VMware Harbor部署

为什么80%的码农都做不了架构师？>>>   

上篇了解了vmware harbor的基本架构，终究还是要用起来的，所以本篇就了解一下怎么部署harbor。

 

系统

    OS：Ubuntu 16.04.3 LTS

    Kernel：ubuntu16.04-2 4.4.0-87-generic

下载docker-ce

我跟她https://download.docker.com/linux/ubuntu/dists/xenial/pool/stable/amd64/docker-ce_18.03.0~ce-0~ubuntu_amd64.deb

安装docker-ce

dpkg -i docker-ce_18.03.0_ce-0_ubuntu_amd64.deb

检查docker-ce

docker info

依赖安装

apt-get install python2.7  python-minimal

docker-compose安装

 

curl -L https://github.com/docker/compose/releases/download/1.19.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

     ps：不要apt-get install docker-compose安装，默认仓库中的docker-compose版本太低

docker-compose自动补全插件安装

curl -L https://raw.githubusercontent.com/docker/compose/1.19.0/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose

harbor离线包下载

cd  /opt/programs
wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.1.tgz
=========================下载完解压========================================
tar zxvf harbor-offline-installer-v1.5.1.tgz

工作目录设定

/opt/programs/harbor

调整harbor.cfg配置

    文件在/opt/programs/harbor/harbor.cfg

_version = 1.5.0
hostname = 192.168.1.6
ui_url_protocol = http
max_job_workers = 5
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
log_rotate_count = 5
log_rotate_size = 200M
http_proxy =
https_proxy =
no_proxy = 127.0.0.1,172.31.68.243,ui
email_identity = 
email_server = smtp.mydomain.com
email_server_port = 25
email_username = [email protected]
email_password = abc
email_from = admin 
email_ssl = false
email_insecure = false
harbor_admin_password = Harbor12345
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid 
ldap_scope = 2 
ldap_timeout = 5
ldap_verify_cert = true
ldap_group_basedn = ou=group,dc=mydomain,dc=com
ldap_group_filter = objectclass=group
ldap_group_gid = cn
ldap_group_scope = 2
self_registration = on
token_expiration = 30
project_creation_restriction = everyone
db_host = mysql
db_password = root123
db_port = 3306
db_user = root
redis_url = redis:6379
clair_db_host = postgres
clair_db_password = password
clair_db_port = 5432
clair_db_username = postgres
clair_db = postgres
uaa_endpoint = uaa.mydomain.org
uaa_clientid = id
uaa_clientsecret = secret
uaa_verify_cert = true
uaa_ca_cert = /path/to/ca.pem
registry_storage_provider_name = filesystem
registry_storage_provider_config =

安装harbor

./install.sh

查看harbor image

docker image ls

查看harbor container

docker container ls

docker-compose查看

docker-compose ps

登录harbor

http://192.168.1.6

    ps：默认用户名密码是admin/Harbor12345

管理界面

       ps：怎么使用就不详细描述了，下面讲解一下怎么push镜像上去，换一台机ubuntu机器执行以下命令(ubuntu16.04-2)

调整docker默认配置

#/etc/docker/daemon.json
{
  "registry-mirrors": ["http://aa2fd190.m.daocloud.io"],
  "insecure-registries":["http://172.31.68.241"]
}

调整docker启动配置文件

#/lib/systemd/system/docker.service
# 在service模块下调整ExecStart项
[Service]
Type=notify
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

配置生效

systemctl daemon-reload
systemctl restart docker.service

查看docker状态

systemctl status docker.service

CLI登录harbor

docker login 192.168.1.6

[email protected]:~#docker login 192.168.1.6
Username (admin): admin
Password: 
Login Succeeded
[email protected]:~#

image打tag

    先检查当前主机上的image

    针对hello-world打tag

        ps：里面的ip换成192.168.1.6(实在是没图了)

docker tag hello-world:latest 172.31.68.241/library/hello-world:latest

push镜像

docker push 172.31.68.241/library/hello-world:latest

pull镜像

    调整docker配置文件

#/etc/default/docker
# 调整DOCKER_OPTS如下
DOCKER_OPTS="--registry-mirror=http://172.31.68.241 --insecure-registry 172.31.68.241"

    重启docker

systemctl daemon-reload
systemctl restart docker.service

    pull镜像

docker pull 172.31.68.241/library/hello-world

 

 

转载于:https://my.oschina.net/guol/blog/1840960