zoukankan      html  css  js  c++  java
  • harbor私有仓库部署

    0.下载
    https://docs.rancher.cn/rancher2x/install-prepare/download/compose.html#v1-25-4
    下载docker-compose harbor-online
    cp v1.25.4-docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
    chmod +x docker-compose
    docker-compose --version
    tar -xzvf harbor*
    mkdir /data/harbor/cert
    mkdir /data/harbor/data
    1.创建 harbor nginx 服务器使用的 x509 证书
    wget https://pkg.cfssl.org/R1.2/cfssl_linux-amd64
    wget https://pkg.cfssl.org/R1.2/cfssljson_linux-amd64
    wget https://pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64
    chmod +x cfssl_linux-amd64 cfssljson_linux-amd64 cfssl-certinfo_linux-amd64
    mv cfssl_linux-amd64 /usr/local/bin/cfssl
    mv cfssljson_linux-amd64 /usr/local/bin/cfssljson
    mv cfssl-certinfo_linux-amd64 /usr/bin/cfssl-certinfo
    cd /data/harbor/cert/
    
    cat > harbor-ca-config.json <<EOF
    {
      "signing": {
        "default": {
          "expiry": "87600h"
        },
        "profiles": {
          "harbor": {
            "usages": [
                "signing",
                "key encipherment",
                "server auth",
                "client auth"
            ],
            "expiry": "87600h"
          }
        }
      }
    }
    EOF
    
    cat > harbor-ca-csr.json <<EOF
    {
      "CN": "harbor-ca",
      "key": {
        "algo": "rsa",
        "size": 2048
      },
      "names": [
        {
          "C": "CN",
          "ST": "NanJing",
          "L": "NanJing",
          "O": "k8s",
          "OU": "system"
        }
      ],
      "ca": {
        "expiry": "87600h"
     }
    }
    EOF
    
    cfssl gencert -initca harbor-ca-csr.json | cfssljson -bare harbor-ca
    ls harbor-ca*pem
    
    cat > harbor-server-csr.json <<EOF
    {
      "CN": "harbor",
      "hosts": [
        "127.0.0.1",
        "172.28.11.200"
      ],
      "key": {
        "algo": "rsa",
        "size": 2048
      },
      "names": [
        {
          "C": "CN",
          "ST": "NanJing",
          "L": "NanJing",
          "O": "k8s",
          "OU": "system"
        }
      ]
    }
    EOF
    
    cfssl gencert -ca=/data/harbor/cert/harbor-ca.pem 
     -ca-key=/data/harbor/cert/harbor-ca-key.pem 
     -config=/data/harbor/cert/harbor-ca-config.json 
     -profile=harbor harbor-server-csr.json | cfssljson -bare harbor-server
    ls harbor-server*pem
    
    2.vim harbor.yml
    hostname: 172.28.11.200
    #http
    #80
    certificate: /data/harbor/cert/harbor-server.pem
    private_key: /data/harbor/cert/harbor-server-key.pem
    data_volume: /data/harbor/data
    ./prepare
    cd /data/harbor
    chmod -R 777 common
    chmod 777 /var/run/docker.sock /data/harbor/data
    ./install.sh
    docker-compose ps
    
    3.docker命令拉取和上传镜像
    docker login -u admin -p Harbor12345 172.28.11.200
    mkdir -p /etc/docker/certs.d/172.28.11.200
    cp harbor-ca.pem /etc/docker/certs.d/172.28.11.200/ca.crt
    logout
    
    docker tag busybox:latest 172.28.11.200/k8s/busybox:latest
    dokcer push 172.28.11.200/k8s/busybox:latest
    
  • 相关阅读:
    spring requestbody json
    idea 配置自动编译 livereload
    idea hibernate console 执行hql报错
    查找最小的破坏连续性的数字
    xcopy忽略文件 7zip打包
    window 批处理脚本获取上级目录
    substring c# js java
    R语言中使用多重聚合预测算法(MAPA)进行时间序列分析
    R语言使用最优聚类簇数k-medoids聚类进行客户细分
    R语言中的岭回归、套索回归、主成分回归:线性模型选择和正则化
  • 原文地址:https://www.cnblogs.com/kylingx/p/12452884.html
Copyright © 2011-2022 走看看