介绍

Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署私有环境内的Registry也是非常必要的。Harbor是由VMware公司开源的企业级的Docker Registry管理项目,它包括权限管理(RBAC)、LDAP、日志审核、管理界面、自我注册、镜像复制和中文支持等功能

环境

Harbor的所有服务组件都是在Docker中部署的,所以官方安装使用Docker-compose快速部署,所以需要安装Docker、Docker-compose。目前Harbor要求docker 17.06.0-ce+ and docker-compose 1.18.0+ .

安装Docker

yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io

安装docker-composer

curl -L https://github.com/docker/compose/releases/download/1.18.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

测试一下docker和codker-composer是否安装成功

[root@harbor harbor]# docker version
Client: Docker Engine - Community
 Version:           20.10.12
 API version:       1.41
 Go version:        go1.16.12
 Git commit:        e91ed57
 Built:             Mon Dec 13 11:45:41 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.12
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.12
  Git commit:       459d0df
  Built:            Mon Dec 13 11:44:05 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.12
  GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc:
  Version:          1.0.2
  GitCommit:        v1.0.2-0-g52b36a2
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

[root@harbor harbor]# docker-compose version
docker-compose version 1.18.0, build 8dd22a9
docker-py version: 2.6.1
CPython version: 2.7.13
OpenSSL version: OpenSSL 1.0.1t  3 May 2016

Harbor服务搭建

下载Harbor相关文件

[root@harbor software]#  wget https://github.com/goharbor/harbor/releases/download/v1.10.10/harbor-offline-installer-v1.10.10.tgz
[root@harbor software]# tar -zxf harbor-offline-installer-v1.10.10.tgz
[root@harbor software]# cd harbor

修改配置文件

[root@harbor software]# cd harbor
[root@harbor harbor]# ls -lash
total 584M
   0 drwxr-xr-x. 3 root root  159 Jan 20 11:36 .
   0 drwxr-xr-x. 3 root root  109 Jan 20 10:35 ..
   0 drwxr-xr-x. 3 root root   20 Jan 20 10:38 common
4.0K -rw-r--r--. 1 root root 3.4K Jan 12 12:08 common.sh
8.0K -rw-r--r--. 1 root root 5.3K Jan 20 10:40 docker-compose.yml
584M -rw-r--r--. 1 root root 584M Jan 12 12:09 harbor.v1.10.10.tar.gz
8.0K -rw-r--r--. 1 root root 5.8K Jan 20 10:40 harbor.yml
4.0K -rwxr-xr-x. 1 root root 2.3K Jan 12 12:08 install.sh
 12K -rw-r--r--. 1 root root  12K Jan 12 12:08 LICENSE
4.0K -rwxr-xr-x. 1 root root 1.8K Jan 12 12:08 prepare
[root@harbor software]# [root@harbor harbor]# vim harbor.yml 
....
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: harbor.nginx.top

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
#https: # 我没有开启https,所以就注释掉了
  # https port for harbor, default is 443
  #port: 443
  # The path of cert and key files for nginx
  #certificate: /your/certificate/path
  #private_key: /your/private/key/path

.....

# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: admin  # 设置一下密码
...

启动harbor

[root@harbor harbor]# ./install.sh 

[Step 0]: checking if docker is installed ...

Note: docker version: 20.10.12

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 1.18.0

[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-portal:v1.10.10
Loaded image: goharbor/registry-photon:v1.10.10
Loaded image: goharbor/clair-adapter-photon:v1.10.10
Loaded image: goharbor/chartmuseum-photon:v1.10.10
Loaded image: goharbor/notary-signer-photon:v1.10.10
Loaded image: goharbor/prepare:v1.10.10
Loaded image: goharbor/harbor-core:v1.10.10
Loaded image: goharbor/harbor-registryctl:v1.10.10
Loaded image: goharbor/redis-photon:v1.10.10
Loaded image: goharbor/harbor-log:v1.10.10
Loaded image: goharbor/harbor-db:v1.10.10
Loaded image: goharbor/harbor-jobservice:v1.10.10
Loaded image: goharbor/notary-server-photon:v1.10.10
Loaded image: goharbor/nginx-photon:v1.10.10
Loaded image: goharbor/clair-photon:v1.10.10


[Step 3]: preparing environment ...

[Step 4]: preparing harbor configs ...
prepare base dir is set to /data/software/harbor
/usr/src/app/utils/configs.py:100: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as the default Loader is unsafe. Please read https://msg.pyyaml.org/load for full details.
  configs = yaml.load(f)
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /secret/keys/secretkey
Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt
Generated configuration file: /compose_location/docker-compose.yml
/usr/src/app/utils/configs.py:90: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, 
Creating harbor-log ... done
  versions = yaml.load(f)
Clean up the input dir


Creating redis ... done
Creating harbor-core ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-db ... 
Creating registryctl ... 
Creating registry ... 
Creating redis ... 
Creating harbor-portal ... 
Creating harbor-core ... 
Creating nginx ... 
Creating harbor-jobservice ... 
✔ ----Harbor has been installed and started successfully.----

查看harbor相关docker容器是否正常运行

[root@harbor harbor]# docker ps -a
CONTAINER ID   IMAGE                                  COMMAND                  CREATED          STATUS                             PORTS                                   NAMES
c93112a5b5ff   goharbor/harbor-jobservice:v1.10.10    "/harbor/harbor_jobs…"   8 seconds ago    Up 6 seconds (health: starting)                                            harbor-jobservice
3ac8fe3c841d   goharbor/nginx-photon:v1.10.10         "nginx -g 'daemon of…"   8 seconds ago    Up 6 seconds (health: starting)    0.0.0.0:80->8080/tcp, :::80->8080/tcp   nginx
21e06d638656   goharbor/harbor-core:v1.10.10          "/harbor/harbor_core"    8 seconds ago    Up 7 seconds (health: starting)                                            harbor-core
3cc6b5f67f37   goharbor/harbor-portal:v1.10.10        "nginx -g 'daemon of…"   10 seconds ago   Up 8 seconds (health: starting)    8080/tcp                                harbor-portal
745fc8d0eea9   goharbor/registry-photon:v1.10.10      "/home/harbor/entryp…"   11 seconds ago   Up 8 seconds (health: starting)    5000/tcp                                registry
4bcf961dba3d   goharbor/redis-photon:v1.10.10         "redis-server /etc/r…"   11 seconds ago   Up 8 seconds (health: starting)    6379/tcp                                redis
050d0b94f473   goharbor/harbor-registryctl:v1.10.10   "/home/harbor/start.…"   11 seconds ago   Up 8 seconds (health: starting)                                            registryctl
1afba4159284   goharbor/harbor-db:v1.10.10            "/docker-entrypoint.…"   11 seconds ago   Up 8 seconds (health: starting)    5432/tcp                                harbor-db
b3eea55e3bb5   goharbor/harbor-log:v1.10.10           "/bin/sh -c /usr/loc…"   13 seconds ago   Up 10 seconds (health: starting)   127.0.0.1:1514->10514/tcp               harbor-log

Harbor仓库部署
Harbor仓库部署

文章目录