私有docker register (Harbor)

环境准备

  • Centos 7 mini
  • docker
  • docker-compose

安装docker

阿里云加速安装

curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -

systemctl enable docker
systemctl start docker

安装docker-compose

curl -L “https://github.com/docker/compose/releases/download/1.9.0/docker-compose- (unames) (uname -m)” -o /usr/local/bin/docker-compose

搭建Harbor

下载代码

git clone https://github.com/vmware/harbor

修改配置

cd harbor/make/

vim harbor.cfg

配置样例如下 :

## Configuration file of Harbor

#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
# 指定 hostname,一般为IP,或者域名,用于登录 Web UI 界面
hostname = 10.211.55.17

#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
# URL 访问方式,SSL 需要配置 nginx
ui_url_protocol = http

#Email account settings for sending out password resetting emails.
# 邮件相关信息配置,如忘记密码发送邮件
email_server = smtp.xxxxxx.com
email_server_port = 465
email_username = [email protected]
email_password = xxxxxx
email_from = docker 
email_ssl = true

##The password of Harbor admin, change this before any production use.
# 默认的 Harbor 的管理员密码,管理员用户名默认 admin
harbor_admin_password = Harbor12345

##By default the auth mode is db_auth, i.e. the credentials are stored in a local database.
#Set it to ldap_auth if you want to verify a user's credentials against an LDAP server.
# 指定 Harbor 的权限验证方式,Harbor 支持本地的 mysql 数据存储密码,同时也支持 LDAP
auth_mode = db_auth

#The url for an ldap endpoint.
# 如果采用了 LDAP,此处填写 LDAP 地址
ldap_url = ldaps://ldap.mydomain.com

#The basedn template to look up a user in LDAP and verify the user's password.
# LADP 验证密码的方式(我特么没用过这么高级的玩意)
ldap_basedn = uid=%s,ou=people,dc=mydomain,dc=com

#The password for the root user of mysql db, change this before any production use.
# mysql 数据库 root 账户密码
db_password = root123

#Turn on or off the self-registration feature
# 是否允许开放注册
self_registration = on

#Turn on or off the customize your certicate
# 允许自签名证书
customize_crt = on

#fill in your certicate message
# 自签名证书信息
crt_country = CN
crt_state = State
crt_location = CN
crt_organization = mritd
crt_organizationalunit = mritd
crt_commonname = mritd.me
crt_email = reg.mritd.me
#####

生成相关配置

cd harbor/make/

./prepare

编译 image 并启动

cd harbor/make/

docker-compose up -d

创建私有项目


  • 主页 (默认的访问地址即为 harbor.cfg 中 hostname 地址)
  • 登录 (Harbor 默认管理员用户为 admin ,密码在 harbor.cfg 中设置过,默认的是 Harbor12345)
  • 创建私有项目

Harbor 有一个项目的概念,项目名可以理解为 Docker Hub 的用户名,其下可以后很多 images,Harbor 的项目必须登录后方可 push,公有项目和私有项目的区别是对其他用户是否可见

push 镜像


  • 设置 http 仓库地址

根据 https://docs.docker.com/engine/admin/systemd/
给docker增加 –insecure-registry 10.211.55.17参数

  • 登录私有库
    docker login 192.168.82.200:8080
  • 对需要push的镜像打tag (,名称一定要标准( registryAddress[:端口]/项目/imageName[:tag] ))
    docker tag nginx:1.11.5 192.168.82.200:8080/tonychen/nginx:1.11.5
  • push
    docker push 192.168.82.200:8080/tonychen/nginx:1.11.5
  • 参考:
    http://www.tuicool.com/articles/RvAF7nn

    你可能感兴趣的:(docker,centos,docker)