容器应用,  系统运维

harbor 私有镜像仓库搭建

2020-10-05 /
浏览数: 490
  • 环境准备

硬件要求

资源 最低配置 推荐配置
CPU 2CPU 4CPU
MEM 4GB 8GB
DISK 40GB 160GB

软件要求

软件 版本 描述
Docker engine Version 17.06.0-ce+ or higher For installation instructions,
Docker Compose Version 1.18.0 or higher For installation instructions
Openssl Latest is preferred Used to generate certificate and keys for Harbor

docker安装

yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine
$ sudo yum install -y yum-utils

$ sudo yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io

安装指定版本docker

yum list docker-ce --showduplicates | sort -r

yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io

docker-compose 安装

官方安装地址:https://docs.docker.com/compose/install/

curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
 chmod +x /usr/local/bin/docker-compose
 ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
 docker-compose --version

在线安装 Harbor

下载地址

https://github.com/goharbor/harbor/releases

下载 harbor-online-installer-v2.1.0.tgz harbor-online-installer-v2.1.0.tgz.asc 到本地

gpg -v –keyserver hkps://keyserver.ubuntu.com –verify harbor-online-installer-v2.1.0.tgz.asc

[root@172-16-1-177 tmp]# gpg -v –keyserver hkps://keyserver.ubuntu.com –verify harbor-online-installer-v2.1.0.tgz.asc
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
usage: gpg [options] [filename]
tar xvf harbor-online-installer-v2.1.0.tgz
cd harbor
cp harbor.yml.tmpl harbor.yml
hostname: harbor.yourdomain.cn
http:
  port: 80
#https:
  #port: 443
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path
harbor_admin_password: Harbor123456
database:
  password: root123
  max_idle_conns: 50
  max_open_conns: 1000
data_volume: /fjyl/harbor_data
clair:
  updaters_interval: 12
trivy:
  ignore_unfixed: false
  skip_update: false
  insecure: false
jobservice:
  max_job_workers: 10
notification:
  webhook_job_max_retry: 10
chart:
  absolute_url: disabled
log:
  level: info
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor
_version: 2.0.0
proxy:
  http_proxy:
  https_proxy:
  no_proxy:
  components:
    - core
    - jobservice
    - clair
    - trivy
./install.sh

在线安装会比较久

离线安装Harbor

https://github.com/goharbor/harbor/releases

下载 harbor-offline-installer-v2.1.0.tgz harbor-offline-installer-v2.1.0.tgz.asc 到本地

gpg -v –keyserver hkps://keyserver.ubuntu.com –verify harbor-offline-installer-version.tgz.asc
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
usage: gpg [options] [filename]
 tar xvf harbor-offline-installer-version.tgz

harbor 离线文件的目录结构

[root@172-16-1-199 harbor]# tree .
.
├── common
│   └── config
│       ├── core
│       │   ├── app.conf
│       │   ├── certificates
│       │   └── env
│       ├── db
│       │   └── env
│       ├── jobservice
│       │   ├── config.yml
│       │   └── env
│       ├── log
│       │   ├── logrotate.conf
│       │   └── rsyslog_docker.conf
│       ├── nginx
│       │   ├── conf.d
│       │   └── nginx.conf
│       ├── portal
│       │   └── nginx.conf
│       ├── registry
│       │   ├── config.yml
│       │   ├── passwd
│       │   └── root.crt
│       ├── registryctl
│       │   ├── config.yml
│       │   └── env
│       └── shared
│           └── trust-certificates
├── common.sh
├── docker-compose.yml
├── harbor.v2.1.0.tar.gz
├── harbor.yml
├── harbor.yml.tmpl
├── install.sh
├── LICENSE
└── prepare

14 directories, 22 files
[root@172-16-1-199 harbor]# cd harbor

[root@172-16-1-199 harbor]# ./install.sh

[Step 0]: checking if docker is installed ...

Note: docker version: 18.09.7

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 1.27.4

[Step 2]: loading Harbor images ...
.
.
.
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db     ... done
Creating redis         ... done
Creating registry      ... done
Creating registryctl   ... done
Creating harbor-portal ... done
Creating harbor-core   ... done
Creating nginx             ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----

harbor 监听在80端口 http://yourip

file

  • 注意

如果需要用到本私有仓库,要将域名加入到不安全的仓库中 创建 /etc/docker/daemon.json

{
  "registry-mirrors": ["https://dndgrfod.mirror.aliyuncs.com"], "insecure-registries": ["http://your_domain"]
}

留言

您的电子邮箱地址不会被公开。 必填项已用*标注

闽ICP备20008591号-1