docker搭建Harbor公开仓库_第8张图片

3)将刚创建的private用户添加到private私有仓库中

Docker搭建Harbor公开仓库_第9张图片

4)上传镜像到Harbor私有仓库

[root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/private/tomcat:tomcat   
       
[root@centos01 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80   
          
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded  
[root@centos01 ~]# docker push 192.168.100.10:80/private/tomcat:tomcat

5)Harbor查看镜像是否上传成功

Docker搭建Harbor公开仓库_第10张图片

6)Docker客户端下载私有仓库中的镜像

[root@centos02 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80   
        
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded  
[root@centos02 ~]# docker pull 192.168.100.10:80/private/tomcat:tomcat    
         
[root@centos02 ~]# docker images    
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
192.168.100.10:80/image/nginx      nginx               1b6b1fe7261e        7 days ago          647MB
192.168.100.10:80/private/tomcat   tomcat              1b6b1fe7261e        7 days ago          647MB

7)Harbor支持日志统计功能

Docker搭建Harbor公开仓库_第11张图片

———————— 本文至此结束,感谢阅读 ————————