使用 Harbor 搭建企业级 Docker registry 服务
来源:靑龍一笑的博客 作者:靑龍一笑 发布时间:2021-07-22 17:57:59 点击量:477 评论:0
一、安装 docker
详见我的另一篇文章《以二进制文件方式安装 docker》。
二、安装 docker-compose
给下载到的 docker-compose-Linux-x86_64 文件赋予可执行权限:
[root@RicenOS softwares]# chmod +x docker-compose-Linux-x86_64
安装 docker-compose:
[root@RicenOS softwares]# mv docker-compose-Linux-x86_64 /usr/bin/docker-compose
查看版本信息:
[root@RicenOS softwares]# docker-compose --version
docker-compose version 1.29.2, build 5becea4c
docker-compose version 1.29.2, build 5becea4c
三、申请一个 https 证书或自签名一个 https 证书
我这里自签名一个证书,证书文件 www.ricen.net.pem、www.ricen.net.key 存放在 /opt/cert 目录下。
四、安装 harbor
[root@RicenOS softwares]# tar xvf harbor-offline-installer-v2.2.3.tgz
[root@RicenOS softwares]# cd harbor
[root@RicenOS harbor]# mv harbor.yml.tmpl harbor.yml
[root@RicenOS harbor]# vi harbor.yml
[root@RicenOS softwares]# cd harbor
[root@RicenOS harbor]# mv harbor.yml.tmpl harbor.yml
[root@RicenOS harbor]# vi harbor.yml
修改以下几处:
hostname: reg.mydomain.com
https:
port: 443
certificate: /your/certificate/path
private_key: /your/private/key/path
harbor_admin_password: Harbor12345
https:
port: 443
certificate: /your/certificate/path
private_key: /your/private/key/path
harbor_admin_password: Harbor12345
主要设置域名(也可以是 IP)、证书路径、登录密码,例如:
hostname: www.ricen.net
https:
port: 443
certificate: /opt/cert/www.ricen.net.pem
private_key: /opt/cert/www.ricen.net.key
harbor_admin_password: p2021#Harbor
https:
port: 443
certificate: /opt/cert/www.ricen.net.pem
private_key: /opt/cert/www.ricen.net.key
harbor_admin_password: p2021#Harbor
开始安装:
[root@RicenOS harbor]# ./install.sh
测试:
五、使用方法
在另外一台装有 docker 的服务器上操作。
1、登录 harbor
[root@RicenOS ~]# docker login https://www.ricen.net
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
2、查看本地镜像
[root@RicenOS ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ricenos latest ec72e83fc02e 42 hours ago 972MB
centos 7 8652b9f0cb4c 8 months ago 204MB
REPOSITORY TAG IMAGE ID CREATED SIZE
ricenos latest ec72e83fc02e 42 hours ago 972MB
centos 7 8652b9f0cb4c 8 months ago 204MB
3、给本地镜像打个标签
[root@RicenOS ~]# docker tag ricenos www.ricen.net/library/ricenos
4、上传本地镜像到 harbor
[root@RicenOS ~]# docker push www.ricen.net/library/ricenos
5、删除本地镜像
[root@RicenOS ~]# docker stop $(docker ps -a -q)
[root@RicenOS ~]# docker rm $(docker ps -a -q)
[root@RicenOS ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ricenos latest ec72e83fc02e 14 minutes ago 975MB
www.ricen.net/library/ricenos latest ec72e83fc02e 14 minutes ago 975MB
centos 7 8652b9f0cb4c 8 months ago 204MB
[root@RicenOS ~]# docker rmi ricenos
[root@RicenOS ~]# docker rmi www.ricen.net/library/ricenos
[root@RicenOS ~]# docker rmi 865
[root@RicenOS ~]# docker rm $(docker ps -a -q)
[root@RicenOS ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
ricenos latest ec72e83fc02e 14 minutes ago 975MB
www.ricen.net/library/ricenos latest ec72e83fc02e 14 minutes ago 975MB
centos 7 8652b9f0cb4c 8 months ago 204MB
[root@RicenOS ~]# docker rmi ricenos
[root@RicenOS ~]# docker rmi www.ricen.net/library/ricenos
[root@RicenOS ~]# docker rmi 865
6、从 harbor 上下载镜像到本地
[root@RicenOS ~]# docker pull www.ricen.net/library/ricenos
[root@RicenOS ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
www.ricen.net/library/ricenos latest ec72e83fc02e 22 minutes ago 975MB
[root@RicenOS ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
www.ricen.net/library/ricenos latest ec72e83fc02e 22 minutes ago 975MB
7、测试使用本地镜像创建并运行容器
[root@RicenOS ~]# docker run -d --name ricenos -p 8080:8080 -v /data/webapps:/data/Tomcat/webapps -v /data/logs:/data/Tomcat/logs www.ricen.net/library/ricenos
版权所有 © 2005-2023 靑龍一笑的博客 Powered by C.S.Ricen
Copyright © 2005-2023 by www.ricensoftwares.com.cn All Rights Reserved.
Copyright © 2005-2023 by www.ricensoftwares.com.cn All Rights Reserved.
