目录
本篇实验基于docker-compose篇之后,否则无法完成
一、harbor简介
Harbor 是由 VMware 开源的一款云原生制品仓库,Harbor 的核心功能是存储和管理 Artifact。Harbor 允许用户用命令行工具对容器镜像及其他 Artifact 进行推送和拉取,并提供了图形管理界面帮助用户查看和管理这些 Artifact。(registry 为其核心组件)
Harbor 比 registry相比好处是: harbor支持多种功能、图形化界面管理、多用户权限、角色管理机制、安全机制。registry为纯字符界面形式。
环境需求:服务端主机需要安装 Python、Docker和Docker Compose。(web环境支持的是PY语言,故需要安装 Python)
二、harbor服务部署
1、上传文件至opt目录下
[root@zwb_docker opt]# rz -E
rz waiting to receive.
harbor-offline-installer-v1.2.2.tgz rh
2、解压到安装目录
[root@zwb_docker opt]# tar zxvf harbor-offline-installer-v1.2.2.tgz -C /usr/local/
3、配置harbor的参数文件
[root@zwb_docker harbor]# pwd ## 当前位置
/usr/local/harbor
[root@zwb_docker harbor]# vim harbor.cfg
4、执行运行脚本
[root@zwb_docker harbor]# sh install.sh
[root@zwb_docker harbor]# sh install.sh
[Step 0]: checking installation environment ...
Note: docker version: 20.10.18
Note: docker-compose version: 1.14.0
[Step 1]: loading Harbor images ...
dd60b611baaa: Loading layer 133.2MB/133.2MB
abf0579c40fd: Loading layer 1.536kB/1.536kB
ea1fc7bed9c5: Loading layer 22.48MB/22.48MB
1d6671367c69: Loading layer 7.168kB/7.168kB
b322bb3e4765: Loading layer 5.339MB/5.339MB
0cf512d418ac: Loading layer 9.728kB/9.728kB
4a7cdc0b1a2b: Loading layer 2.56kB/2.56kB
ef1130526636: Loading layer 22.48MB/22.48MB
Loaded image: vmware/harbor-ui:v1.2.2
4a050fccec52: Loading layer 12.16MB/12.16MB
d918d73369ec: Loading layer 17.3MB/17.3MB
22898836924e: Loading layer 15.87kB/15.87kB
Loaded image: vmware/notary-photon:server-0.5.0
76c156eab077: Loading layer 134MB/134MB
1eae6563289a: Loading layer 16.42MB/16.42MB
Loaded image: vmware/nginx-photon:1.11.13
2e814f7ef645: Loading layer 2.048kB/2.048kB
bc5742b580db: Loading layer 2.048kB/2.048kB
5413bcdb81b0: Loading layer 2.56kB/2.56kB
c4e2be066795: Loading layer 3.584kB/3.584kB
a4ea62be60b0: Loading layer 22.8MB/22.8MB
800a351ae5da: Loading layer 22.8MB/22.8MB
Loaded image: vmware/registry:2.6.2-photon
Loaded image: photon:1.0
a39bd6a7f897: Loading layer 10.95MB/10.95MB
6f79b8337a1f: Loading layer 17.3MB/17.3MB
74bbd0e81dd0: Loading layer 15.87kB/15.87kB
Loaded image: vmware/notary-photon:signer-0.5.0
2202528221a2: Loading layer 7.07MB/7.07MB
4fe250d3c912: Loading layer 7.07MB/7.07MB
Loaded image: vmware/harbor-adminserver:v1.2.2
9463fb852970: Loading layer 75.37MB/75.37MB
d2c9a2a395d9: Loading layer 3.584kB/3.584kB
b08aea2a8a82: Loading layer 3.072kB/3.072kB
103e65a1013b: Loading layer 3.072kB/3.072kB
Loaded image: vmware/harbor-log:v1.2.2
5d6cbe0dbcf9: Loading layer 129.2MB/129.2MB
435f2dfbd884: Loading layer 344.6kB/344.6kB
814d7b59f0cc: Loading layer 4.657MB/4.657MB
aae399245bd0: Loading layer 1.536kB/1.536kB
21e2ae955f72: Loading layer 33.84MB/33.84MB
a2d0f7b84059: Loading layer 25.09kB/25.09kB
819fa6af55b8: Loading layer 3.584kB/3.584kB
78914c99a468: Loading layer 167.7MB/167.7MB
36e79c658afb: Loading layer 6.144kB/6.144kB
f73503aca003: Loading layer 9.216kB/9.216kB
a21b39f6da59: Loading layer 1.536kB/1.536kB
ef81eb7c77b3: Loading layer 8.704kB/8.704kB
08d0cfe60b0d: Loading layer 4.608kB/4.608kB
0864dda8f611: Loading layer 4.608kB/4.608kB
Loaded image: vmware/harbor-db:v1.2.2
29d1f4ae97dd: Loading layer 18.31MB/18.31MB
7caf936e1402: Loading layer 18.31MB/18.31MB
Loaded image: vmware/harbor-jobservice:v1.2.2
78dbfa5b7cbc: Loading layer 130.9MB/130.9MB
5f70bf18a086: Loading layer 1.024kB/1.024kB
8deec01122be: Loading layer 344.6kB/344.6kB
574ab36807f2: Loading layer 1.536kB/1.536kB
d8f2cde2eef8: Loading layer 20.48kB/20.48kB
eaa3924b054e: Loading layer 5.12kB/5.12kB
8aa2c772121c: Loading layer 184.3MB/184.3MB
c3014bbccb0b: Loading layer 8.704kB/8.704kB
978a35efaa8c: Loading layer 4.608kB/4.608kB
c2385ae7d6e5: Loading layer 16.6MB/16.6MB
Loaded image: vmware/harbor-notary-db:mariadb-10.1.10
c192a34d4ff4: Loading layer 155.2MB/155.2MB
d012a9276a83: Loading layer 10.75MB/10.75MB
b8befd881cb5: Loading layer 10.75MB/10.75MB
Loaded image: vmware/clair:v2.0.1-photon
bbda1562018e: Loading layer 101.6MB/101.6MB
1171ab08cc04: Loading layer 6.656kB/6.656kB
6df81d3a0683: Loading layer 6.656kB/6.656kB
Loaded image: vmware/postgresql:9.6.4-photon
[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/nginx.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
[Step 4]: starting Harbor ...
Creating harbor-log ...
Creating harbor-log ... done
Creating registry ...
Creating harbor-db ...
Creating harbor-adminserver ...
Creating registry
Creating harbor-db
Creating registry ... done
Creating harbor-ui ...
Creating harbor-ui ... done
Creating nginx ...
Creating harbor-jobservice ...
Creating harbor-jobservice
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://192.168.159.68 .
For more details, please visit https://github.com/vmware/harbor .
5、查看
[root@zwb_docker harbor]# docker-compose ps
Name Command State Ports
---------------------------------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver /harbor/harbor_adminserver Up
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 127.0.0.1:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp,:::443->443/tcp
, 0.0.0.0:4443->4443/tcp,:::4443->44
43/tcp,
0.0.0.0:80->80/tcp,:::80->80/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp 浏览器访问
之前在docker的daemom.json文件中配置了配置了Harbor的地址,进行删除
[root@zwb_docker docker]# systemctl daemon-reload ## 重新加载守护进程
[root@zwb_docker docker]# systemctl restart docker.service ## 重启服务
在docker.server文件中进行设置:让docker启动时便可指向harbor仓库
重启服务:
[root@zwb_docker docker]# cd /usr/local/harbor/
[root@zwb_docker harbor]# docker-compose up -d
[root@zwb_docker harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
44d333a47740 vmware/harbor-jobservice:v1.2.2 "/harbor/harbor_jobs…" 4 hours ago Up About a minute harbor-jobservice
20f31cd89ebd vmware/nginx-photon:1.11.13 "nginx -g 'daemon of…" 4 hours ago Up 27 seconds 0.0.0.0:80->80/tcp, :::80->80/tc443/tcp, :::443->443/tcp, 0.0.0.0:4443->4443/tcp, :::4443->4443/tcp nginx
f5fd0a1aea60 vmware/harbor-ui:v1.2.2 "/harbor/harbor_ui" 4 hours ago Up About a minute harbor-ui
28358bcc064c vmware/harbor-adminserver:v1.2.2 "/harbor/harbor_admi…" 4 hours ago Up About a minute harbor-adminserver
863b61ac76c6 vmware/harbor-db:v1.2.2 "docker-entrypoint.s…" 4 hours ago Up About a minute 3306/tcp harbor-db
2de21a6db7a1 vmware/registry:2.6.2-photon "/entrypoint.sh serv…" 4 hours ago Up About a minute 5000/tcp registry
26010cca51d2 vmware/harbor-log:v1.2.2 "/bin/sh -c 'crond &…" 4 hours ago Up 49 minutes 127.0.0.1:1514->514/tcp harbor-log
三、验证
1、下载一个小点的镜像,方便实验
[root@zwb_docker harbor]# docker pull cirros
[root@zwb_docker harbor]# docker pull cirros
Using default tag: latest
latest: Pulling from library/cirros
d0b405be7a32: Pull complete
bd054094a037: Pull complete
c6a00de1ec8a: Pull complete
Digest: sha256:1e695eb2772a2b511ccab70091962d1efb9501fdca804eb1d52d21c0933e7f47
Status: Downloaded newer image for cirros:latest
docker.io/library/cirros:latest
2、通过命令行登录Harbor
[root@zwb_docker harbor]# docker login -u admin -p Harbor12345 http://127.0.0.1
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded ### 登录成功
3、给需要上传的镜像打tag标记
## 打tag
[root@zwb_docker harbor]# docker tag cirros:latest 127.0.0.1/public-libary/cirros:v2
[root@zwb_docker harbor]# docker push 127.0.0.1/public-libary/cirros:v2 4、上传至harbor仓库
[root@zwb_docker harbor]# docker push 127.0.0.1/public-libary/cirros:v2
The push refers to repository [127.0.0.1/public-libary/cirros]
984ad441ec3d: Layer already exists
f0a496d92efa: Layer already exists
e52d19c3bee2: Layer already exists
v2: digest: sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22 size: 943
## 查看仓库上传成功
删除本地镜像,从仓库下载
[root@zwb_docker harbor]# docker rmi 127.0.0.1/public-libary/cirros:v2
Untagged: 127.0.0.1/public-libary/cirros:v2
Untagged: 127.0.0.1/public-libary/cirros@sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22
从仓库下载
[root@zwb_docker harbor]# docker pull 192.168.159.68/public-libary/cirros:v2
v2: Pulling from public-libary/cirros
Digest: sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22
Status: Downloaded newer image for 192.168.159.68/public-libary/cirros:v2
192.168.159.68/public-libary/cirros:v2
[root@zwb_docker harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dockercompose_nginx latest b7d47c45767d 6 hours ago 205MB
<none> <none> a3e7e0eecf4f 6 hours ago 308MB
centos 7 eeb6ee3f44bd 13 months ago 204MB
192.168.159.68/public-libary/cirros v2 f9cae1daf5f6 19 months ago 12.6MB
cirros latest f9cae1daf5f6 19 months ago 12.6MB
vmware/harbor-log v1.2.2 36ef78ae27df 5 years ago 200MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 5 years ago 164MB
vmware/harbor-ui v1.2.2 39efb472c253 5 years ago 178MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 5 years ago 142MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 5 years ago 329MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 5 years ago 144MB
vmware/registry 2.6.2-photon 5d9100e4350e 5 years ago 173MB
vmware/postgresql 9.6.4-photon c562762cbd12 5 years ago 225MB
vmware/clair v2.0.1-photon f04966b4af6c 5 years ago 297MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 5 years ago 324MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 5 years ago 156MB
vmware/notary-photon server-0.5.0 6e2646682e3c 5 years ago 157MB
photon 1.0 e6e4e4a2ba1b 6 years ago 128MB
下载完成。如果仓库中没有,会自动到公共仓库下载