部署Harbor私有镜像仓库

docker-ce的安装


step 1:安装一些必要的系统工具

yum install -y yum-utils device-mapper-persistent-data lvm2
1
Step 2:添加docker镜像源

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
1
Step 3: 安装 Docker-CE

yum -y install docker-ce
1
Step 4: 开启Docker服务

systemctl start docker

安装docker-compose

curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

Harbor私有仓库的安装

$ wget  --continue https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.1.tgz
$ tar -xzvf harbor-offline-installer-v1.5.1.tgz
$ cd harbor
$ cp harbor.cfg{,.bak}
$ vim harbor.cfg
$ diff harbor.cfg{,.bak}
7c7
< hostname = 10.0.221.74
---
> hostname = reg.mydomain.com
11c11
< ui_url_protocol = https
---
> ui_url_protocol = http
$ ./install.sh

其它操作

下列操作的工作目录均为 解压离线安装文件后 生成的 harbor 目录。

$ # 停止 harbor
$ docker-compose down -v
$ # 修改配置
$ vim harbor.cfg
$ # 更修改的配置更新到 docker-compose.yml 文件
$ ./prepare
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/nginx/cert/admin.pem
Clearing the configuration file: ./common/config/nginx/cert/admin-key.pem
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/adminserver/env
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
$ sudo chmod -R 777 common ## 防止容器进程没有权限读取生成的配置
$ # 启动 harbor
$ docker-compose up -d

注意

这是因为docker1.3.2版本开始默认docker registry使用的是https,我们设置Harbor默认http方式,所以当执行用docker login、pull、push等命令操作非https的docker regsitry的时就会报错。解决办法:

cat >  /etc/docker/daemon.json <<EOF
{
  "insecure-registries": [
    "10.0.221.74"
  ]
}
EOF

 

访问管理界面

http://10.0.221.74

用户: admin   密码: Harbor12345

image

测试


1)从docker hub上下载hello-world镜像

# docker run hello-world
2)给镜像打标签,以便上传到私服,其中library是harbor默认提供的项目

# docker tag hello-world 10.0.221.74/library/hello-world
3)上传镜像

先登录镜像私服,执行以下指令,再输入用户名和密码

# docker login 10.0.221.74
Username: admin
Password:       //输入密码
Login Succeeded
上传镜像

# docker push 10.0.221.74/library/hello-world

参考

https://blog.csdn.net/weixin_41465338/article/details/80146218

http://orchome.com/664