Docker基础---harbor镜像仓库部署

一、Harbar简介
Harbor是VMware公司开源了企业级Registry项目, 其的目标是帮助用户迅速搭建一个企业级的Docker registry服务。它以Docker公司开源的registry为基础，额外提供了如下功能:

二、harbor镜像仓库部署是在设置加密认证的基础上完成配置
1、加密，生成证书
https://blog.csdn.net/YiSean96/article/details/105373429
2、认证:

docker run --rm --entrypoint htpasswd registry -Bbn admin westos > auth/htpasswd
docker run --rm --entrypoint htpasswd registry -Bbn zhang westos >> auth/htpasswd

[root@server1 ~]# cat auth/htpasswd 
admin:$2y$05$Qn28i3xjkwIxt56CUQyD..H7sHN4kCOhfV.uWXWbAMGD7RZRmtdl2

zhang:$2y$05$GU9CC2wYdW8XsUkcv46VIuR.twgk3m4nt7mP2QcFgeORMqTanj0T6

3、加密并认证
https://blog.csdn.net/YiSean96/article/details/105373429

4、拷贝证书到docker的配置目录下

cd /etc/docker/
mkdir -p certs.d/westos.org
cd certs.d/westos.org/
cp ~/certs/westos.org.crt .
[root@server1 westos.org]# ls
westos.org.crt
[root@server1 westos.org]# pwd
/etc/docker/certs.d/westos.org

完成加密认证服务。

三、安装harbor
从官网下载最新版本安装包：https://github.com/vmware/harbor/releases

tar zxf harbor-offline-installer-v1.10.1.tgz		#解压安装包
cd harbor/
vim harbor.yml						#更改配置文件
./prepare
./install.sh
✖ Need to install docker-compose(1.18.0+) by yourself first and run this script again.

需要安装docker-compose(1.18.0+)
官方文件：
https://docs.docker.com/compose/install/

[root@server1 harbor]# curl -L https://github.com/docker/compose/releases/download/1.24.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   617  100   617    0     0    407      0  0:00:01  0:00:01 --:--:--   407
100 15.4M  100 15.4M    0     0  13533      0  0:19:53  0:19:53 --:--:-- 20181
[root@server1 harbor]# chmod +x /usr/local/bin/docker-compose
[root@server1 harbor]# ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[root@server1 harbor]# docker-compose --version
docker-compose version 1.24.0, build 0aa59064

./install.sh
docker-compose ps			#查看所有容器状态。

四、在真机做好解析,浏览器中访问https://westos.org/
登陆用户密码：admin/westos

五、上传：
加密连接：

cd /etc/docker/certs.d/reg.westos.org/
cp /root/certs/westos.org.crt .

[root@server1 ~]# docker login reg.westos.org
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded

docker tag wl86129/distroless_base reg.westos.org/library/wl86129/distroless_base
docker push reg.westos.org/library/wl86129/distroless_base

六、下载：

[root@server2 docker]# pwd
/etc/docker
[root@server2 docker]# cat daemon.json 
{
  "registry-mirrors": ["https://reg.westos.org"]
}
[root@server2 docker]# cd /etc/docker/certs.d/reg.westos.org/
[root@server2 reg.westos.org]# ls
ca.crt

七、删除：

移除所有容器：
docker-compose down
清理配置文件：
./prepare 
./install.sh --with-notary --with-clair --with-chartmuseum