美文网首页
安装harbor

安装harbor

作者: Nick_4438 | 来源:发表于2018-08-25 13:32 被阅读0次

    前言

    本文介绍如何安装harbor

    操作步骤

    tar xvf harbor-offline-installer-v1.5.2.tgz
    
    • 配置harbor.cfg;

    hostname必须带端口,如hostname = 58.2.204.146:6110

    email 配置

    email_identity = 
    
    email_server = smtp.angle.com
    email_server_port = 25
    email_username = projects@sangle.com
    email_password = pro
    email_from = project <projects@angle.com>
    email_ssl = false
    email_insecure = false
    
    
    • 配置 Harbor 监听端口 docker-compose.yml
      proxy:
        image: vmware/nginx-photon:v1.5.2
        container_name: nginx
        restart: always
        volumes:
          - ./common/config/nginx:/etc/nginx:z
        networks:
          - harbor
        ports:
          - 6110:80
          - 6111:443
          - 6112:4443
        depends_on:
          - mysql
          - registry
          - ui
          - log
        logging:
          driver: "syslog"
          options:
            syslog-address: "tcp://127.0.0.1:1514"
            tag: "proxy"
    
    • 运行install.sh 开始安装Harbor;

    harbor.cfg参数详细说明

    参数类型

    配置参数在文件 harbor.cfg内.

    该文件中有2类参数,必须参数,和选填参数;

    必须参数:这些参数是必须配置的,如果重新配置这些参数,需要重新执行install.sh

    选配参数:这些参数不是必须填写的,我么可以设置成为默认参数,在WEB启动之后我们可以在UI界面中设置,该类参数只有第一次运行的时候会生效;

    参数说明

    Required parameters:
    • hostname: The target host's hostname, which is used to access the UI and the registry service. It should be the IP address or the fully qualified domain name (FQDN) of your target machine, e.g., 192.168.1.10 or reg.yourdomain.com. Do NOT use localhost or 127.0.0.1 for the hostname - the registry service needs to be accessible by external clients!
    • ui_url_protocol: (http or https. Default is http) The protocol used to access the UI and the token/notification service. If Notary is enabled, this parameter has to be https. By default, this is http. To set up the https protocol, refer to Configuring Harbor with HTTPS Access.
    • db_password: The root password for the MySQL database used for db_auth. Change this password for any production use!
    • max_job_workers: (default value is 3) The maximum number of replication workers in job service. For each image replication job, a worker synchronizes all tags of a repository to the remote destination. Increasing this number allows more concurrent replication jobs in the system. However, since each worker consumes a certain amount of network/CPU/IO resources, please carefully pick the value of this attribute based on the hardware resource of the host.
    • customize_crt: (on or off. Default is on) When this attribute is on, the prepare script creates private key and root certificate for the generation/verification of the registry's token. Set this attribute to off when the key and root certificate are supplied by external sources. Refer to Customize Key and Certificate of Harbor Token Service for more info.
    • ssl_cert: The path of SSL certificate, it's applied only when the protocol is set to https
    • ssl_cert_key: The path of SSL key, it's applied only when the protocol is set to https
    • secretkey_path: The path of key for encrypt or decrypt the password of a remote registry in a replication policy.
    • log_rotate_count: Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.
    • log_rotate_size: Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes. If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G are all valid.
    Optional parameters
    • Email settings: These parameters are needed for Harbor to be able to send a user a "password reset" email, and are only necessary if that functionality is needed. Also, do note that by default SSL connectivity is not enabled - if your SMTP server requires SSL, but does not support STARTTLS, then you should enable SSL by setting email_ssl = true. Setting email_insecure = true if the email server uses a self-signed or untrusted certificate. For a detailed description about "email_identity" please refer to rfc2595

    • harbor_admin_password: The administrator's initial password. This password only takes effect for the first time Harbor launches. After that, this setting is ignored and the administrator's password should be set in the UI. Note that the default username/password are admin/Harbor12345 .

    更多详细参数可见GITHUB 网站

    相关文章

      网友评论

          本文标题:安装harbor

          本文链接:https://www.haomeiwen.com/subject/pxfgiftx.html