美文网首页
(四)Harbor部署

(四)Harbor部署

作者: 白面葫芦娃92 | 来源:发表于2018-11-14 23:29 被阅读0次

    一、选择原因:

    1.可以私有化
    2.权限访问,角色控制
    3.镜像可以复制 可以做 HA
    4.漏洞扫描
    5.支持LDAP/AD 轻目录访问 控制用户的
    ...
    ...

    二、环境:

    Hardware
    Resource Capacity Description
    CPU minimal 2 CPU 4 CPU is preferred
    Mem minimal 4GB 8GB is preferred
    Disk minimal 40GB 160GB is preferred
    Software
    Software Version Description
    Python version 2.7 or higher Note that you may have to install Python on Linux distributions (Gentoo, Arch) that do not come with a Python interpreter installed by default
    Docker engine version 1.10 or higher For installation instructions, please refer to: https://docs.docker.com/engine/installation/
    Docker Compose version 1.6.0 or higher For installation instructions, please refer to: https://docs.docker.com/compose/install/
    Openssl latest is preferred Generate certificate and keys for Harbor

    三、部署

    1.docker,python准备
    2.docker-compose安装

    [root@i-mulkuzbd ~]# curl -L "https://github.com/docker/compose/releases/download/1.23.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
[root@i-mulkuzbd ~]# chmod +x /usr/local/bin/docker-compose
[root@i-mulkuzbd ~]# docker-compose --version
docker-compose version 1.23.1, build b02f1306

    3.harbor部署

    //解压harbor离线安装包
[root@i-mulkuzbd ~]# cd /usr/local
[root@i-mulkuzbd ~]# rz
//配置HTTPS Access
//假如部署环境机器不带DNS后缀,按机器名称如hadoop004部署,后面会有一定的问题
[root@hadoop004 local]# ll
total 844696
drwxr-xr-x. 2 root root      4096 Nov 14 14:23 bin
drwxr-xr-x. 2 root root      4096 Nov  5  2016 etc
-rw-r--r--  1 root root 864933610 Nov 14 14:44 harbor-offline-installer-v1.5.1.tgz
drwxr-xr-x. 2 root root      4096 Nov  5  2016 include
drwxr-xr-x. 2 root root      4096 Nov  5  2016 lib
drwxr-xr-x. 2 root root      4096 Nov  5  2016 libexec
drwxr-xr-x. 2 root root      4096 Nov  5  2016 sbin
drwxr-xr-x. 2 root root      4096 Nov  5  2016 src
[root@hadoop004 local]# tar -zxvf harbor-offline-installer-v1.5.1.tgz
[root@hadoop004 local]# ll
total 844700
drwxr-xr-x. 2 root root      4096 Nov 14 14:23 bin
drwxr-xr-x. 2 root root      4096 Nov  5  2016 etc
drwxr-xr-x  4 root root      4096 Nov 14 15:56 harbor
-rw-r--r--  1 root root 864933610 Nov 14 14:44 harbor-offline-installer-v1.5.1.tgz
drwxr-xr-x. 2 root root      4096 Nov  5  2016 include
drwxr-xr-x. 2 root root      4096 Nov  5  2016 lib
drwxr-xr-x. 2 root root      4096 Nov  5  2016 libexec
drwxr-xr-x. 2 root root      4096 Nov  5  2016 sbin
drwxr-xr-x. 2 root root      4096 Nov  5  2016 src
[root@hadoop004 local]# cd harbor
[root@hadoop004 harbor]# ll
total 856148
drwxr-xr-x 3 root root      4096 Nov 14 15:56 common
-rw-r--r-- 1 root root      1185 May 31 14:45 docker-compose.clair.yml
-rw-r--r-- 1 root root      1725 May 31 14:45 docker-compose.notary.yml
-rw-r--r-- 1 root root      3596 May 31 14:45 docker-compose.yml
drwxr-xr-x 3 root root      4096 May 31 14:45 ha
-rw-r--r-- 1 root root      6687 May 31 14:45 harbor.cfg
-rw-r--r-- 1 root root 876607879 May 31 14:46 harbor.v1.5.1.tar.gz
-rwxr-xr-x 1 root root      5773 May 31 14:45 install.sh
-rw-r--r-- 1 root root     10771 May 31 14:45 LICENSE
-rw-r--r-- 1 root root       482 May 31 14:45 NOTICE
-rwxr-xr-x 1 root root     27379 May 31 14:45 prepare
[root@hadoop004 harbor]# mkdir -p ./data/cert
[root@hadoop004 harbor]# cd data/cert
[root@hadoop004 cert]# openssl genrsa -out ca.key 4096
Generating RSA private key, 4096 bit long modulus
.....................++
............++
e is 65537 (0x10001)
[root@hadoop004 cert]# openssl req -x509 -new -nodes -sha512 -days 3650 \
>     -subj "/C=CN/ST=Beijing/L=Beijing/O=huluwa/OU=huluwa/CN=hadoop004" \
>     -key ca.key \
>     -out ca.crt
[root@hadoop004 cert]# ll
total 8
-rw-r--r-- 1 root root 2013 Nov 14 15:59 ca.crt
-rw-r--r-- 1 root root 3243 Nov 14 15:58 ca.key
[root@hadoop004 cert]# openssl genrsa -out hadoop004.key 4096
Generating RSA private key, 4096 bit long modulus
.....................................................++
.............................................................++
e is 65537 (0x10001)
[root@hadoop004 cert]# openssl req -sha512 -new \
>     -subj "/C=CN/ST=Beijing/L=Beijing/O=huluwa/OU=huluwa/CN=hadoop004" \
>     -key hadoop004.key \
>     -out hadoop004.csr 
[root@hadoop004 cert]# ll
total 16
-rw-r--r-- 1 root root 2013 Nov 14 15:59 ca.crt
-rw-r--r-- 1 root root 3243 Nov 14 15:58 ca.key
-rw-r--r-- 1 root root 1695 Nov 14 16:00 hadoop004.csr
-rw-r--r-- 1 root root 3243 Nov 14 16:00 hadoop004.key
[root@hadoop004 cert]# cat > v3.ext <<-EOF
> authorityKeyIdentifier=keyid,issuer
> basicConstraints=CA:FALSE
> keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
> extendedKeyUsage = serverAuth 
> subjectAltName = @alt_names
> 
> [alt_names]
> DNS.1=hadoop004
> DNS.2=hadoop004
> DNS.3=hadoop004
> EOF
[root@hadoop004 cert]# openssl x509 -req -sha512 -days 3650 \
>     -extfile v3.ext \
>     -CA ca.crt -CAkey ca.key -CAcreateserial \
>     -in hadoop004.csr \
>     -out hadoop004.crt
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=huluwa/OU=huluwa/CN=hadoop004
Getting CA Private Key
[root@hadoop004 cert]# ll
total 28
-rw-r--r-- 1 root root 2013 Nov 14 15:59 ca.crt
-rw-r--r-- 1 root root 3243 Nov 14 15:58 ca.key
-rw-r--r-- 1 root root   17 Nov 14 16:01 ca.srl
-rw-r--r-- 1 root root 2074 Nov 14 16:01 hadoop004.crt
-rw-r--r-- 1 root root 1695 Nov 14 16:00 hadoop004.csr
-rw-r--r-- 1 root root 3243 Nov 14 16:00 hadoop004.key
-rw-r--r-- 1 root root  261 Nov 14 16:01 v3.ext
[root@hadoop004 cert]# cd ../..
[root@hadoop004 harbor]# vi harbor.cfg
hostname = hadoop004
ui_url_protocol = https
ssl_cert = /usr/local/harbor/data/cert/hadoop004.crt
ssl_cert_key = /usr/local/harbor/data/cert/hadoop004.key
[root@hadoop004 ~]# /bin/systemctl start docker.service  //记得启动docker服务,如果已启动,忽略此步骤
[root@hadoop004 harbor]# ./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 18.06.1

Note: docker-compose version: 1.23.1

[Step 1]: loading Harbor images ...
52ef9064d2e4: Loading layer  135.9MB/135.9MB
4a6862dbadda: Loading layer  23.25MB/23.25MB
58b7d0c522b2: Loading layer   24.4MB/24.4MB
9cd4bb748634: Loading layer  7.168kB/7.168kB
c81302a14908: Loading layer  10.56MB/10.56MB
7848e9ba72a3: Loading layer  24.39MB/24.39MB
Loaded image: vmware/harbor-ui:v1.5.1
f1691b5a5198: Loading layer  73.15MB/73.15MB
a529013c99e4: Loading layer  3.584kB/3.584kB
d9b4853cff8b: Loading layer  3.072kB/3.072kB
3d305073979e: Loading layer  4.096kB/4.096kB
c9e17074f54a: Loading layer  3.584kB/3.584kB
956055840e30: Loading layer  9.728kB/9.728kB
Loaded image: vmware/harbor-log:v1.5.1
185db06a02d0: Loading layer  23.25MB/23.25MB
835213979c70: Loading layer   20.9MB/20.9MB
f74eeb41c1c9: Loading layer   20.9MB/20.9MB
Loaded image: vmware/harbor-jobservice:v1.5.1
9bd5c7468774: Loading layer  23.25MB/23.25MB
5fa6889b9a6d: Loading layer   2.56kB/2.56kB
bd3ac235b209: Loading layer   2.56kB/2.56kB
cb5d493833cc: Loading layer  2.048kB/2.048kB
557669a074de: Loading layer   22.8MB/22.8MB
f02b4f30a9ac: Loading layer   22.8MB/22.8MB
Loaded image: vmware/registry-photon:v2.6.2-v1.5.1
5d3b562db23e: Loading layer  23.25MB/23.25MB
8edca1b0e3b0: Loading layer  12.16MB/12.16MB
ce5f11ea46c0: Loading layer   17.3MB/17.3MB
93750d7ec363: Loading layer  15.87kB/15.87kB
36f81937e80d: Loading layer  3.072kB/3.072kB
37e5df92b624: Loading layer  29.46MB/29.46MB
Loaded image: vmware/notary-server-photon:v0.5.1-v1.5.1
0a2f8f90bd3a: Loading layer  401.3MB/401.3MB
41fca4deb6bf: Loading layer  9.216kB/9.216kB
f2e28262e760: Loading layer  9.216kB/9.216kB
68677196e356: Loading layer   7.68kB/7.68kB
2b006714574e: Loading layer  1.536kB/1.536kB
Loaded image: vmware/mariadb-photon:v1.5.1
a8c4992c632e: Loading layer  156.3MB/156.3MB
0f37bf842677: Loading layer  10.75MB/10.75MB
9f34c0cd38bf: Loading layer  2.048kB/2.048kB
91ca17ca7e16: Loading layer  48.13kB/48.13kB
5a7e0da65127: Loading layer   10.8MB/10.8MB
Loaded image: vmware/clair-photon:v2.0.1-v1.5.1
0e782fe069e7: Loading layer  23.25MB/23.25MB
67fc1e2f7009: Loading layer  15.36MB/15.36MB
8db2141aa82c: Loading layer  15.36MB/15.36MB
Loaded image: vmware/harbor-adminserver:v1.5.1
3f87a34f553c: Loading layer  4.772MB/4.772MB
Loaded image: vmware/nginx-photon:v1.5.1
Loaded image: vmware/photon:1.0
ad58f3ddcb1b: Loading layer  10.95MB/10.95MB
9b50f12509bf: Loading layer   17.3MB/17.3MB
2c21090fd212: Loading layer  15.87kB/15.87kB
38bec864f23e: Loading layer  3.072kB/3.072kB
6e81ea7b0fa6: Loading layer  28.24MB/28.24MB
Loaded image: vmware/notary-signer-photon:v0.5.1-v1.5.1
897a26fa09cb: Loading layer  95.02MB/95.02MB
16e3a10a21ba: Loading layer  6.656kB/6.656kB
85ecac164331: Loading layer  2.048kB/2.048kB
37a2fb188706: Loading layer   7.68kB/7.68kB
Loaded image: vmware/postgresql-photon:v1.5.1
bed9f52be1d1: Loading layer  11.78kB/11.78kB
d731f2986f6e: Loading layer   2.56kB/2.56kB
c3fde9a69f96: Loading layer  3.072kB/3.072kB
Loaded image: vmware/harbor-db:v1.5.1
7844feb13ef3: Loading layer  78.68MB/78.68MB
de0fd8aae388: Loading layer  3.072kB/3.072kB
3f79efb720fd: Loading layer   59.9kB/59.9kB
1c02f801c2e8: Loading layer  61.95kB/61.95kB
Loaded image: vmware/redis-photon:v1.5.1
454c81edbd3b: Loading layer  135.2MB/135.2MB
e99db1275091: Loading layer  395.4MB/395.4MB
051e4ee23882: Loading layer  9.216kB/9.216kB
6cca4437b6f6: Loading layer  9.216kB/9.216kB
1d48fc08c8bc: Loading layer   7.68kB/7.68kB
0419724fd942: Loading layer  1.536kB/1.536kB
543c0c1ee18d: Loading layer  655.2MB/655.2MB
4190aa7e89b8: Loading layer  103.9kB/103.9kB
Loaded image: vmware/harbor-migrator:v1.5.0


[Step 2]: preparing environment ...
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.


[Step 3]: checking existing instance of Harbor ...


[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-adminserver ... done
Creating registry           ... done
Creating redis              ... done
Creating harbor-db          ... done
Creating harbor-ui          ... done
Creating harbor-jobservice  ... done
Creating nginx              ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at https://hadoop004. 
For more details, please visit https://github.com/vmware/harbor .

    harbor至此部署完成

    相关文章

      网友评论

          本文标题:(四)Harbor部署

          本文链接:https://www.haomeiwen.com/subject/xutjfqtx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|(四)Harbor部署|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!