私有仓库Harbor https访问并实现docker login登录

推送到harbor参考
https://blog.csdn.net/m0_37607365/article/details/79811136

安装Harbor https访问参考链接

https://blog.51cto.com/jacksoner/2334355
以下是命令操作：

mkdir ssl
cd ssl/
openssl genrsa -out ca.key 4096

openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/C=GZ/ST=Guangd/L=Taipei/O=example/OU=Personal/CN=test.com" -key ca.key -out ca.crt

openssl genrsa -out test.com.key 4096

openssl req -sha512 -new -subj "/C=GZ/ST=Guangd/L=Taipei/O=example/OU=Personal/CN=test.com" -key test.com.key -out test.com.csr

**以下是一步到EOF**
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth 
subjectAltName = @alt_names

[alt_names]
DNS.1=test.com
DNS.2=test
DNS.3=hostname
EOF

openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in test.com.csr -out test.com.crt

vi harbor.cfg
hostname = test.com #这个就是你访问的地址
ui_url_protocol = https
ssl_cert = ./ssl/test.com.crt
ssl_cert_key = ./ssl/test.com.key


./prepare

./install.sh 

访问
https://10.0.3.104
admin
Harbor12345

echo "10.0.3.104 test.com"  >>/etc/hosts

重启
docker-compose stop
./install.sh

实现docker login登录

参考链接
https://blog.csdn.net/u010801994/article/details/88217916

vi /etc/docker/daemon.json
{"registry-mirrors": ["http://f1361db2.m.daocloud.io"],"insecure-registries":["https://test.com"]}

systemctl daemon-reload
systemctl restart docker
docker-compose up -d

在用户管理中，创建用户

然后在项目中，添加用户

在服务器中，登录你新创建的用户名，即可实现权限允许，进行镜像的推送和拉取。

在 10.0.3.240上docker login

参考链接
https://blog.csdn.net/hjmhz/article/details/81912315

1. 在10.0.3.240上添加test.com

echo "10.0.3.104 test.com"  >> /etc/hosts

2. scp ca.crt 证书
   
   登录10.0.3.240，cp到/etc/pki/ca-trust/source/anchors/
   
   3.更新证书，并登录

update-ca-trust extract
systemctl  restart docker
docker login  test.com

本人写了脚本在百度网盘，需要的同学，可以去下载
链接：https://pan.baidu.com/s/1Q3JeGj7aQvOYTHnSu_z9sw
提取码：fxms