娃哈哈好喝软件版本:
os:rocky9.4
docker:27.0.3
Docker-compose:2.29.0
harbor:2.10.3
1、安装配置docker
docker安装这里略过了,需要修改一下docker的网络和运行目录的配置,也可以不改,根据实际需要决定
[root@rocky9 docker]# pwd
/etc/docker
[root@rocky9 docker]# ls
daemon.json
[root@rocky9 docker]# cat daemon.json
{
"data-root": "/data/docker/",
"bip": "192.168.9.1/24"
}
[root@rocky9 docker]#
/etc/docker/daemon.json这个文件不存在可以手动创建,修改完之后记得重启docker
2、部署harbor
可以去github上下载
https://github.com/goharbor/harbor
这里使用的是离线版,下载之后解压
[root@rocky9 dl]# tar -xvf harbor-offline-installer-v2.10.3.tgz
# 将目录放到/data/目录,
[root@rocky9 dl]# mv harbor/ /data/
[root@rocky9 dl]# cd /data/harbor
[root@rocky9 harbor]# ls
common harbor.v2.10.3.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
# 将harbor.yml.tmpl文件改名或者复制一份:harbor.yml
[root@rocky9 harbor]# mv harbor.yml.tmpl harbor.yml
# 修改配置文件 harbor.yml,
[root@rocky9 harbor]# grep -v "^#" harbor.yml | grep -v "^$" |grep -v "^.*#"
hostname: 172.10.10.21
http:
port: 80
harbor_admin_password: Harbor12345
database:
password: root123
max_idle_conns: 100
max_open_conns: 900
conn_max_lifetime: 5m
conn_max_idle_time: 0
data_volume: /data/harbor
trivy:
ignore_unfixed: false
skip_update: false
skip_java_db_update: false
offline_scan: false
security_check: vuln
insecure: false
jobservice:
max_job_workers: 10
job_loggers:
- STD_OUTPUT
- FILE
notification:
webhook_job_max_retry: 3
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /data/harbor/log
_version: 2.10.0
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
- core
- jobservice
- trivy
upload_purging:
enabled: true
age: 168h
interval: 24h
dryrun: false
cache:
enabled: false
expire_hours: 24
修改的地方:
hostname
http
port80
harbor_admin_passwordHarbor12345
data_volume/data/harbor
# 日志保存路径
location/data/harbor/log
其他保持默认,开始安装
[root@rocky9 harbor]# ./install.sh
WARN[0000] /data/harbor/docker-compose.yml: `version` is obsolete
[+] Running 10/10
✔ Network harbor_harbor Created 0.1s
✔ Container harbor-log Started 0.5s
✔ Container harbor-db Started 1.7s
✔ Container registry Started 1.6s
✔ Container harbor-portal Started 1.5s
✔ Container redis Started 1.6s
✔ Container registryctl Started 1.6s
✔ Container harbor-core Started 2.5s
✔ Container nginx Started 3.2s
✔ Container harbor-jobservice Started 3.2s
✔ ----Harbor has been installed and started successfully.----
[root@rocky9 harbor]# docker ps
出现上面的信息说明安装成功了,如果docker ps看到容器都没起来的话可以在harbor目录下使用下面的命令手动启动
[root@rocky9 harbor]# docker-compose up -d
3、web管理
完成前面的之后可以使用浏览器访问刚才在harbor.yml中配置的hostname,我这里写的是机器ip
账号密码默认是admin和Harbor12345,登录成功之后可以在后台修改相关的配置,创建仓库等,这里我创建一个demo的仓库,接下来往这个仓库上传镜像
4、上传镜像
先准备好需要上传的镜像
[root@rocky9 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.10.3 7aa694114453 3 weeks ago 107MB
goharbor/redis-photon v2.10.3 359683ebd59c 3 weeks ago 165MB
goharbor/trivy-adapter-photon v2.10.3 6d51017555d9 3 weeks ago 516MB
goharbor/harbor-registryctl v2.10.3 96efb27ac641 3 weeks ago 152MB
goharbor/registry-photon v2.10.3 f73ad548d874 3 weeks ago 84.7MB
goharbor/nginx-photon v2.10.3 0ae16f53f286 3 weeks ago 154MB
goharbor/harbor-log v2.10.3 9ee81cca16ce 3 weeks ago 163MB
goharbor/harbor-jobservice v2.10.3 053df0842d37 3 weeks ago 143MB
goharbor/harbor-core v2.10.3 ed909856be82 3 weeks ago 171MB
goharbor/harbor-portal v2.10.3 c8c29cea2ef3 3 weeks ago 162MB
goharbor/harbor-db v2.10.3 c623b46fd89d 3 weeks ago 269MB
goharbor/prepare v2.10.3 292e199c8873 3 weeks ago 210MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
[root@rocky9 ~]#
这里准备了一个rockylinux9.3的镜像,打标签和上传的方法可以在harbor的web后台中看到
分2步:
1、先对镜像打标签
[root@rocky9 ~]# docker tag rockylinux:9.3 172.10.10.21/demo/rockylinux:demo
[root@rocky9 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.10.3 7aa694114453 3 weeks ago 107MB
goharbor/redis-photon v2.10.3 359683ebd59c 3 weeks ago 165MB
goharbor/trivy-adapter-photon v2.10.3 6d51017555d9 3 weeks ago 516MB
goharbor/harbor-registryctl v2.10.3 96efb27ac641 3 weeks ago 152MB
goharbor/registry-photon v2.10.3 f73ad548d874 3 weeks ago 84.7MB
goharbor/nginx-photon v2.10.3 0ae16f53f286 3 weeks ago 154MB
goharbor/harbor-log v2.10.3 9ee81cca16ce 3 weeks ago 163MB
goharbor/harbor-jobservice v2.10.3 053df0842d37 3 weeks ago 143MB
goharbor/harbor-core v2.10.3 ed909856be82 3 weeks ago 171MB
goharbor/harbor-portal v2.10.3 c8c29cea2ef3 3 weeks ago 162MB
goharbor/harbor-db v2.10.3 c623b46fd89d 3 weeks ago 269MB
goharbor/prepare v2.10.3 292e199c8873 3 weeks ago 210MB
rockylinux 9.3 9cc24f05f309 7 months ago 176MB
172.10.10.21/demo/rockylinux demo 9cc24f05f309 7 months ago 176MB
[root@rocky9 ~]#
2、上传
上传之前需要先登录harbor
如果harbor只配置http而没有配置https会遇到类似这样的错误
[root@rocky9 ~]# docker login -uadmin 172.10.10.21
Password:
Error response from daemon: Get "https://172.10.10.21/v2/": dial tcp 172.10.10.21:443: connect: connection refused
[root@rocky9 ~]#
需要修改一下docker的配置文件 /etc/docker/daemon.json
# 添加一行
{
"data-root": "/data/docker/",
"bip": "192.168.9.1/24",
"insecure-registries": ["http://172.10.10.21"]
}
修改好之后重启docker
[root@rocky9 ~]# docker login -uadmin 172.10.10.21
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores
Login Succeeded
[root@rocky9 ~]#
登录成功,开始推送镜像
[root@rocky9 ~]# docker push 172.10.10.21/demo/rockylinux:demo The push refers to repository [172.10.10.21/demo/rockylinux] 44343de3ea1d: Pushed demo: digest: sha256:5cdcd7ab7142a7f050935804fa681ad1e5df070dff1651f941481039d001650c size: 528 [root@rocky9 ~]#
推送成功,可以在harbor仓库看
5、拉取使用镜像
拉取镜像方法也可以参考harbor
[root@rocky9 ~]# docker pull 172.10.10.21/demo/rockylinux:demo
demo: Pulling from demo/rockylinux
446f83f14b23: Pull complete
Digest: sha256:5cdcd7ab7142a7f050935804fa681ad1e5df070dff1651f941481039d001650c
Status: Downloaded newer image for 172.10.10.21/demo/rockylinux:demo
172.10.10.21/demo/rockylinux:demo
[root@rocky9 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
172.10.10.21/demo/rockylinux demo 9cc24f05f309 7 months ago 176MB
[root@rocky9 ~]#