这篇文章主要介绍怎么使用Docker compose安装harbor私有仓库,文中介绍的非常详细,具有一定的参考价值,感兴趣的小伙伴们一定要看完!概述 harbor是什么呢?英文单词的意思是:港湾。港湾用来存放集装箱(货物的),而dock
这篇文章主要介绍怎么使用Docker compose安装harbor私有仓库,文中介绍的非常详细,具有一定的参考价值,感兴趣的小伙伴们一定要看完!
harbor是什么呢?英文单词的意思是:港湾。港湾用来存放集装箱(货物的),而docker的由来正是借鉴了集装箱的原理,所以harbor是用于存放docker的镜像,作为镜像仓库使用。官方的说法是:Harbor是一个用于存储和分发Docker镜像的企业级ReGIStry服务器。
harbor镜像仓库是由VMware开源的一款企业级镜像仓库,它包括权限管理(RBAC)、LDAP、日志审核、管理界面、自我注册、镜像复制等诸多功能。
基于角色的访问控制:用户和存储库是通过“项目”组织的,用户可以对多个镜像仓库统一命名空间拥有不同的权限。
2、镜像复制:可以基于具有多个Registry实例之间复制(同步)图像和图表。如果出现任何错误,Harbor会自动重试复制。非常适合于负载平衡、高可用性、多数据中心、混合和多云场景。
3、LDAP/AD支持:Harbor与现有企业LDAP/AD集成,用于用户身份验证和管理,并支持将LDAP组导入Harbor并为其分配适当的项目角色。
镜像删除和垃圾收集:镜像可以删除,其空间可以回收。
4、国际化:对多国语言支持(已拥有中文、英文、德文、日语和俄文);
5、图形化用户界面:用户可以轻松浏览、搜索存储库和管理项目。
6、审计管理:跟踪到存储库的所有操作。
7、RESTful api:用于大多数管理操作的RESTful API,易于与外部系统集成。一个嵌入式的swagger用户界面可用于探索和测试API。
简单部署:提供在线和离线安装程序。此外,可以安装到vSphere平台的(OVA方式)虚拟设备。
proxy:Harbor的组件,如注册表、UI和令牌服务,都位于反向代理之后。代理将来自浏览器和Docker客户机的请求转发到各种后端服务。
2、Registry:负责存储Docker镜像和处理Docker推/拉命令。由于Harbor需要对映像进行访问权限控制,Registry将引导客户机访问令牌服务,以便为每个pull或push请求获取有效的令牌(token)。
3、Core Service:Harbor的核心功能,主要提供以下服务:
1)UI:提供图像化的图形用户界面,帮助人户管理镜像和对用户授权。
2)WEBhook: 为了及时获取registry上images的状态变化的情况,在Registry上配置webhook,把状态变化传递UI模块;
3)Token令牌服务:负责根据用户在项目中的角色为每个docker push/pull命令颁发令牌。如果从Docker客户机发送的请求中没有令牌,注册表将把请求重定向到令牌服务。
4、Datebase:为了给core services提供数据库舒服,负责储存用户权限、审计日志、Docker image分组信息等数据。
5、Job Services:提供镜像远程负责功能,能把本地镜像同步到其他harbor实例当中。
6、Log Collector:为了帮助监控Harbor运行,负责手机其他组件的log,供日后分析。
Centos-7.6 192.168.8.130Docker version 1.19.3Docker-compose version 1.24.2harbor-offline-installer-v1.8.6.tgz方式1:[root@centos130 ~]# curl -L https://GitHub.com/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose[root@centos130 ~]# chmod +x /usr/local/bin/docker-compose方式2:[root@centos130 ~]# wget Https://bootstrap.pypa.io/get-pip.py[root@centos130 ~]# python get-pip.py[root@centos130 ~]# pip install docker-compose#二进制:[root@centos130 ~]rm /usr/local/bin/docker-compose#pip:[root@centos130 ~]pip uninstall docker-compose[root@centos130 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2添加一个稳定的源[root@centos130 ~]# yum-config-manager --add-repo \ http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo[root@centos130 ~]# yum makecache fast安装最新稳定版本的docker-ce[root@centos130 ~]# yum install -y docker-ce docker-ce-cli containerd.io vim[root@centos130 ~]# mkdir /etc/docker && vim /etc/docker/daemon.JSON{ "registry-mirrors": ["https://yxrgrke0.mirror.aliyuncs.com"], "insecure-registries": ["192.168.8.130:5000"], "insecure-registries": ["centos130:80"], "log-driver": "json-file", "log-opts": { "max-size": "100m", "max-file": "3" }}启动docker[root@centos130 ~]# systemctl daemon-reload[root@centos130 ~]# systemctl enable docker && systemctl start docker[root@centos130 ~]# systemctl status dockerharbor下载地址:harbor github 地址 https://github.com/Goharbor/harborhttp://harbor.orientsoft.cn/[root@centos130 ~]# wget https://storage.googleapis.com/harbor-releases/release-1.8.6/harbor-offline-installer-v1.8.6.tgz[root@centos130 ~]# tar -xf harbor-offline-installer-v1.8.6.tgz -C /usr/local/[root@centos130 ~]# cd /usr/local/harbor/[root@centos130 ~]# vim harbor.ymlhostname = centos130#这里只是简单的测试,所以只编辑这一行,其他的默认不做修改#禁止用户注册self_registration = off#设置只有管理员可以创建项目project_creation_restriction = adminonly[root@centos130 ~]# ./instsll.sh 说明:安装报错 找不到docker-proxy 、 docker-runc执行[root@centos130 ~]# ln -s /usr/libexec/docker/docker-runc-current /usr/bin/docker-runc[root@centos130 ~]# ln -s /usr/libexec/docker/docker-proxy-current /usr/bin/docker-proxy查看启动的镜像文件[root@centos130 ~]# docker-compose psHarbor容器的stop与start:[root@centos130 ~]# cd /usr/local/harbor/[root@centos130 ~]# docker-compose stop[root@centos130 ~]# docker-compose start到此便安装完成了,直接打开浏览器登陆,并创建my项目:
默认用户密码是:admin/Harbor12345
shell命令行终端登录harbor仓库
[root@centos130 ~]# harbor上传镜像[root@centos130 ~]# docker login centos130:80[root@centos130 ~]# docker login -u admin -p Harbor12345 centos130:80 #账号密码: admin/Harbor12345Username: adminPassWord: Login Succeeded测试镜像上传
[root@centos130 ~]# docker pull Nginx[root@centos130 ~]# docker tag nginx:latest centos130:80/my/nginx:latest[root@centos130 ~]# docker images[root@centos130 ~]# docker push centos130:80/my/nginx:latestThe push refers to repository [centos130:80/my/nginx]55a77731ed26: Pushed 71f2244bc14d: Pushed f2cb0ecef392: Pushed latest: digest: sha256:3936fb3946790d711a68c58be93628e43cbca72439079e16d154b5db216b58da size: 948说明: 格式为: userip/项目名/image名字:版本号 (项目名需要在webui 提前建好)[root@centos130 ~]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEcentos130:80/my/nginx:latest latest 5a3221f0137b 5 days ago 126MBnginx latest 5a3221f0137b 5 days ago 126MB删除本地nginx镜像,测试下载[root@centos130 ~]# docker pull centos130:80/my/nginx:latest修改docker-compose.yml文件映射为1180端口:
修改配置文件[root@centos130 ~]# cat /usr/local/harbor/docker-compose.ymlversion: '2.3'services: log: image: goharbor/harbor-log:v1.8.6 container_name: harbor-log restart: always dns_search: . cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /var/log/harbor/:/var/log/docker/:z - ./common/config/log/:/etc/logrotate.d/:z ports: - 127.0.0.1:1514:10514 networks: - harbor registry: image: goharbor/registry-photon:v2.7.1-patch-2819-v1.8.6 container_name: registry restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z - ./common/config/registry/:/etc/registry/:z - type: bind source: /data/secret/registry/root.crt target: /etc/registry/root.crt networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "registry" registryctl: image: goharbor/harbor-registryctl:v1.8.6 container_name: registryctl env_file: - ./common/config/registryctl/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z - ./common/config/registry/:/etc/registry/:z - type: bind source: ./common/config/registryctl/config.yml target: /etc/registryctl/config.yml networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "registryctl" postgresql: image: goharbor/harbor-db:v1.8.6 container_name: harbor-db restart: always cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /data/database:/var/lib/postgresql/data:z networks: harbor: dns_search: . env_file: - ./common/config/db/env depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "postgresql" core: image: goharbor/harbor-core:v1.8.6 container_name: harbor-core env_file: - ./common/config/core/env restart: always cap_drop: - ALL cap_add: - SETGID - SETUID volumes: - /data/ca_download/:/etc/core/ca/:z - /data/psc/:/etc/core/token/:z - /data/:/data/:z - ./common/config/core/certificates/:/etc/core/certificates/:z - type: bind source: ./common/config/core/app.conf target: /etc/core/app.conf - type: bind source: /data/secret/core/private_key.pem target: /etc/core/private_key.pem - type: bind source: /data/secret/keys/secreTKEy target: /etc/core/key networks: harbor: dns_search: . depends_on: - log - registry logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "core" portal: image: goharbor/harbor-portal:v1.8.6 container_name: harbor-portal restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE networks: - harbor dns_search: . depends_on: - log - core logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "portal" jobservice: image: goharbor/harbor-jobservice:v1.8.6 container_name: harbor-jobservice env_file: - ./common/config/jobservice/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/job_logs:/var/log/jobs:z - type: bind source: ./common/config/jobservice/config.yml target: /etc/jobservice/config.yml networks: - harbor dns_search: . depends_on: - redis - core logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "jobservice" Redis: image: goharbor/redis-photon:v1.8.6 container_name: redis restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/redis:/var/lib/redis networks: harbor: dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "redis" proxy: image: goharbor/nginx-photon:v1.8.6 container_name: nginx restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE volumes: - ./common/config/nginx:/etc/nginx:z networks: - harbor dns_search: . ports: - 1180:80 - 443:443 - 4443:4443 depends_on: - postgresql - registry - core - portal - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "proxy"networks: harbor: external: false修改/etc/docker/daemon.json文件将80修改为1180端口:
修改daemon配置[root@centos130 ~]# cat /etc/docker/daemon.json { "registry-mirrors": ["https://yxrgrke0.mirror.aliyuncs.com"], "insecure-registries": ["192.168.8.130:5000"], "insecure-registries": ["centos130:1180"], "log-driver": "json-file", "log-opts": { "max-size": "100m", "max-file": "3" }}修改/usr/locat/harbor/harbor.yml文件的hostname
修改hostname配置cat /usr/locat/harbor/harbor.ymlhostname: centos130:1180停止harbor,重新启动并生成配置文件
重新初始化[root@centos130 ~]# cd /usr/locat/harbor/[root@centos130 ~]# docker-compose stop[root@centos130 ~]# ./install.sh重新启动docker
[root@centos130 ~]# systemctl daemon-reload[root@centos130 ~]# systemctl restart docker.service验证[root@centos130 ~]# docker login centos130:1180Username: adminPassword: Harbor12345以上是“怎么使用docker compose安装harbor私有仓库”这篇文章的所有内容,感谢各位的阅读!希望分享的内容对大家有帮助,更多相关知识,欢迎关注编程网精选频道!
--结束END--
本文标题: 怎么使用docker compose安装harbor私有仓库
本文链接: https://www.lsjlt.com/news/296659.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
下载Word文档到电脑,方便收藏和打印~
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
2024-05-05
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
官方手机版
微信公众号
商务合作
0