标签:repo Harbor v2.3 Aimmi harbor docker root
Harbor
Docker加速器
[root@Aimmi ~]# cat /etc/redhat-release
CentOS Stream release 8
[root@localhost ~]# cd /etc/containers/
[root@localhost containers]# ls
certs.d policy.json registries.conf.d storage.conf
oci registries.conf registries.d
[root@Aimmi containers]# vim registries.conf
unqualified-search-registries = ["docker.io"]
[[registry]]
prefix="docker.io" // 表示去哪里拉
location="2bkybiwf.mirror.aliyuncs.com" // 加速器的位置
# [[registry]]
[root@Aimmi ~]# podman pull nginx
Resolving "nginx" using unqualified-search registries (/etc/containers/registries.conf)
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob ed835de16acd done
Copying blob 881ff011f1c9 done
Copying blob 44be98c0fab6 done
Copying blob 21e0df283cd6 done
Copying blob e5ae68f74026 done
Copying blob 77700c52c969 done
Copying config f652ca386e done
Writing manifest to image destination
Storing signatures
f652ca386ed135a4cbe356333e08ef0816f81b2ac8d0619af01e2b256837ed3e
[root@Aimmi ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest f652ca386ed1 13 days ago 146 MB
Harbor
无论是使用Docker-distribution去自建仓库,还是通过官方镜像跑容器的方式去自建仓库,通过前面的演示我们可以发现其是非常的简陋的,还不如直接使用官方的Docker Hub去管理镜像来得方便,至少官方的Docker Hub能够通过web界面来管理镜像,还能在web界面执行搜索,还能基于Dockerfile利用Webhooks和Automated Builds实现自动构建镜像的功能,用户不需要在本地执行docker build,而是把所有build上下文的文件作为一个仓库推送到github上,让Docker Hub可以从github上去pull这些文件来完成自动构建。
但无论官方的Docker Hub有多强大,它毕竟是在国外,所以速度是最大的瓶颈,我们很多时候是不可能去考虑使用官方的仓库的,但是上面说的两种自建仓库方式又十分简陋,不便管理,所以后来就出现了一个被 CNCF 组织青睐的项目,其名为Harbor。
Harbor简介
Harbor是由VMWare在Docker Registry的基础之上进行了二次封装,加进去了很多额外程序,而且提供了一个非常漂亮的web界面。
项目Harbor是一个开源的、受信任的云原生的仓库项目,用来存储、登录(用户管理)和查找镜像。
Harbor扩展了开源的Docker Distribution的功能,通过添加用户通常需要的功能,如安全、认证和管理。
Harbor支持高级特性,如用户管理、访问控制、活动监视和主从复制。
Harbor的功能
Feathers:
- 用户的登录与校验
- 安全性和漏洞分析
- 日志审计
- 身份验证和基于角色的访问控制
- 镜像实例的主从复制(高可用)
- 可扩展API和图形UI
- 支持的语言(当前支持英语和中文)
Docker Compose(编排工具)
Harbor在物理机上部署是非常难的,而为了简化Harbor的应用,Harbor官方直接把Harbor做成了在容器中运行的应用,而且这个容器在Harbor中依赖类似redis、mysql、pgsql等很多存储系统,所以它需要编排很多容器协同起来工作,因此VMWare Harbor在部署和使用时,需要借助于Docker的单机编排工具(Docker compose)来实现。
Compose是一个用于定义和运行多容器Docker应用程序的工具。使用Compose,您可以使用YAML文件来配置应用程序的服务。然后,通过一个命令,您可以创建并启动配置中的所有服务。
Harbor部署
Docker compose官方文档 https://docs.docker.com/compose/ Harbor官方文档 https://github.com/goharbor/harbor
[root@Aimmi ~]# cd /etc/yum.repos.d/
[root@Aimmi yum.repos.d]# ls
CentOS-Linux-AppStream.repo CentOS-Linux-HighAvailability.repo
CentOS-Linux-BaseOS.repo CentOS-Linux-Media.repo
CentOS-Linux-ContinuousRelease.repo CentOS-Linux-Plus.repo
CentOS-Linux-Debuginfo.repo CentOS-Linux-PowerTools.repo
CentOS-Linux-Devel.repo CentOS-Linux-Sources.repo
CentOS-Linux-Extras.repo docker-ce.repo
CentOS-Linux-FastTrack.repo
[root@Aimmi yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1919 100 1919 0 0 717 0 0:00:02 0:00:02 --:--:-- 717
[root@Aimmi yum.repos.d]# ls
CentOS-Linux-AppStream.repo CentOS-Linux-HighAvailability.repo
CentOS-Linux-BaseOS.repo CentOS-Linux-Media.repo
CentOS-Linux-ContinuousRelease.repo CentOS-Linux-Plus.repo
CentOS-Linux-Debuginfo.repo CentOS-Linux-PowerTools.repo
CentOS-Linux-Devel.repo CentOS-Linux-Sources.repo
CentOS-Linux-Extras.repo docker-ce.repo
CentOS-Linux-FastTrack.repo
[root@Aimmi yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo
[root@Aimmi yum.repos.d]# yum clean all
[root@Aimmi yum.repos.d]# yum8 makecache
安装docker
[root@Aimmi ~]# dnf -y install docker-ce
运行此命令以下载Docker Compose的当前稳定版本
[root@Aimmi ~]# curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 664 100 664 0 0 1004 0 --:--:-- --:--:-- --:--:-- 1003
100 12.1M 100 12.1M 0 0 77598 0 0:02:44 0:02:44 --:--:-- 101k
[root@Aimmi ~]# cd /usr/local/bin/
[root@Aimmi bin]# ls
docker-compose
[root@Aimmi bin]# chmod +x /usr/local/bin/docker-compose
[root@Aimmi bin]# which docker-compose
/usr/local/bin/docker-compose
[root@Aimmi bin]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
上传harbor安装包并解压,然后修改配置文件
[root@Aimmi src]# ls
debug harbor-offline-installer-v2.3.5.tgz kernels
[root@Aimmi src]# ls /usr/local/
bin etc games include lib lib64 libexec sbin share src
[root@Aimmi src]# tar xf harbor-offline-installer-v2.3.5.tgz -C /usr/local/
[root@Aimmi src]# ls /usr/local/
bin etc games harbor include lib lib64 libexec sbin share src
[root@Aimmi src]# cd /usr/local/harbor/
[root@Aimmi harbor]# ls
LICENSE common.sh harbor.v2.3.5.tar.gz harbor.yml.tmpl install.sh prepare
[root@Aimmi harbor]# cp harbor.yml.tmpl harbor.yml
[root@Aimmi harbor]# ls
LICENSE harbor.v2.3.5.tar.gz harbor.yml.tmpl prepare
common.sh harbor.yml install.sh
[root@Aimmi ~]# hostnamectl set-hostname registry.example.com
[root@Aimmi ~]# bash
[root@registry harbor]# vi /etc/hosts
[root@registry harbor]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.145.188 registry.example.com
[root@registry ~]# vi /etc/hosts
[root@registry ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.145.188 registry.example.com
[root@registry ~]# ping registry.example.com
PING registry.example.com (192.168.145.188) 56(84) bytes of data.
64 bytes from registry.example.com (192.168.145.188): icmp_seq=1 ttl=64 time=0.716 ms
64 bytes from registry.example.com (192.168.145.188): icmp_seq=2 ttl=64 time=0.336 ms
64 bytes from registry.example.com (192.168.145.188): icmp_seq=3 ttl=64 time=1.05 ms
执行install安装
[root@Aimmi harbor]# ./install.sh
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db ... done
Creating harbor-portal ... done
Creating redis ... done
Creating registry ... done
Creating registryctl ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
[root@registry harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
goharbor/harbor-exporter v2.3.5 1730c6f650e2 5 days ago 81.9MB
goharbor/chartmuseum-photon v2.3.5 47004f032938 5 days ago 179MB
goharbor/redis-photon v2.3.5 3d0cedc89a0d 5 days ago 156MB
goharbor/trivy-adapter-photon v2.3.5 5c0212e98070 5 days ago 133MB
goharbor/notary-server-photon v2.3.5 f20a76c65359 5 days ago 111MB
goharbor/notary-signer-photon v2.3.5 b9fa38eef4d7 5 days ago 108MB
goharbor/harbor-registryctl v2.3.5 7a52567a76ca 5 days ago 133MB
goharbor/registry-photon v2.3.5 cf22d3e386b8 5 days ago 82.6MB
goharbor/nginx-photon v2.3.5 5e3b6d9ce11a 5 days ago 45.7MB
goharbor/harbor-log v2.3.5 a03e4bc963d6 5 days ago 160MB
goharbor/harbor-jobservice v2.3.5 2ac32df5a2e0 5 days ago 211MB
goharbor/harbor-core v2.3.5 23baee01156f 5 days ago 193MB
goharbor/harbor-portal v2.3.5 bb545cdedf5a 5 days ago 58.9MB
goharbor/harbor-db v2.3.5 9826c57a5749 5 days ago 221MB
goharbor/prepare v2.3.5 a1ceaabe47b2 5 days ago 255MB
[root@registry harbor]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d48360756ee5 goharbor/nginx-photon:v2.3.5 "nginx -g 'daemon of…" 54 seconds ago Up 53 seconds (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
896cdadd9311 goharbor/harbor-jobservice:v2.3.5 "/harbor/entrypoint.…" 54 seconds ago Up 53 seconds (healthy) harbor-jobservice
a207ac236758 goharbor/harbor-core:v2.3.5 "/harbor/entrypoint.…" 54 seconds ago Up 54 seconds (healthy) harbor-core
ad51bf4d3c48 goharbor/registry-photon:v2.3.5 "/home/harbor/entryp…" 55 seconds ago Up 54 seconds (healthy) registry
41670f422157 goharbor/harbor-registryctl:v2.3.5 "/home/harbor/start.…" 55 seconds ago Up 54 seconds (healthy) registryctl
75e6c3960546 goharbor/harbor-db:v2.3.5 "/docker-entrypoint.…" 55 seconds ago Up 54 seconds (healthy) harbor-db
a57f498ff03d goharbor/redis-photon:v2.3.5 "redis-server /etc/r…" 55 seconds ago Up 54 seconds (healthy) redis
f0607094d05c goharbor/harbor-portal:v2.3.5 "nginx -g 'daemon of…" 55 seconds ago Up 54 seconds (healthy) harbor-portal
a89f140bcc34 goharbor/harbor-log:v2.3.5 "/bin/sh -c /usr/loc…" 55 seconds ago Up 55 seconds (healthy) 127.0.0.1:151
标签:repo,Harbor,v2.3,Aimmi,harbor,docker,root 来源: https://www.cnblogs.com/Aimmi/p/15696204.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。