Harbor 是 Vmwar 公司开源的 企业级的 Docker Registry 管理项目
它主要 提供 Dcoker Registry 管理UI,可基于角色访问控制, AD/LDAP 集成,日志审核等功能,完全的支持中文。
Harbor 的所有组件都在 Dcoker 中部署,所以 Harbor 可使用 Docker Compose 快速部署。
Ps
docker > =v 1.10.0
docker-compose >= v1.6.0 **
环境:
192.168.40.50 local-master
192.168.40.51 local-node1
一.安装
下载地址:https://github.com/vmware/harbor/releases
安装离线安装版本
yum install python2-pip python-devel
pip install --upgrade pip
pip install docker-compose
wget https://github.com/vmware/harbor/releases/download/0.5.0/harbor-offline-installer-0.5.0.tgz
tar xvf harbor-offline-installer-0.5.0.tgz
官网安装教程: https://github.com/vmware/harbor/blob/master/docs/installation_guide.md
目录结构
[root@local-master harbor]# ll -h
total 865M
drwxr-xr-x 4 root root 37 Mar 29 15:10 common
-rw-r--r-- 1 root root 2.2K Dec 6 16:35 docker-compose.yml
-rw------- 1 root root 865M Dec 6 16:37 harbor.0.5.0.tgz
-rw-r--r-- 1 root root 3.7K Mar 30 14:46 harbor.cfg
-rwxr-xr-x 1 root root 4.4K Dec 6 16:35 install.sh
-rw-r--r-- 1 root root 212K Dec 6 16:35 LICENSE
-rw-r--r-- 1 root root 483 Dec 6 16:35 NOTICE
-rwxr-xr-x 1 root root 12K Dec 6 16:35 prepare
修改配置文件harbor.cfg
[root@local-master harbor]# cat harbor.cfg |grep -v '^#'
hostname = 192.168.40.50
ui_url_protocol = http
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = xxx
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
harbor_admin_password = Harbor12345
#界面默认登陆用户是admin,密码是Harbor12345
登陆成功后再修改密码
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid
ldap_scope = 3
db_password = root123
self_registration = on
use_compressed_js = on
max_job_workers = 3
token_expiration = 30
verify_remote_cert = on
customize_crt = off
crt_country = CN
crt_state = State
crt_location = CN
crt_organization = organization
crt_organizationalunit = organizational unit
crt_commonname = example.com
crt_email = example@example.com
project_creation_restriction = everyone
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
二.加载镜像
[root@local-master harbor]# docker load -i harbor.0.5.0.tgz
harbor.png
三.安装和启动
[root@local-master harbor]# ./install.sh
本地启动的容器
四.访问harbor管理界面
http://ip
账号 admin
密码 Harbor12345
harbor界面
五.配置docker使用harbor作为私有仓库
#vim /usr/lib/systemd/system/docker.service
ExecStart= ....
--insecure-registry=local-master:80 \
#systemctl restart docker
#docker-compose restart
六. 上传镜像和下载镜像
登陆界面添加项目:yiwu
添加项目
master主机上配置:
修改docker的tag
[root@local-master harbor]# docker tag index.tenxcloud.com/google_containers/kubernetes-dashboard-amd64:v1.4.1 local-master:80/yiwu/kubernetes-dashboard-amd64:v1.4.1
[root@local-master harbor]# docker login local-master:80
Username: admin
Password:Harbor12345
Login Succeeded
## 或者docker login -u admin -p Harbor12345 -e e-mail-adress local-master:80
将本地镜像推上私有仓库
# docker push local-master:80/yiwu/kubernetes-dashboard-amd64:v1.4.1
node节点配置:
[root@local-node2 ~]# cat /etc/sysconfig/docker |grep INSECURE_REGISTRY
# adding the registry to the INSECURE_REGISTRY line and uncommenting it.
# INSECURE_REGISTRY='--insecure-registry'
INSECURE_REGISTRY='--insecure-registry=local-master:80'
# systemctl restart docker
拉取镜像
# docker pull local-master:80/yiwu/kubernetes-dashboard-amd64:v1.4
七. 管理
进入harbor安装目录,可以使用docker-compose命令管理harbor的生命周期
停止Harbor:
$ docker-compose stop
Stopping nginx ... done
Stopping harbor-jobservice ... done
Stopping harbor-ui ... done
Stopping harbor-db ... done
Stopping registry ... done
Stopping harbor-log ... done
启动 Harbor:
$ docker-compose start
Starting log ... done
Starting ui ... done
Starting mysql ... done
Starting jobservice ... done
Starting registry ... done
Starting proxy ... done
如果要修改harbor的配置,首先要停止harbor的容器实例,然后修改harbor.cfg文件然后执行./install 启动harbor。
重启docker后一定要docker-compose start,harbor才能正常
参考:
1.https://mritd.me/2016/06/27/Harbor-%E4%BC%81%E4%B8%9A%E7%BA%A7-Docker-Registry-%E5%88%9D%E8%AF%95/
2.http://blog.csdn.net/shenshouer/article/details/53390581
3.http://www.cnblogs.com/jicki/p/5737369.html
4.http://blog.csdn.net/u013127762/article/details/54314595
网友评论