Harbor安装

安装docker

yum update -y
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum list docker-ce --showduplicates | sort -r
yum install docker-ce-18.06.3.ce-3.el7 -y
systemctl start docker
systemctl enable docker

安装docker-compose

curl -L "https://github.com/docker/compose/releases/download/1.25.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
docker-compose version

修改docker配置

修改（不存在手动添加）/etc/docker/daemon.json,对应域名为harbor的域名
{
 "insecure-registries": ["hyn.harbor.com","registry.cn-hangzhou.aliyuncs.com","k8s.gcr.io","quay.io"]
}

生成证书

• 生成CA证书(一路回车）

openssl req \
    -newkey rsa:4096 -nodes -sha256 -keyout ca.key \
    -x509 -days 365 -out ca.crt  

• 生成证书签名(其中hyn.harbor.com改成自己的域名，需要与后面的harbor.yml文件里面配置的域名一致)

openssl req \
    -newkey rsa:4096 -nodes -sha256 -keyout hyn.harbor.com.key \
    -out hyn.harbor.com.csr

• FQDN方式生成注册表主机的证书(其中hyn.harbor.com改成自己的域名，需要与后面的harbor.yml文件里面配置的域名一致)

openssl x509 -req -days 365 -in hyn.harbor.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out hyn.harbor.com.crt

安装Harbor

到https://github.com/goharbor/harbor/releases下载最新稳定的harbor-offline-installer包

wget https://github.com/goharbor/harbor/releases/download/v1.10.1/harbor-offline-installer-v1.10.1.tgz

tar harbor-offline-installer-v1.10.1.tgz

cd harbor

修改harbor.yml

external clients.
hostname: hyn.harbor.com

# http related config
#http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
#  port: 80
https:
  port: 443
  #指定到上一步生成的hyn.harbor.com.crt
  certificate: /usr/local/harbor/hyn.harbor.com.crt
  #指定到上一步生成的hyn.harbor.com.key
  private_key: /usr/local/harbor/hyn.harbor.com.key
harbor_admin_password: Harbor12345
database:
  production use.
  password: root123
  max_idle_conns: 50
  max_open_conns: 100
data_volume: /data
clair:
updaters.
  updaters_interval: 12
jobservice:
  max_job_workers: 10
notification:
  webhook_job_max_retry: 10
chart:
log:
  level: info
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor
_version: 1.10.0
proxy:
  http_proxy:
  https_proxy:
  # no_proxy endpoints will appended to 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-server
  no_proxy:
  components:
    - core
    - jobservice
    - clair

启动服务

./prepare
./install.sh