harbor 搭建及使用
docker-compose
下载
curl -L https://github.com/docker/compose/releases/download/v2.29.7/docker-compose-linux-x86_64 > /usr/local/bin/docker-compose
增加权限
sudo chmod +x /usr/local/bin/docker-compose
查询docker-compose版本
docker-compose -v
Harbor
下载
wget https://kkgithub.com/goharbor/harbor/releases/download/v2.11.1/harbor-offline-installer-v2.11.1.tgz
解压
tar -zxvf harbor-offline-installer-v2.11.1.tgz
创建Harbor持久化文件目录
用于存放harbor的持久化数据
mkdir -p /opt/harbor
配置
拷贝harbor.yml.tmpl文件为harbor.yml
cp harbor.yml.tmpl harbor.yml
harbor.yml配置文件主要修改参数如下
hostname: 10.0.2.11:9999 #设置访问地址,可以使用ip、域名,不可以设置为127.0.0.1或localhost。默认情况下,harbor使用的端口是80,若使用自定义的端口,除了要改docker-compose.yml文件中的配置外,这里的hostname也要加上自定义的端口,否则在docker login、push时会报错
#http配置
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 9999
#https配置(如不需要可不配置,注释掉)
# https related config
#https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
#certificate: /your/certificate/path
#private_key: /your/private/key/path
#external_url: https://reg.mydomain.com:8433 #如果要启用外部代理,比如外层的NGINX、LB等,请取消注释external_url,当它启用时,hostname将不再使用。
harbor_admin_password: Harbor12345 #admin密码
#数据库配置
database:
# The password for the root user of Harbor DB. Change this before any production use.
password: root123
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: 50
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 100 for postgres.
max_open_conns: 100
#持久化数据目录
data_volume: /opt/harbor
安装并启动Harbor
./install.sh
后续如果关闭或者重启Harbor可以直接使用如下命令;先切换到Harbor安装的跟目录
docker-compose start
docker-compose stop
访问Harbor
http://10.0.2.11:9999
admin / Harbor12345
在Harbor中新建项目
Harbor的使用
修改Docker的配置文件/etc/docker/daemon.json
{
"exec-opts": ["native.cgroupdriver=systemd"],
"registry-mirrors": [
"https://rg6pgcdd.mirror.aliyuncs.com",
"https://docker.m.daocloud.io",
"https://noohub.ru",
"https://huecker.io",
"https://dockerhub.timeweb.cloud"
],
"insecure-registries": ["10.0.2.11"]
}
重新启动docker
systemctl daemon-reload
systemctl restart docker
登录Harbor
docker login 10.0.2.11:9999
输入Harbor的用户和密码
给构建好的镜像打标签
docker tag nginx:v1.0 10.0.2.11/m-k8s/nginx:v1.0
10.0.2.11/m-k8s/nginx:v1.0需要跟在Harbor创建的项目路径进行对应
上传镜像
docker push nginx:v1.0 10.0.2.11/m-k8s/nginx:v1.0
验证拉取镜像
先删除本地打tag的镜像
docker rmi 10.0.2.11/m-k8s/nginx:v1.0
拉取Harbor的镜像
docker pull 10.0.2.11/m-k8s/nginx:v1.0
docker images