安装环境:

CPU:2C

内存:8G

IP:172.24.77.241(Server1)

IP:172.24.77.243(Server2)

服务器 1 安装 docker

yum install docker -y
systemctl start docker
systemctl enable docker

服务器 1 安装 docker

yum install docker -y
systemctl start docker
systemctl enable docker

下载 Harbor 安装包和下载在线安装包

cd /usr/local/src/
wget https://github.com/vmware/harbor/releases/download/v1.2.2/harbor-offlineinstaller-v1.2.2.tgz
wget https://github.com/vmware/harbor/releases/download/v1.2.2/harbor-onlineinstaller-v1.2.2.tgz

配置 Harbor

tar xvf harbor-offline-installer-v1.7.5.tgz
ln -sv /usr/local/src/harbor /usr/local/

安装Python

cd /usr/local/harbor/
yum install -y epel-release
yum install python-pip -y

安装docker-compose

curl -L https://mirrors.aliyun.com/docker-toolbox/linux/compose/1.21.2/docker-compose-Linux-x86_64 -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose --version
docker-compose start
vim harbor.cfg
grep "^[a-Z]" harbor.cfg
hostname = 172.24.77.241
ui_url_protocol = http
db_password = root123
max_job_workers = 3 
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
log_rotate_count = 50
log_rotate_size = 200M
http_proxy =
https_proxy =
no_proxy = 127.0.0.1,localhost,core,registry
email_identity = harbor
email_server = smtp.163.com
email_server_port = 25
email_username = [email protected]
email_password = silence2T
email_from = admin 
email_ssl = false
email_insecure = false
harbor_admin_password = silence2T
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid 
ldap_scope = 3 
ldap_timeout = 5
ldap_verify_cert = true
ldap_group_basedn = ou=group,dc=mydomain,dc=com
ldap_group_filter = objectclass=group
ldap_group_gid = cn
ldap_group_scope = 2
self_registration = on
token_expiration = 30
project_creation_restriction = everyone
verify_remote_cert = on

更新 harbor 配置

安装harbor方法一

./prepare
    Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
    The configuration files are ready, please use docker-compose to start the service.
docker-compose create
    Creating harbor-log ... done
    Creating registry   ... done
    Creating registryctl ... done
    Creating harbor-db   ... done
    Creating harbor-adminserver ... done
    Creating harbor-core        ... done
    Creating harbor-portal      ... done
    Creating redis              ... done
    Creating harbor-jobservice  ... done
    Creating nginx              ... done

安装harbor方法二

./install.sh 
✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://172.24.77.241. 
For more details, please visit https://github.com/goharbor/harbor .

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://172.24.77.243. 
For more details, please visit https://github.com/goharbor/harbor .

启动 harbor 服务

docker-compose start

登录web页面

http://172.24.77.241/harbor/sign-in
用户名admin
密码s***

配置 docker 使用 harbor 仓库上传下载镜像

注意:如果我们配置的是 https 的话,本地 docker 就不需要有任何操作就可以访
问 harbor 了

cp /etc/sysconfig/docker /etc/sysconfig/docker.bak
vim /etc/sysconfig/docker
    OPTIONS='--selinux-enabled --log-driver=journald --insecure-registry 172.24.77.241'

重启 docker 服务

systemctl stop docker
systemctl start docker

修改客户端docker配置

vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd-current --insecure-registry=172.24.77.241\

重启 docker 服务

systemctl daemon-reload
systemctl restart docker

验证能否登录 harbor

docker login 172.24.77.241
Username: admin
Password: 
    WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
    Configure a credential helper to remove this warning. See
    https://docs.docker.com/engine/reference/commandline/login/#credentials-store
    Login Succeeded

测试上传和下载镜像

镜像打 tag:格式为: docker tag IMAGE ID HarborIP/项目名/image 名字:版本号

docker tag 858f34809e68 172.24.77.241/nginx/nginx-1.16.1:v1
docker tag eea15c73b585 172.24.77.241/tomcat/centos-jdk:v1
docker tag 49ab11d1b660 172.24.77.241/tomcat/tomcat-base:v1
docker tag 6a324016073d 172.24.77.241/tomcat/tomcat-web:app1
docker tag 8671442f21c6 172.24.77.241/tomcat/tomcat-web:app2
docker images
172.24.77.241/nginx/nginx-1.16.1   v1                  858f34809e68        3 days ago          550MB

在Harbor仓库创建项目:nginx

项目--新建项目--nginx

将镜像push到 harbor:

格式为: docker push 镜像名:版本

docker push 172.24.77.241/nginx/nginx-1.16.1:v1
docker push 172.24.77.241/tomcat/centos-jdk:v1
docker push 172.24.77.241/tomcat/tomcat-base:v1
docker push 172.24.77.241/tomcat/tomcat-web:app1
docker push 172.24.77.241/tomcat/tomcat-web:app2

Harbor安装及使用_第1张图片