从零开始搭建harbor私有仓库
环境
server:linux redhat7.6
网络适配器:nat(个人习惯)
IP地址:192.168.1.229
安装docker容器
这里我使用的是阿里云镜像中的docker-ce,具体安装方法
完成后在目录/etc/yum.repo.d下下载文件
[root@localhost yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
安装docker-ce
[root@localhost yum.repos.d]# yum install docker-ce
已加载插件:langpacks, product-id, search-disabled-repos
正在解决依赖关系
--> 正在检查事务
---> 软件包 docker-ce.x86_64.3.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 container-selinux >= 2:2.74,它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 containerd.io >= 1.4.1,它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 docker-ce-cli,它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 docker-ce-rootless-extras,它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在检查事务
---> 软件包 container-selinux.noarch.2.2.119.2-1.911c772.el7_8 将被 安装
---> 软件包 containerd.io.x86_64.0.1.4.12-3.1.el7 将被 安装
---> 软件包 docker-ce-cli.x86_64.1.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 docker-scan-plugin(x86-64),它被软件包 1:docker-ce-cli-20.10.12-3.el7.x86_64 需要
---> 软件包 docker-ce-rootless-extras.x86_64.0.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 fuse-overlayfs >= 0.7,它被软件包 docker-ce-rootless-extras-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 slirp4netns >= 0.4,它被软件包 docker-ce-rootless-extras-20.10.12-3.el7.x86_64 需要
--> 正在检查事务
---> 软件包 docker-scan-plugin.x86_64.0.0.12.0-3.el7 将被 安装
---> 软件包 fuse-overlayfs.x86_64.0.0.7.2-6.el7_8 将被 安装
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.2)(64bit),它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.0)(64bit),它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
--> 正在处理依赖关系 libfuse3.so.3()(64bit),它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
---> 软件包 slirp4netns.x86_64.0.0.4.3-4.el7_8 将被 安装
--> 正在检查事务
---> 软件包 fuse3-libs.x86_64.0.3.6.1-4.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=======================================================================================================
Package 架构 版本 源 大小
=======================================================================================================
正在安装:
docker-ce x86_64 3:20.10.12-3.el7 docker-ce-stable 23 M
为依赖而安装:
container-selinux noarch 2:2.119.2-1.911c772.el7_8 extras 40 k
containerd.io x86_64 1.4.12-3.1.el7 docker-ce-stable 28 M
docker-ce-cli x86_64 1:20.10.12-3.el7 docker-ce-stable 30 M
docker-ce-rootless-extras x86_64 20.10.12-3.el7 docker-ce-stable 8.0 M
docker-scan-plugin x86_64 0.12.0-3.el7 docker-ce-stable 3.7 M
fuse-overlayfs x86_64 0.7.2-6.el7_8 extras 54 k
fuse3-libs x86_64 3.6.1-4.el7 extras 82 k
slirp4netns x86_64 0.4.3-4.el7_8 extras 81 k
事务概要
=======================================================================================================
安装 1 软件包 (+8 依赖软件包)
总下载量:93 M
安装大小:381 M
Is this ok [y/d/N]: y
Downloading packages:
(1/9): container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm | 40 kB 00:00:01
warning: /var/cache/yum/x86_64/7Server/docker-ce-stable/packages/docker-ce-20.10.12-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
docker-ce-20.10.12-3.el7.x86_64.rpm 的公钥尚未安装
(2/9): docker-ce-20.10.12-3.el7.x86_64.rpm | 23 MB 00:00:09
(3/9): containerd.io-1.4.12-3.1.el7.x86_64.rpm | 28 MB 00:00:11
(4/9): docker-ce-rootless-extras-20.10.12-3.el7.x86_64.rpm | 8.0 MB 00:00:02
(5/9): docker-scan-plugin-0.12.0-3.el7.x86_64.rpm | 3.7 MB 00:00:01
(6/9): fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm | 54 kB 00:00:01
(7/9): fuse3-libs-3.6.1-4.el7.x86_64.rpm | 82 kB 00:00:01
(8/9): slirp4netns-0.4.3-4.el7_8.x86_64.rpm | 81 kB 00:00:00
(9/9): docker-ce-cli-20.10.12-3.el7.x86_64.rpm | 30 MB 00:00:08
-------------------------------------------------------------------------------------------------------
总计 5.3 MB/s | 93 MB 00:00:17
从 https://mirrors.aliyun.com/docker-ce/linux/centos/gpg 检索密钥
导入 GPG key 0x621E9F35:
用户ID : "Docker Release (CE rpm) "
指纹 : 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
来自 : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
是否继续?[y/N]:y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : docker-scan-plugin-0.12.0-3.el7.x86_64 1/9
正在安装 : 1:docker-ce-cli-20.10.12-3.el7.x86_64 2/9
正在安装 : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 3/9
正在安装 : containerd.io-1.4.12-3.1.el7.x86_64 4/9
正在安装 : slirp4netns-0.4.3-4.el7_8.x86_64 5/9
正在安装 : fuse3-libs-3.6.1-4.el7.x86_64 6/9
正在安装 : fuse-overlayfs-0.7.2-6.el7_8.x86_64 7/9
正在安装 : 3:docker-ce-20.10.12-3.el7.x86_64 8/9
正在安装 : docker-ce-rootless-extras-20.10.12-3.el7.x86_64 9/9
验证中 : fuse3-libs-3.6.1-4.el7.x86_64 1/9
验证中 : 1:docker-ce-cli-20.10.12-3.el7.x86_64 2/9
验证中 : fuse-overlayfs-0.7.2-6.el7_8.x86_64 3/9
验证中 : docker-scan-plugin-0.12.0-3.el7.x86_64 4/9
验证中 : slirp4netns-0.4.3-4.el7_8.x86_64 5/9
验证中 : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 6/9
验证中 : docker-ce-rootless-extras-20.10.12-3.el7.x86_64 7/9
验证中 : containerd.io-1.4.12-3.1.el7.x86_64 8/9
验证中 : 3:docker-ce-20.10.12-3.el7.x86_64 9/9
已安装:
docker-ce.x86_64 3:20.10.12-3.el7
作为依赖被安装:
container-selinux.noarch 2:2.119.2-1.911c772.el7_8 containerd.io.x86_64 0:1.4.12-3.1.el7
docker-ce-cli.x86_64 1:20.10.12-3.el7 docker-ce-rootless-extras.x86_64 0:20.10.12-3.el7
docker-scan-plugin.x86_64 0:0.12.0-3.el7 fuse-overlayfs.x86_64 0:0.7.2-6.el7_8
fuse3-libs.x86_64 0:3.6.1-4.el7 slirp4netns.x86_64 0:0.4.3-4.el7_8
完毕!
查看拥有的仓库
[root@localhost yum.repos.d]# yum repolist
已加载插件:langpacks, product-id, search-disabled-repos
源标识 源名称 状态
docker-ce-stable/7Server/x86_64 Docker CE Stable - x86_64 139
extras/x86_64 CentOS-7Server - Extras - mirrors.aliyun.com 500
repolist: 639
启动并启用docker服务
[root@localhost yum.repos.d]# cd /
[root@localhost /]# systemctl enable --now docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost /]# docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Docker Buildx (Docker Inc., v0.7.1-docker)
scan: Docker Scan (Docker Inc., v0.12.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.12
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.6 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.777GiB
Name: localhost.localdomain
ID: MHLI:YK4H:CZR5:OXSG:X7S2:MLR4:QG2I:IF62:B4YV:FX34:WZXX:CEBN
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
成功
查看本地镜像,发现没有东西,搜索yakexi007,看到仓库中有四个镜像,拉取game2048
[root@localhost sysctl.d]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[root@localhost sysctl.d]# docker search yakexi007
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
yakexi007/game2048 0
yakexi007/mario 0
yakexi007/nginx 0
yakexi007/base-debian10 0
[root@localhost sysctl.d]# cd /
[root@localhost /]# docker pull yakexi007/game2048
Using default tag: latest
latest: Pulling from yakexi007/game2048
534e72e7cedc: Pull complete
f62e2f6dfeef: Pull complete
fe7db6293242: Pull complete
3f120f6a2bf8: Pull complete
4ba4e6930ea5: Pull complete
Digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390
Status: Downloaded newer image for yakexi007/game2048:latest
docker.io/yakexi007/game2048:latest
[root@localhost /]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
看到已经成功拉取game2048的镜像
给容器取名为demo,做一个端口映射,加入镜像
[root@localhost /]# docker run -d --name demo -p 80:80 yakexi007/game2048
f0b59eb0e33f6a2775d99ec0c8c4ef7786e7e4a9d718c95593cedf365cdb9477
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f0b59eb0e33f yakexi007/game2048 "/bin/sh -c 'sed -i …" 9 seconds ago Up 6 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp demo
看到容器已经成功运行
连接查看
成功
删除,尝试拉取其他的镜像并做映射
[root@localhost /]# docker rm -f demo
demo
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost /]# docker search yakexi007
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
yakexi007/game2048 0
yakexi007/mario 0
yakexi007/nginx 0
yakexi007/base-debian10 0
[root@localhost /]# docker pull yakexi007/mario
Using default tag: latest
latest: Pulling from yakexi007/mario
bbe1c4256df3: Pull complete
911d09728ffd: Pull complete
615765bc0d9f: Pull complete
a3ed95caeb02: Pull complete
d3be476df650: Pull complete
11b25b5b7583: Pull complete
Digest: sha256:7758988210dfc2c26d17376171ed8c8e0cb68cb44d9cda06f3382b06304788d9
Status: Downloaded newer image for yakexi007/mario:latest
docker.io/yakexi007/mario:latest
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost /]# docker run -d --name demo -p 80:80 yakexi007/mario
7f29cb6e0733b38569b64690d781fef9778362946a542f856e9008fe29fc6471
[root@localhost /]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7f29cb6e0733 yakexi007/mario "python3 -m http.ser…" 5 seconds ago Up 1 second 0.0.0.0:80->80/tcp, :::80->80/tcp, 8080/tcp demo
刷新一下
也成功了
尝试拉取Nginx
[root@localhost docker]# docker search nginx
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
nginx Official build of Nginx. 16018 [OK]
jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2103 [OK]
richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 820 [OK]
jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 297
linuxserver/nginx An Nginx container, brought to you by LinuxS… 161
tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 148 [OK]
jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 147 [OK]
alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 112 [OK]
jasonrivers/nginx-rtmp Docker images to host RTMP streams using NGI… 96 [OK]
nginxdemos/hello NGINX webserver that serves a simple page co… 80 [OK]
privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 61 [OK]
nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 59
nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 56
nginxproxy/nginx-proxy Automated Nginx reverse proxy for docker con… 31
staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 25 [OK]
nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 22
schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK]
centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 16
centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13
bitwarden/nginx The Bitwarden nginx web server acting as a r… 12
flashspys/nginx-static Super Lightweight Nginx Image 11 [OK]
mailu/nginx Mailu nginx frontend 10 [OK]
sophos/nginx-vts-exporter Simple server that scrapes Nginx vts stats a… 7 [OK]
ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 3 [OK]
wodby/nginx Generic nginx 1
[root@localhost docker]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
a2abf6c4d29d: Pull complete
f3409a9a9e73: Pull complete
9919a6cbae9c: Pull complete
fc1ce43285d7: Pull complete
1f01ab499216: Pull complete
13cfaf79ff6d: Pull complete
Digest: sha256:366e9f1ddebdb844044c2fafd13b75271a9f620819370f8971220c2b330a9254
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b2a7a078aa8f yakexi007/mario "python3 -m http.ser…" 10 minutes ago Up 9 minutes 0.0.0.0:80->8080/tcp, :::80->8080/tcp demo
[root@localhost docker]# docker rm -f demo
demo
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost docker]# docker run -d --name demo -p 80:80 nginx
d6cbc86f7b7964ede2d758a0ceb27618931b33b4365132ba8126379db2d88559
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d6cbc86f7b79 nginx "/docker-entrypoint.…" 12 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp demo
[root@localhost docker]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 4 days ago 141MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d6cbc86f7b79 nginx "/docker-entrypoint.…" 34 minutes ago Up 34 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp demo
[root@localhost docker]# docker rm -f demo
demo
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
拉取busybox
[root@localhost docker]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
3cb635b06aa2: Pull complete
Digest: sha256:b5cfd4befc119a590ca1a81d6bb0fa1fb19f1fbebd0397f25fae164abe1e8a6a
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
使用busybox
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 4 days ago 141MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost docker]# docker run -it --name demo busybox
/ # ls
bin dev etc home proc root sys tmp usr var
/ # cd /etc/
/etc # touch file1
/etc # touch file2
/etc # touch file3
/etc # touch file4
/etc # ls
file1 file3 group hosts mtab passwd shadow
file2 file4 hostname localtime network resolv.conf
新建文件成功
退出
/etc # exit
查看
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fec55f2c45e8 busybox "sh" About a minute ago Exited (127) 15 seconds ago demo
[root@localhost docker]# docker start demo
demo
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fec55f2c45e8 busybox "sh" 2 minutes ago Up 2 seconds demo
[root@localhost docker]# docker attach demo
/ # ls
bin dev etc home proc root sys tmp usr var
修改内容后退出,修改无效
/ # read escape sequence
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fec55f2c45e8 busybox "sh" 3 minutes ago Up About a minute demo
如果想修改有效,可以提交容器到tagv1
[root@localhost docker]# docker commit demo demo:v1
sha256:db428082afdeb0bc8e69d589b4cebb901dcf73ebe07fa55ee7ed6118dda83717
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
demo v1 db428082afde 9 seconds ago 1.24MB
nginx latest f6987c8d6ed5 4 days ago 141MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost docker]# docker history demo:v1
IMAGE CREATED CREATED BY SIZE COMMENT
db428082afde 34 seconds ago sh 91B
ffe9d497c324 2 weeks ago /bin/sh -c #(nop) CMD ["sh"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:e2d2d9591696b1478… 1.24MB
[root@localhost docker]# docker history busybox:latest
IMAGE CREATED CREATED BY SIZE COMMENT
ffe9d497c324 2 weeks ago /bin/sh -c #(nop) CMD ["sh"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:e2d2d9591696b1478… 1.24MB
[root@localhost docker]# docker rmi demo:v1
Untagged: demo:v1
Deleted: sha256:db428082afdeb0bc8e69d589b4cebb901dcf73ebe07fa55ee7ed6118dda83717
Deleted: sha256:346c4e52d157376dc257d40f347cf01543b2c543b3e133fed355ab2934c3ffdd
[root@localhost docker]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 4 days ago 141MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost docker]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
320be8aac198 busybox "sh" 5 minutes ago Exited (0) 3 minutes ago demo
[root@localhost docker]# docker rm -f demo
demo
[root@localhost docker]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
创建harbor仓库
在github中下载harbor
个人建议首选离线,在线会比较慢
harbor-offline-installer-v2.4.1.tgz
下载后进行解压
[root@localhost ~]# tar zxf harbor-offline-installer-v2.4.1.tgz
[root@localhost ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg openssl11 公共 图片 音乐
harbor keepalived-1.2.5 openssl-1.1.1m 模板 文档 桌面
harbor-offline-installer-v2.4.1.tgz keepalived-1.2.5.tar.gz openssl-1.1.1m.tar.gz 视频 下载
[root@localhost ~]# cd harbor/
[root@localhost harbor]# ls
common.sh harbor.v2.4.1.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
[root@localhost harbor]# mv harbor.yml.tmpl harbor.yml
[root@localhost harbor]# ls
common.sh harbor.v2.4.1.tar.gz harbor.yml install.sh LICENSE prepare
[root@localhost harbor]# vim harbor.yml
[root@localhost harbor]# cat harbor.yml
# Configuration file of Harbor
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: reg.smy.org *修改域名
# http related config
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 80
# https related config
https:
# https port for harbor, default is 443
port: 443
# The path of cert and key files for nginx
certificate: / *修改证书位置
private_key: / *修改密钥位置
# # Uncomment following will enable tls communication between all harbor components
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal
# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433
# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: smy *修改harbor登录密码
# Harbor DB configuration
database:
# The password for the root user of Harbor DB. Change this before any production use.
password: root123
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: 100
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 1024 for postgres of harbor.
max_open_conns: 900
# The default data volume
data_volume: /data
# Harbor Storage settings by default is using /data dir on local filesystem
# Uncomment storage_service setting If you want to using external storage
# storage_service:
# # ca_bundle is the path to the custom root ca certificate, which will be injected into the truststore
# # of registry's and chart repository's containers. This is usually needed when the user hosts a internal storage with self signed certificate.
# ca_bundle:
# # storage backend, default is filesystem, options include filesystem, azure, gcs, s3, swift and oss
# # for more info about this configuration please refer https://docs.docker.com/registry/configuration/
# filesystem:
# maxthreads: 100
# # set disable to true when you want to disable registry redirect
# redirect:
# disabled: false
# Trivy configuration
#
# Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
# It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
# in the local file system. In addition, the database contains the update timestamp so Trivy can detect whether it
# should download a newer version from the Internet or use the cached one. Currently, the database is updated every
# 12 hours and published as a new release to GitHub.
trivy:
# ignoreUnfixed The flag to display only fixed vulnerabilities
ignore_unfixed: false
# skipUpdate The flag to enable or disable Trivy DB downloads from GitHub
#
# You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
# If the flag is enabled you have to download the `trivy-offline.tar.gz` archive manually, extract `trivy.db` and
# `metadata.json` files and mount them in the `/home/scanner/.cache/trivy/db` path.
skip_update: false
#
# insecure The flag to skip verifying registry certificate
insecure: false
# github_token The GitHub access token to download Trivy DB
#
# Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
# for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
# requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
# https://developer.github.com/v3/#rate-limiting
#
# You can create a GitHub token by following the instructions in
# https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
#
# github_token: xxx
jobservice:
# Maximum number of job workers in job service
max_job_workers: 10
notification:
# Maximum retry count for webhook job
webhook_job_max_retry: 10
chart:
# Change the value of absolute_url to enabled can enable absolute url in chart
absolute_url: disabled
# Log configurations
log:
# options are debug, info, warning, error, fatal
level: info
# configs for logs in local storage
local:
# Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.
rotate_count: 50
# Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes.
# If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G
# are all valid.
rotate_size: 200M
# The directory on your host that store log
location: /var/log/harbor
# Uncomment following lines to enable external syslog endpoint.
# external_endpoint:
# # protocol used to transmit log to external endpoint, options is tcp or udp
# protocol: tcp
# # The host of external endpoint
# host: localhost
# # Port of external endpoint
# port: 5140
#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version: 2.4.0
# Uncomment external_database if using external database.
# external_database:
# harbor:
# host: harbor_db_host
# port: harbor_db_port
# db_name: harbor_db_name
# username: harbor_db_username
# password: harbor_db_password
# ssl_mode: disable
# max_idle_conns: 2
# max_open_conns: 0
# notary_signer:
# host: notary_signer_db_host
# port: notary_signer_db_port
# db_name: notary_signer_db_name
# username: notary_signer_db_username
# password: notary_signer_db_password
# ssl_mode: disable
# notary_server:
# host: notary_server_db_host
# port: notary_server_db_port
# db_name: notary_server_db_name
# username: notary_server_db_username
# password: notary_server_db_password
# ssl_mode: disable
# Uncomment external_redis if using external Redis server
# external_redis:
# # support redis, redis+sentinel
# # host for redis: :
# # host for redis+sentinel:
# # :,:,:
# host: redis:6379
# password:
# # sentinel_master_set must be set to support redis+sentinel
# #sentinel_master_set:
# # db_index 0 is for core, it's unchangeable
# registry_db_index: 1
# jobservice_db_index: 2
# chartmuseum_db_index: 3
# trivy_db_index: 5
# idle_timeout_seconds: 30
# Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.
# uaa:
# ca_file: /path/to/ca
# Global proxy
# Config http proxy for components, e.g. http://my.proxy.com:3128
# Components doesn't need to connect to each others via http proxy.
# Remove component from `components` array if want disable proxy
# for it. If you want use proxy for replication, MUST enable proxy
# for core and jobservice, and set `http_proxy` and `https_proxy`.
# Add domain to the `no_proxy` field, when you want disable proxy
# for some special registry.
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
# metric:
# enabled: false
# port: 9090
# path: /metrics
# Trace related config
# only can enable one trace provider(jaeger or otel) at the same time,
# and when using jaeger as provider, can only enable it with agent mode or collector mode.
# if using jaeger collector mode, uncomment endpoint and uncomment username, password if needed
# if using jaeger agetn mode uncomment agent_host and agent_port
# trace:
# enabled: true
# # set sample_rate to 1 if you wanna sampling 100% of trace data; set 0.5 if you wanna sampling 50% of trace data, and so forth
# sample_rate: 1
# # # namespace used to differenciate different harbor services
# # namespace:
# # # attributes is a key value dict contains user defined attributes used to initialize trace provider
# # attributes:
# # application: harbor
# # # jaeger should be 1.26 or newer.
# # jaeger:
# # endpoint: http://hostname:14268/api/traces
# # username:
# # password:
# # agent_host: hostname
# # # export trace data by jaeger.thrift in compact mode
# # agent_port: 6831
# # otel:
# # endpoint: hostname:4318
# # url_path: /v1/traces
# # compression: false
# # insecure: true
# # timeout: 10s
修改完成后保存退出
下载并安装openssl11
看到需要有证书和密钥,下载openssl
我下载的是openssl-1.1.1m.tar.gz
解压
[root@localhost ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg openssl11 公共 图片 音乐 harbor keepalived-1.2.5 模板 文档 桌面 harbor-offline-installer-v2.4.1.tgz keepalived-1.2.5.tar.gz openssl-1.1.1m.tar.gz 视频 下载
[root@localhost ~]# tar -xzf openssl-1.0.2f.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg openssl11 公共 图片 音乐
harbor keepalived-1.2.5 openssl-1.1.1m 模板 文档 桌面
harbor-offline-installer-v2.4.1.tgz keepalived-1.2.5.tar.gz openssl-1.1.1m.tar.gz 视频 下载
安装
[root@localhost openssl11]# yum list openssl11
已加载插件:langpacks, product-id, search-disabled-repos
已安装的软件包
openssl11.x86_64 1:1.1.1k-2.el7 @epel
[root@localhost openssl11]# mkdir /data
[root@localhost openssl11]# ls
bin include lib share ssl
[root@localhost openssl11]# cd /data/
[root@localhost data]# ls
[root@localhost data]# mkdir certs
[root@localhost data]# ls
certs
[root@localhost data]# openssl11 req -newkey rsa:4096 -nodes -sha256 -keyout certs/smy.org.key -addext "subjectAltName = DNS:reg.smy.org" -x509 -days 365 -out certs/smy.org.crt
Can't load /root/.rnd into RNG
140587046758208:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:98:Filename=/root/.rnd
Generating a RSA private key
.......................................................................++++
...........................................................++++
writing new private key to 'certs/smy.org.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:xinxiang
Organization Name (eg, company) [Default Company Ltd]:smy
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:reg.smy.org
Email Address []:root@smy.org
[root@localhost data]# ls certs/
smy.org.crt smy.org.key
已经生成证书和密钥,根据生成的路径编辑harbor.yml文件刚才*的证书和密钥路径
在hosts中映射域名
[root@localhost harbor]# vim harbor.yml
[root@localhost harbor]# ll /data/certs/smy.org.crt
-rw-r--r--. 1 root root 2134 12月 26 14:14 /data/certs/smy.org.crt
[root@localhost harbor]# ll /data/certs/smy.org.key
-rw-------. 1 root root 3272 12月 26 14:12 /data/certs/smy.org.key
[root@localhost harbor]# vim /etc/hosts
[root@localhost harbor]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.229 localhost reg.smy.org
[root@localhost harbor]# ping reg.smy.org
PING localhost (192.168.1.229) 56(84) bytes of data.
64 bytes from localhost (192.168.1.229): icmp_seq=1 ttl=64 time=11.7 ms
64 bytes from localhost (192.168.1.229): icmp_seq=2 ttl=64 time=0.083 ms
^C
--- localhost ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.083/5.930/11.777/5.847 ms
看到域名可用
开始安装!
[root@localhost harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.12
[Step 1]: checking docker-compose is installed ...
✖ Need to install docker-compose(1.18.0+) by yourself first and run this script again.
安装docker-compose
[root@localhost harbor]# ls
common.sh harbor.v2.4.1.tar.gz harbor.yml install.sh LICENSE prepare
发现报错,未安装docker-compose
下载一个docker-compose
我选择下载docker-compose-linux-x86_64
将下载的docker-compose移动到/usr/local/bin/docker-compose下,并赋予可执行权限
[root@localhost ~]# mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose
[root@localhost ~]# chmod +x /usr/local/bin/docker-compose
此时回到harbor目录进行安装
[root@localhost ~]# cd
[root@localhost ~]# cd harbor/
[root@localhost harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.12
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 2.2.2
[Step 2]: loading Harbor images ...
1e3f0dc884e2: Loading layer 39.45MB/39.45MB
3fd9ccd5eeaa: Loading layer 5.275MB/5.275MB
c600bceee2f7: Loading layer 4.096kB/4.096kB
724cd8711815: Loading layer 3.072kB/3.072kB
d7c82a981c89: Loading layer 17.32MB/17.32MB
a814341c2c44: Loading layer 18.12MB/18.12MB
Loaded image: goharbor/registry-photon:v2.4.1
b00595b6932d: Loading layer 5.27MB/5.27MB
e34892d856ce: Loading layer 5.928MB/5.928MB
ac5a22c6047d: Loading layer 14.47MB/14.47MB
3d1ac12eb215: Loading layer 29.29MB/29.29MB
394b4b2ea0fa: Loading layer 22.02kB/22.02kB
bb0deb7416e0: Loading layer 14.47MB/14.47MB
Loaded image: goharbor/notary-signer-photon:v2.4.1
c3b02aec560c: Loading layer 8.422MB/8.422MB
4d5b3acd128e: Loading layer 3.584kB/3.584kB
7afbf44c3706: Loading layer 2.56kB/2.56kB
31f95ac6eb9a: Loading layer 75.59MB/75.59MB
8981a12f5c17: Loading layer 5.632kB/5.632kB
16eb0821dcc3: Loading layer 96.26kB/96.26kB
b19eba29a0de: Loading layer 11.78kB/11.78kB
f0785d2e9965: Loading layer 76.49MB/76.49MB
26ce29b9d7ab: Loading layer 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.4.1
59e3814aa5f1: Loading layer 119.8MB/119.8MB
1e99e9cd580e: Loading layer 3.072kB/3.072kB
2bab205001c7: Loading layer 59.9kB/59.9kB
c51450af480c: Loading layer 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.4.1
3636ff090145: Loading layer 8.421MB/8.421MB
fa3d57c372c8: Loading layer 3.584kB/3.584kB
a2c97825dcbf: Loading layer 2.56kB/2.56kB
366b1363b528: Loading layer 86.95MB/86.95MB
3d2fd6d13a0f: Loading layer 87.74MB/87.74MB
Loaded image: goharbor/harbor-jobservice:v2.4.1
8f71cf8bc1c6: Loading layer 5.275MB/5.275MB
5cb3457d8e25: Loading layer 4.096kB/4.096kB
02c18fad9dc6: Loading layer 17.32MB/17.32MB
7bbcea1ec44e: Loading layer 3.072kB/3.072kB
f2842e1ada70: Loading layer 28.69MB/28.69MB
4665575c3f9e: Loading layer 46.81MB/46.81MB
Loaded image: goharbor/harbor-registryctl:v2.4.1
439595cfbbc0: Loading layer 7.192MB/7.192MB
Loaded image: goharbor/nginx-photon:v2.4.1
a19de03ace6b: Loading layer 5.27MB/5.27MB
35bbd4cf35b6: Loading layer 5.928MB/5.928MB
88f852ebd746: Loading layer 15.88MB/15.88MB
e3c0db81a28c: Loading layer 29.29MB/29.29MB
f74e521b7a55: Loading layer 22.02kB/22.02kB
7d97a705f439: Loading layer 15.88MB/15.88MB
Loaded image: goharbor/notary-server-photon:v2.4.1
1e6473070b18: Loading layer 124MB/124MB
f05c1a477d2d: Loading layer 3.584kB/3.584kB
bcab3e00aa98: Loading layer 3.072kB/3.072kB
970d569f474a: Loading layer 2.56kB/2.56kB
c659c9812277: Loading layer 3.072kB/3.072kB
9d401ff8bf07: Loading layer 3.584kB/3.584kB
968dfed00d2e: Loading layer 19.97kB/19.97kB
Loaded image: goharbor/harbor-log:v2.4.1
b64000a1cd2c: Loading layer 1.097MB/1.097MB
e3fb7ac15701: Loading layer 5.889MB/5.889MB
d6e7f8008582: Loading layer 165.9MB/165.9MB
eff0812a8c6f: Loading layer 15.07MB/15.07MB
91a6abd7a540: Loading layer 4.096kB/4.096kB
47e875926154: Loading layer 6.144kB/6.144kB
04876e025d4a: Loading layer 3.072kB/3.072kB
b817a88114e6: Loading layer 2.048kB/2.048kB
e5fb37021dff: Loading layer 2.56kB/2.56kB
767486d5c318: Loading layer 2.56kB/2.56kB
b92f2b842b46: Loading layer 2.56kB/2.56kB
e90e3a7ea4e9: Loading layer 8.704kB/8.704kB
Loaded image: goharbor/harbor-db:v2.4.1
daf3d38cddc8: Loading layer 8.422MB/8.422MB
8013b2cbc0b9: Loading layer 18.13MB/18.13MB
4445f5ea7083: Loading layer 4.608kB/4.608kB
32e035f0af8e: Loading layer 18.93MB/18.93MB
Loaded image: goharbor/harbor-exporter:v2.4.1
0ad72e88d766: Loading layer 8.54MB/8.54MB
fe195f48d47b: Loading layer 4.096kB/4.096kB
71f2671db231: Loading layer 3.072kB/3.072kB
ddda0b4a8eae: Loading layer 39.27MB/39.27MB
c3fe76027866: Loading layer 12.37MB/12.37MB
d82a7403c39a: Loading layer 52.43MB/52.43MB
Loaded image: goharbor/trivy-adapter-photon:v2.4.1
03e449493f09: Loading layer 5.275MB/5.275MB
4f4a25c7cc0d: Loading layer 64.5MB/64.5MB
77a37df05436: Loading layer 3.072kB/3.072kB
47c58e48962d: Loading layer 4.096kB/4.096kB
5dd56c28f3fc: Loading layer 65.29MB/65.29MB-1.
Loaded image: goharbor/chartmuseum-photon:v2.4.1
8b7cbddd8918: Loading layer 165.6MB/165.6MB
b8157b6f7cb8: Loading layer 57.6MB/57.6MB
4a53b9a92b30: Loading layer 2.56kB/2.56kB
59184fc56c3c: Loading layer 1.536kB/1.536kB
99431fe2c10f: Loading layer 12.29kB/12.29kB
3735b7f4881f: Loading layer 2.62MB/2.62MB
bcff3633b236: Loading layer 325.6kB/325.6kB
Loaded image: goharbor/prepare:v2.4.1
eb57d0945b2e: Loading layer 7.192MB/7.192MB
dd9069fd53a8: Loading layer 7.355MB/7.355MB
e779dab1d180: Loading layer 1.754MB/1.754MB
Loaded image: goharbor/harbor-portal:v2.4.1
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING: IPv4 forwarding is disabled. Networking will not work.
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[Step 5]: starting Harbor ...
[+] Running 10/10
⠿ Network harbor_harbor Created 7.8s
⠿ Container harbor-log Started 2.8s
⠿ Container registry Started 15.3s
⠿ Container harbor-portal Started 22.8s
⠿ Container redis Started 22.8s
⠿ Container registryctl Started 22.5s
⠿ Container harbor-db Started 13.9s
⠿ Container harbor-core Started 24.1s
⠿ Container harbor-jobservice Started 50.6s
⠿ Container nginx Started 52.2s
✔ ----Harbor has been installed and started successfully.----
成功
查看
[root@localhost harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c6750a87a689 goharbor/harbor-jobservice:v2.4.1 "/harbor/entrypoint.…" 3 minutes ago Up 2 minutes (healthy) harbor-jobservice
968d2e9a245f goharbor/nginx-photon:v2.4.1 "nginx -g 'daemon of…" 3 minutes ago Up 2 minutes (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp nginx
afee09a11ef7 goharbor/harbor-core:v2.4.1 "/harbor/entrypoint.…" 3 minutes ago Up 2 minutes (healthy) harbor-core
3c28bacb604c goharbor/harbor-registryctl:v2.4.1 "/home/harbor/start.…" 3 minutes ago Up 2 minutes (healthy) registryctl
723744c9affa goharbor/redis-photon:v2.4.1 "redis-server /etc/r…" 3 minutes ago Up 2 minutes (healthy) redis
caba75f40589 goharbor/registry-photon:v2.4.1 "/home/harbor/entryp…" 3 minutes ago Up 3 minutes (healthy) registry
3a58ddb2bbdd goharbor/harbor-portal:v2.4.1 "nginx -g 'daemon of…" 3 minutes ago Up 2 minutes (healthy) harbor-portal
66d02cb675b0 goharbor/harbor-db:v2.4.1 "/docker-entrypoint.…" 3 minutes ago Up 3 minutes (healthy) harbor-db
c4b2207875dd goharbor/harbor-log:v2.4.1 "/bin/sh -c /usr/loc…" 3 minutes ago Up 3 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@localhost harbor]# docker-compose ps
NAME COMMAND SERVICE STATUS PORTS
harbor-core "/harbor/entrypoint.…" core running (healthy)
harbor-db "/docker-entrypoint.…" postgresql running (healthy)
harbor-jobservice "/harbor/entrypoint.…" jobservice running (healthy)
harbor-log "/bin/sh -c /usr/loc…" log running (healthy) 127.0.0.1:1514->10514/tcp
harbor-portal "nginx -g 'daemon of…" portal running (healthy)
nginx "nginx -g 'daemon of…" proxy running (healthy) 0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp, :::80->8080/tcp, :::443->8443/tcp
redis "redis-server /etc/r…" redis running (healthy)
registry "/home/harbor/entryp…" registry running (healthy)
registryctl "/home/harbor/start.…" registryctl running (healthy)
[root@localhost harbor]#
[root@localhost harbor]# ls
common common.sh docker-compose.yml harbor.v2.4.1.tar.gz harbor.yml install.sh LICENSE prepare
[root@localhost harbor]# cd
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 5 days ago 141MB
goharbor/harbor-exporter v2.4.1 0ee361b5454a 10 days ago 82.7MB
goharbor/chartmuseum-photon v2.4.1 337a9d03b197 10 days ago 174MB
goharbor/redis-photon v2.4.1 2bbe19b8cc5d 10 days ago 156MB
goharbor/trivy-adapter-photon v2.4.1 d39fd42c93f0 10 days ago 151MB
goharbor/notary-server-photon v2.4.1 e75c68b6638b 10 days ago 111MB
goharbor/notary-signer-photon v2.4.1 17a627caf6dd 10 days ago 108MB
goharbor/harbor-registryctl v2.4.1 bff3d2665456 10 days ago 137MB
goharbor/registry-photon v2.4.1 b46e45c49d6f 10 days ago 79.2MB
goharbor/nginx-photon v2.4.1 78aad8c8ef41 10 days ago 45.7MB
goharbor/harbor-log v2.4.1 c86562daee64 10 days ago 160MB
goharbor/harbor-jobservice v2.4.1 d8baceb5f1f6 10 days ago 220MB
goharbor/harbor-core v2.4.1 80a4e3e60403 10 days ago 198MB
goharbor/harbor-portal v2.4.1 1c9ed1cc3cb9 10 days ago 54.7MB
goharbor/harbor-db v2.4.1 417d0a840247 10 days ago 222MB
goharbor/prepare v2.4.1 e9158d34970b 10 days ago 257MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost ~]# docker tag nginx:latest reg.smy.org/library/nginx:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 5 days ago 141MB
reg.smy.org/library/nginx latest f6987c8d6ed5 5 days ago 141MB
goharbor/harbor-exporter v2.4.1 0ee361b5454a 10 days ago 82.7MB
goharbor/chartmuseum-photon v2.4.1 337a9d03b197 10 days ago 174MB
goharbor/redis-photon v2.4.1 2bbe19b8cc5d 10 days ago 156MB
goharbor/trivy-adapter-photon v2.4.1 d39fd42c93f0 10 days ago 151MB
goharbor/notary-server-photon v2.4.1 e75c68b6638b 10 days ago 111MB
goharbor/notary-signer-photon v2.4.1 17a627caf6dd 10 days ago 108MB
goharbor/harbor-registryctl v2.4.1 bff3d2665456 10 days ago 137MB
goharbor/registry-photon v2.4.1 b46e45c49d6f 10 days ago 79.2MB
goharbor/nginx-photon v2.4.1 78aad8c8ef41 10 days ago 45.7MB
goharbor/harbor-log v2.4.1 c86562daee64 10 days ago 160MB
goharbor/harbor-jobservice v2.4.1 d8baceb5f1f6 10 days ago 220MB
goharbor/harbor-core v2.4.1 80a4e3e60403 10 days ago 198MB
goharbor/harbor-portal v2.4.1 1c9ed1cc3cb9 10 days ago 54.7MB
goharbor/harbor-db v2.4.1 417d0a840247 10 days ago 222MB
goharbor/prepare v2.4.1 e9158d34970b 10 days ago 257MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
全部启动,非常奈斯,部署完成
使用
在目录reg.smy.org/library/下创建Nginx
[root@localhost ~]# docker tag nginx:latest reg.smy.org/library/nginx:latest
看到新增一个以reg.smy.org开头的,这就是刚才新建的Nginx
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 5 days ago 141MB
reg.smy.org/library/nginx latest f6987c8d6ed5 5 days ago 141MB
goharbor/harbor-exporter v2.4.1 0ee361b5454a 10 days ago 82.7MB
goharbor/chartmuseum-photon v2.4.1 337a9d03b197 10 days ago 174MB
goharbor/redis-photon v2.4.1 2bbe19b8cc5d 10 days ago 156MB
goharbor/trivy-adapter-photon v2.4.1 d39fd42c93f0 10 days ago 151MB
goharbor/notary-server-photon v2.4.1 e75c68b6638b 10 days ago 111MB
goharbor/notary-signer-photon v2.4.1 17a627caf6dd 10 days ago 108MB
goharbor/harbor-registryctl v2.4.1 bff3d2665456 10 days ago 137MB
goharbor/registry-photon v2.4.1 b46e45c49d6f 10 days ago 79.2MB
goharbor/nginx-photon v2.4.1 78aad8c8ef41 10 days ago 45.7MB
goharbor/harbor-log v2.4.1 c86562daee64 10 days ago 160MB
goharbor/harbor-jobservice v2.4.1 d8baceb5f1f6 10 days ago 220MB
goharbor/harbor-core v2.4.1 80a4e3e60403 10 days ago 198MB
goharbor/harbor-portal v2.4.1 1c9ed1cc3cb9 10 days ago 54.7MB
goharbor/harbor-db v2.4.1 417d0a840247 10 days ago 222MB
goharbor/prepare v2.4.1 e9158d34970b 10 days ago 257MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
尝试拉取新建的Nginx
[root@localhost ~]# docker push reg.smy.org/library/nginx:latest
The push refers to repository [reg.smy.org/library/nginx]
Get "https://reg.smy.org/v2/": x509: certificate signed by unknown authority
失败,并且提醒缺少证书
[root@localhost ~]# cd /data/
[root@localhost data]# cd /data/certs/
[root@localhost certs]# ls
smy.org.crt smy.org.key
[root@localhost certs]# cd /etc/docker/
[root@localhost docker]# ls
certs.d key.json
[root@localhost docker]# cd certs.d/
[root@localhost certs.d]# pwd
/etc/docker/certs.d
[root@localhost certs.d]# ls
access.redhat.com cdn.redhat.com registry.access.redhat.com registry.redhat.io
[root@localhost certs.d]# mkdir reg.smy.org
[root@localhost certs.d]# ls
access.redhat.com cdn.redhat.com registry.access.redhat.com registry.redhat.io reg.smy.org
[root@localhost certs.d]# cd reg.smy.org/
[root@localhost reg.smy.org]# ls
将生成的证书复制过来,并改名为ca.crt
[root@localhost reg.smy.org]# cp /data/certs/smy.org.crt ca.crt
[root@localhost reg.smy.org]# ls
ca.crt
[root@localhost reg.smy.org]# pwd
/etc/docker/certs.d/reg.smy.org
继续尝试拉取Nginx
[root@localhost reg.smy.org]# docker push reg.smy.org/library/nginx:latest
The push refers to repository [reg.smy.org/library/nginx]
51a4ac025eb4: Preparing
4ded77d16e76: Preparing
32359d2cd6cd: Preparing
4270b63061e5: Preparing
5f5f780b24de: Preparing
2edcec3590a4: Waiting
unauthorized: unauthorized to access repository: library/nginx, action: push: unauthorized to access repository: library/nginx, action: push
报错,提醒未授权
[root@localhost reg.smy.org]# docker login reg.smy.org
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
又一次尝试拉取
[root@localhost reg.smy.org]# docker push reg.smy.org/library/nginx:latest
The push refers to repository [reg.smy.org/library/nginx]
51a4ac025eb4: Pushed
4ded77d16e76: Pushed
32359d2cd6cd: Pushed
4270b63061e5: Pushed
5f5f780b24de: Pushed
2edcec3590a4: Pushed
latest: digest: sha256:2e87d9ff130deb0c2d63600390c3f2370e71e71841573990d54579bc35046203 size: 1570
终于成功了!
同理,再创建一个game2048
[root@localhost reg.smy.org]# cd
[root@localhost ~]# docker tag yakexi007/game2048:latest reg.smy.org/library/game2048:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 5 days ago 141MB
reg.smy.org/library/nginx latest f6987c8d6ed5 5 days ago 141MB
goharbor/harbor-exporter v2.4.1 0ee361b5454a 10 days ago 82.7MB
goharbor/chartmuseum-photon v2.4.1 337a9d03b197 10 days ago 174MB
goharbor/redis-photon v2.4.1 2bbe19b8cc5d 10 days ago 156MB
goharbor/trivy-adapter-photon v2.4.1 d39fd42c93f0 10 days ago 151MB
goharbor/notary-server-photon v2.4.1 e75c68b6638b 10 days ago 111MB
goharbor/notary-signer-photon v2.4.1 17a627caf6dd 10 days ago 108MB
goharbor/harbor-registryctl v2.4.1 bff3d2665456 10 days ago 137MB
goharbor/registry-photon v2.4.1 b46e45c49d6f 10 days ago 79.2MB
goharbor/nginx-photon v2.4.1 78aad8c8ef41 10 days ago 45.7MB
goharbor/harbor-log v2.4.1 c86562daee64 10 days ago 160MB
goharbor/harbor-jobservice v2.4.1 d8baceb5f1f6 10 days ago 220MB
goharbor/harbor-core v2.4.1 80a4e3e60403 10 days ago 198MB
goharbor/harbor-portal v2.4.1 1c9ed1cc3cb9 10 days ago 54.7MB
goharbor/harbor-db v2.4.1 417d0a840247 10 days ago 222MB
goharbor/prepare v2.4.1 e9158d34970b 10 days ago 257MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
reg.smy.org/library/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost ~]# docker push reg.smy.org/library/game2048:latest
The push refers to repository [reg.smy.org/library/game2048]
88fca8ae768a: Pushed
6d7504772167: Pushed
192e9fad2abc: Pushed
36e9226e74f8: Pushed
011b303988d2: Pushed
latest: digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390 size: 1364
拉取成功,快乐又回来啦!
顺便看一下图形界面吧
登录界面
主界面
查看我的仓库
创建的两个都有