在k8s集群中使用helm安装harbor

使用Helm安装harbor需要准备如下:
1、安装helm
2、安装provisioner
3、安装traefik

使用helm安装harbor
$ git clone https://github.com/goharbor/harbor-helm
打开https://github.com/goharbor/harbor-helm看一下分支
$ cd harbor-helm
$ git checkout 1.1.0 #进入1.1.0分支
$ ls
cert CONTRIBUTING.md README.md templates
Chart.yaml docs LICENSE values.yaml
准备一个配置文件用来覆盖values.yaml内的值,原配置文件values.yaml要保留
$ vim harbor-values.yaml

expose:
  type: ingress
  tls:
    enabled: true
  ingress:
    hosts:
      core: registry.example.com
      notary: notary.example.com
    annotations:
      kubernetes.io/ingress.class: "traefik"
      ingress.kubernetes.io/ssl-redirect: "true"
      ingress.kubernetes.io/proxy-body-size: "0"
externalURL: https://registry.example.com
persistence:
  enabled: true
  resourcePolicy: "keep"
  persistentVolumeClaim:
    registry:
      storageClass: "harbor-data"
    chartmuseum:
      storageClass: "harbor-data"
    jobservice:
      storageClass: "harbor-data"
    database:
      storageClass: "harbor-data"
    redis:
      storageClass: "harbor-data"

准备存储类
$ vim harbor-sc.yaml

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: harbor-data
provisioner: fuseim.pri/ifs

安装harbor
$ helm install --name harbor -f harbor-values.yaml . --namespace kube-ops
$ kubectl get pod -n kube-ops |grep harbor
harbor-harbor-chartmuseum-67669f98f-twctk 1/1 Running 0 24
hharbor-harbor-clair-5bd8f76d9c-xrzks 1/1 Running 73 24
hharbor-harbor-core-86d9c7c448-qdp68 1/1 Running 2 66
mharbor-harbor-database-0 1/1 Running 0 24
hharbor-harbor-jobservice-79f7fccb97-t4bhw 1/1 Running 4 67
mharbor-harbor-notary-server-56db4cc64d-c2mck 1/1 Running 67 24
hharbor-harbor-notary-signer-67d4df59fd-z8v4z 1/1 Running 67 24
hharbor-harbor-portal-64cff84747-lpngl 1/1 Running 0 24
hharbor-harbor-redis-0 1/1 Running 0 67
mharbor-harbor-registry-5b774574b7-qwqs8 2/2 Running 0 24
$ kubectl get ingress -n kube-ops |grep harbor
harbor-harbor-ingress registry.example.com,notary.example.com 80
, 443 24h
在客户端模拟dns
$ vim /etc/hosts
192.168.1.243 registry.example.com registry
192.168.1.243 notary.example.com notary
在客户端用浏览器打开:
https://registry.example.com
默认用户名是admin
默认密码是Harbor12345,在values.yaml内
$ cat values.yaml
harborAdminPassword: “Harbor12345”
默认情况下会有一个名叫library的项目,该项目默认是公开访问权限的
projects----library----配置----自动扫描上传的镜像
在客户端使用命令行登录harbor:
$ vim /etc/docker/daemon.json

{
        "insecure-registries": ["registry.example.com"]
}

$ systemctl restart docker
$ docker login registry.example.com
测试
$ docker pull busybox
$ docker tag busybox registry.example.com/library/busybox
$ docker push registry.example.com/library/busybox
$ docker rmi registry.example.com/library/busybox
$ docker pull registry.example.com/library/busybox

卸载harbor
$ helm del --purge harbor
$ kubectl delete pvc harbor-harbor-chartmuseum -n kube-ops
$ kubectl delete pvc harbor-harbor-jobservice -n kube-ops
$ kubectl delete pvc harbor-harbor-registry -n kube-ops

你可能感兴趣的:(在k8s集群中使用helm安装harbor)