上一篇博文講到了Registry私有倉庫,今天配置一下Harbor倉庫,Harbor呢可以作為公開倉庫���,也可以作為私有倉庫�,今天就來配置一下Harbor如何實現(xiàn)公開倉庫和私有倉庫����。
關(guān)于Registry公開倉庫請訪問博文:部署Docker私有倉庫Registry
Registry和Harbor的區(qū)別
- Registry:是一個私有鏡像倉庫,圖形化支持較差����,小型企業(yè)使用;
- Harbor:支持可視化管理�,支持私有倉庫和公有倉庫�����,支持鏡像的管理控制��;
Docker Harbor的優(yōu)點
- VMWare公司的開源鏡像管理解決方案����;
- 支持圖形化管理�;
- 方便訪問和配置�����;
- 方便鏡像訪問控制;
- 支持鏡像負責策略;
- 審計統(tǒng)計用戶訪問鏡像使用情況����;
Docker Harbor依賴的程序
- Python;
- 安裝Docker�����;
- Docker Compose��;
一���、搭建Harbor倉庫
案例描述:
兩臺CentOS7.4��,一臺服務器端�,一臺客戶端(測試使用);
兩臺服務器都要安裝Docker服務��,我這里Docker版本是19.03.9版本����;
關(guān)于Docker容器的安裝請訪問:安裝Docker.v19。03.9版本
1�����、配置Docker Compose
訪問道云官網(wǎng)�����,找到安裝Docker Compose��,復制命令到Docker服務器端:道云
[root@centos01 ~]# curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.5/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
<!--下載Docker Compose-->
[root@centos01 ~]# chmod +x /usr/local/bin/docker-compose <!--Docker Compose添加執(zhí)行權(quán)限-->
[root@centos01 ~]# docker-compose -v <!--查看Docker Compose版本-->
docker-compose version 1.25.5, build 8a1c60f6
2�����、配置Docker Harbor公開倉庫
1)打開Github官網(wǎng)
打開Github官網(wǎng)搜索harbor���,再點擊goharbor/harbor,再點擊“releases”���,根據(jù)自己所需�,下載相應的版本,上傳至服務器(網(wǎng)址如下:https://github.com/goharbor/harbor/releases 也可下載在線安裝的包����,我沒試過,可自行嘗試)����,如下:
2)配置Harbor倉庫
harbor-online-installer-v1.9.1.tgz <!--上傳Harbor壓縮包-->
[root@centos01 ~]# tar zxvf harbor-online-installer-v1.9.1.tgz -C /usr/local/
<!--解壓縮harbor到/usr/local/目錄-->
[root@centos01 ~]# cd /usr/local/harbor/ <!--進入Harbor目錄-->
[root@centos01 harbor]# cp harbor.yml harbor.yml.bak <!--備份Harbor主配置文件-->
[root@centos01 harbor]# vim harbor.yml <!--修改Harbor主配置文件-->
5 hostname: 192.168.100.10 <!--修改為Docker服務器端IP地址即可-->
<!--hostname可以寫域名,不過域名還需要更改hosts文件或者安裝DNS�,我這里就用IP地址-->
8 http: <!--采用http協(xié)議-->
10 port: 80 <!--80端口號-->
27 harbor_admin_password: Harbor12345 <!--默認密碼,可以自定義-->
[root@centos01 harbor]# ./install.sh <!--安裝Harbor-->
[Step 0]: checking installation environment ...
Note: docker version: 19.03.9
Note: docker-compose version: 1.25.5
……………… <!--此處省略部分內(nèi)容-->
Creating harbor-log ... done
Creating registryctl ... done
Creating redis ... done
Creating harbor-portal ... done
Creating registry ... done
Creating harbor-db ... done
Creating harbor-core ... done
Creating nginx ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://www.benet.com .
For more details, please visit https://github.com/goharbor/harbor .
<!--安裝完成出現(xiàn)以上代碼表示成功-->
[root@centos01 ~]# vim /usr/lib/systemd/system/docker.service <!--編輯此配置文件-->
14 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80
<!--定位到此行�,后面添加“--insecure-registr”以便指定Harbor的IP及其監(jiān)聽端口-->
[root@centos01 harbor]# systemctl daemon-reload <!--守護進程方式運行docker-->
[root@centos01 harbor]# systemctl restart docker <!--重新啟動Docker服務-->
[root@centos01 harbor]# docker-compose stop <!--停止所有容器-->
[root@centos01 harbor]# docker-compose start <!--啟動所有容器-->
[root@centos01 harbor]# netstat -anptu |grep 80 <!--監(jiān)聽80端口-->
tcp6 0 0 :::80 :::* LISTEN 23473/docker-proxy
3)安裝完成瀏覽器訪問Harbor倉庫
4)創(chuàng)建一個公開倉庫
5)確保image公開倉庫已經(jīng)創(chuàng)建成功
6)Docker服務器端登錄Harbor倉庫
[root@centos01 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80 <!--登錄Harbor倉庫-->
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded <!--出現(xiàn)此提示表示登錄成功-->
[root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/image/nginx:nginx
<!--修改鏡像標簽-->
[root@centos01 ~]# docker push 192.168.100.10:80/image/nginx:nginx
<!--上傳鏡像到Harbor倉庫-->
[root@centos01 ~]# docker logout 192.168.100.10:80 <!--Docker服務器退出Harbor-->
Removing login credentials for 192.168.100.10:80
7)Harbor查看鏡像是否上傳成功
3、配置Docker客戶端
<!--Docker客戶端安裝Docker服務-->
1)修改配置文件加載Docker Harbor服務器
[root@centos02 ~]# vim /usr/lib/systemd/system/docker.service <!--編輯此配置文件-->
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80
<!--定位到此行�����,后面添加“--insecure-registr”以便指定Harbor的IP及其監(jiān)聽端口-->
[root@centos02 ~]# systemctl daemon-reload <!--守護進程運行docker-->
[root@centos02 ~]# systemctl restart docker <!--重新啟動docker服務-->
[root@centos02 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80
<!--docker客戶端登錄Harbor-->
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded <!--登錄成功-->
[root@centos02 ~]# docker pull 192.168.100.10:80/image/nginx:nginx
<!--docker客戶端下載Harbor公開倉庫中的鏡像-->
[root@centos02 ~]# docker images <!--查看Docker客戶端鏡像-->
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.100.10:80/image/nginx nginx 1b6b1fe7261e 7 days ago 647MB
4����、創(chuàng)建Harbor私有倉庫
1)創(chuàng)建私有倉庫
2)創(chuàng)建一個用戶
3)將剛創(chuàng)建的private用戶添加到private私有倉庫中
4)上傳鏡像到Harbor私有倉庫
[root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/private/tomcat:tomcat
<!--Docker服務器修改鏡像標簽-->
[root@centos01 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80
<!--登錄Harbor私有倉庫-->
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded <!--登錄成功-->
[root@centos01 ~]# docker push 192.168.100.10:80/private/tomcat:tomcat
<!--上傳鏡像到private私有倉庫-->
5)Harbor查看鏡像是否上傳成功
6)Docker客戶端下載私有倉庫中的鏡像
[root@centos02 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80
<!--Docker客戶端登錄Harbor私有倉庫-->
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded <!--登錄成功-->
[root@centos02 ~]# docker pull 192.168.100.10:80/private/tomcat:tomcat
<!--Docker客戶端下載Harbor私有倉庫中的鏡像-->
[root@centos02 ~]# docker images <!--Docker客戶端查看鏡像是否下載成功-->
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.100.10:80/image/nginx nginx 1b6b1fe7261e 7 days ago 647MB
192.168.100.10:80/private/tomcat tomcat 1b6b1fe7261e 7 days ago 647MB
7)Harbor支持日志統(tǒng)計功能
到此這篇關(guān)于Docker搭建Harbor公開倉庫的方法示例的文章就介紹到這了,更多相關(guān)Docker搭建Harbor公開倉庫內(nèi)容請搜索腳本之家以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持腳本之家!
