Harbor 升级(数据迁移版)V1.8-->V2.8

升级说明

旧镜像版本:V1.8
升级版本:V2.8
由于无法直接升级,只能选择迁移数据。

新版本安装

请参考官网
修改harbor.yml文件中的volume路径及域名地址
启动命令如下
sudo ./install.sh --with-notary --with-notary --with-trivy

一、项目迁移

1.1 旧数据导出
header = {“authorization”: “Basic $token”} # token根据实际情况来处理
source_registry_baseurl = “https://a.com/api/“
target_registry_baseurl = “https://b.com/api/v2.0/
def import_project_to_new_harbor():
    #获取旧库中的项目名称,主要包括两个字段,name及是否metadata中的public字段
    response_projects = requests.get(source_registry_baseurl + "projects?public=false",headers=header)
    projectlist = response_projects.content.decode('utf-8')
    projectlist = json.loads(projectlist)
    for project in projectlist:
        status_code = create_new_project(project["name"],project['metadata']['public'])
        if status_code == 201:
            print(projects['name'] + '已导入成功')
        else:
            break
    return
1.2 创建project
def create_new_project(name,is_public):
    projectname = name
    metapublic = is_public
    if is_public == "true":
        metapublic = "true"
    else:
        metapublic = "false"
    data = {
        "project_name": projectname,
        "metadata": {
            "public": metapublic
        }
    }
    res = requests.post(target_registry_baseurl + "projects", json=data, headers=header)
    return res.status_code

二、导出镜像至文本文件

def get_image_name_list():
    response_projects = requests.get(source_registry_baseurl + "projects",headers=header)
    projectlist = response_projects.content.decode('utf-8')
    projectlist = json.loads(projectlist)
    filename = 'allimage.txt'
    file = open(filename,'w')
    for project in projectlist:
        #获取旧Harbor仓库项目的ID和名称及项目名称列表
        project_id = project["project_id"]
        project_name = project["name"]
        url = source_registry_baseurl + 'repositories?project_id=' + str(project_id)
        response_image = requests.get(url,headers=header)
        images_list = response_image.content.decode('utf-8')
        imagelist = json.loads(images_list)
        for image in imagelist:
            tagurl = source_registry_baseurl + 'repositories/' + image['name'] + '/tags'
            response_tags = requests.get(tagurl,headers=header)
            tagslist = response_tags.content.decode('utf-8')
            taglist = json.loads(tagslist)
            for tag in taglist:
                pullimagelist = image['name'] + ':' + tag['name']
                file.write(pullimagelist + '\n')
    file.close()
    return

三、创建用户

3.1 普通用户创建

核心——基于LDAP模式配置AD登录信息
另外由于public的仓库,用户都是可以访问的
所以只需要创建private的私有仓库用户即可

3.2 robot账户创建
def get_robot_name():
    response_projects = requests.get(source_registry_baseurl + "projects",headers=header)
    projectlist = response_projects.content.decode('utf-8')
    projectlist = json.loads(projectlist)
    for project in projectlist:
        project_id = project["project_id"]
        url = source_registry_baseurl + 'projects/' + str(project_id) + '/robots'
        response_robot = requests.get(url,headers=header)
        robotlist = response_robot.content.decode('utf-8')
        robotlist = json.loads(robotlist)
        for robot in robotlist:
            print(robot)

如果有更好的方案,请在评论区回复,谢谢。

你可能感兴趣的:(devops,docker,linux)