[root@docker03 ~]# mv harbor-offline-installer-v1.7.5.tgz /usr/local/src/
解压
[root@docker03 src]# tar xfz harbor-offline-installer-v1.7.5.tgz [root@docker03 src]# ll total 566468 drwxr-xr-x 3 root root 270 Jul 12 12:47 harbor
查看解压后的harbor目录结构
[root@docker03 src]# cd harbor/
[root@docker03 harbor]# ll total 572840 drwxr-xr-x 3 root root 23 Jul 12 12:01 common -rw-r--r-- 1 root root 939 Apr 1 2019 docker-compose.chartmuseum.yml -rw-r--r-- 1 root root 975 Apr 1 2019 docker-compose.clair.yml -rw-r--r-- 1 root root 1434 Apr 1 2019 docker-compose.notary.yml -rw-r--r-- 1 root root 5608 Apr 1 2019 docker-compose.yml -rw-r--r-- 1 root root 8033 Apr 1 2019 harbor.cfg -rw-r--r-- 1 root root 585234819 Apr 1 2019 harbor.v1.7.5.tar.gz -rwxr-xr-x 1 root root 5739 Apr 1 2019 install.sh -rw-r--r-- 1 root root 11347 Apr 1 2019 LICENSE -rw-r--r-- 1 root root 1263409 Apr 1 2019 open_source_license -rwxr-xr-x 1 root root 36337 Apr 1 2019 prepare
编辑harbor配置文件
[root@docker03 harbor]# egrep -v "^$|#" harbor.cfg _version = 1.7.0 hostname = 10.0.0.103 ui_url_protocol = http max_job_workers = 10 customize_crt = on secretkey_path = /data admiral_url = NA log_rotate_count = 50 log_rotate_size = 200M http_proxy = https_proxy = no_proxy = 127.0.0.1,localhost,core,registry email_identity = email_server = smtp.mydomain.com email_server_port = 25 email_username = sample_admin@mydomain.com email_password = abc email_from = admin <sample_admin@mydomain.com> email_ssl = false email_insecure = false harbor_admin_password = Harbor12345 auth_mode = db_auth ldap_url = ldaps://ldap.mydomain.com ldap_basedn = ou=people,dc=mydomain,dc=com ldap_uid = uid ldap_scope = 2 ldap_timeout = 5 ldap_verify_cert = true ldap_group_basedn = ou=group,dc=mydomain,dc=com ldap_group_filter = objectclass=group ldap_group_gid = cn ldap_group_scope = 2 self_registration = on token_expiration = 30 project_creation_restriction = everyone db_host = postgresql db_password = root123 db_port = 5432 db_user = postgres redis_host = redis redis_port = 6379 redis_password = redis_db_index = 1,2,3 clair_db_host = postgresql clair_db_password = root123 clair_db_port = 5432 clair_db_username = postgres clair_db = postgres clair_updaters_interval = 12 uaa_endpoint = uaa.mydomain.org uaa_clientid = id uaa_clientsecret = secret uaa_verify_cert = true uaa_ca_cert = /path/to/ca.pem registry_storage_provider_name = filesystem registry_storage_provider_config = registry_custom_ca_bundle =
安装docker-compose
[root@docker03 harbor]# yum install -y docker-compose
安装harbor
[root@docker03 harbor]# ./install.sh [Step 0]: checking installation environment ... Note: docker version: 18.09.9 Note: docker-compose version: 1.18.0 [Step 1]: loading Harbor images ... f60840e24dbf: Loading layer [==================================================>] 33.23MB/33.23MB ea7b46fcd541: Loading layer [==================================================>] 8.959MB/8.959MB 79b1bab71f92: Loading layer [==================================================>] 15.6MB/15.6MB e44aff944dd8: Loading layer [==================================================>] 18.94kB/18.94kB 7f6318c65689: Loading layer [==================================================>] 15.6MB/15.6MB Loaded image: goharbor/harbor-adminserver:v1.7.5 a9e2f8050aff: Loading layer [==================================================>] 3.515MB/3.515MB 33c3ed1298dd: Loading layer [==================================================>] 4.725MB/4.725MB d9326e3fe30d: Loading layer [==================================================>] 3.584kB/3.584kB Loaded image: goharbor/harbor-portal:v1.7.5 bba4328a1afb: Loading layer [==================================================>] 63.33MB/63.33MB 88104b063567: Loading layer [==================================================>] 45.14MB/45.14MB 60a742ac57d5: Loading layer [==================================================>] 6.656kB/6.656kB a5e7e5b02919: Loading layer [==================================================>] 2.048kB/2.048kB 47382653700b: Loading layer [==================================================>] 7.68kB/7.68kB 278d536f49a9: Loading layer [==================================================>] 2.56kB/2.56kB 451b3ca8ec09: Loading layer [==================================================>] 2.56kB/2.56kB 8829a7f0eb3e: Loading layer [==================================================>] 2.56kB/2.56kB Loaded image: goharbor/harbor-db:v1.7.5 15c334a58c66: Loading layer [==================================================>] 8.959MB/8.959MB f4577ff967f1: Loading layer [==================================================>] 3.072kB/3.072kB 0a274c30569d: Loading layer [==================================================>] 2.56kB/2.56kB 6478376fb5c7: Loading layer [==================================================>] 2.56kB/2.56kB a00d1b417512: Loading layer [==================================================>] 2.048kB/2.048kB 66058b4b675b: Loading layer [==================================================>] 22.8MB/22.8MB 04c23a054a22: Loading layer [==================================================>] 22.8MB/22.8MB Loaded image: goharbor/registry-photon:v2.6.2-v1.7.5 ff8c6a8291ea: Loading layer [==================================================>] 657.9MB/657.9MB b5df13342087: Loading layer [==================================================>] 7.68kB/7.68kB f2df39c3d9a8: Loading layer [==================================================>] 212kB/212kB Loaded image: goharbor/harbor-migrator:v1.7.5 13440ce75e7f: Loading layer [==================================================>] 8.959MB/8.959MB 59af227e2ec0: Loading layer [==================================================>] 27.25MB/27.25MB 67c2dde4d9fa: Loading layer [==================================================>] 5.632kB/5.632kB d46b0aa196b6: Loading layer [==================================================>] 27.25MB/27.25MB Loaded image: goharbor/harbor-core:v1.7.5 1c90cc04d636: Loading layer [==================================================>] 50.49MB/50.49MB 4ab52f94a5c1: Loading layer [==================================================>] 3.584kB/3.584kB 857a7831437e: Loading layer [==================================================>] 3.072kB/3.072kB a42683cf65f0: Loading layer [==================================================>] 2.56kB/2.56kB 099bf8be91db: Loading layer [==================================================>] 3.072kB/3.072kB 583bef7f2e8c: Loading layer [==================================================>] 3.584kB/3.584kB 36b35ebc1af0: Loading layer [==================================================>] 12.29kB/12.29kB Loaded image: goharbor/harbor-log:v1.7.5 6dcab6ef5eae: Loading layer [==================================================>] 69.42MB/69.42MB cad37c7902e8: Loading layer [==================================================>] 3.072kB/3.072kB 62a0e214a142: Loading layer [==================================================>] 59.9kB/59.9kB b43f9b054f76: Loading layer [==================================================>] 61.95kB/61.95kB Loaded image: goharbor/redis-photon:v1.7.5 e95514e23db7: Loading layer [==================================================>] 3.515MB/3.515MB Loaded image: goharbor/nginx-photon:v1.7.5 a3d38b1212fc: Loading layer [==================================================>] 8.959MB/8.959MB e548b043b8af: Loading layer [==================================================>] 22.8MB/22.8MB ae82274010c4: Loading layer [==================================================>] 3.072kB/3.072kB 37c8f4520efa: Loading layer [==================================================>] 7.465MB/7.465MB 995f2989db3b: Loading layer [==================================================>] 30.26MB/30.26MB Loaded image: goharbor/harbor-registryctl:v1.7.5 d0fead86c346: Loading layer [==================================================>] 8.964MB/8.964MB a5ec4a361969: Loading layer [==================================================>] 35.77MB/35.77MB 4e1010831905: Loading layer [==================================================>] 2.048kB/2.048kB 14a7910436b1: Loading layer [==================================================>] 3.072kB/3.072kB 2a8b4f2779f0: Loading layer [==================================================>] 35.77MB/35.77MB Loaded image: goharbor/chartmuseum-photon:v0.8.1-v1.7.5 ac0610543c4c: Loading layer [==================================================>] 8.959MB/8.959MB d16400686860: Loading layer [==================================================>] 21.51MB/21.51MB 85d9a56758c0: Loading layer [==================================================>] 21.51MB/21.51MB Loaded image: goharbor/harbor-jobservice:v1.7.5 192bfe0da32e: Loading layer [==================================================>] 8.958MB/8.958MB 7dc705554ad5: Loading layer [==================================================>] 5.143MB/5.143MB 1344e4f0362f: Loading layer [==================================================>] 15.13MB/15.13MB 5b1814241e00: Loading layer [==================================================>] 26.47MB/26.47MB 875868e70220: Loading layer [==================================================>] 22.02kB/22.02kB b77cbc94dd40: Loading layer [==================================================>] 3.072kB/3.072kB b85ebfd783cc: Loading layer [==================================================>] 46.74MB/46.74MB Loaded image: goharbor/notary-server-photon:v0.6.1-v1.7.5 29b39ebec3e7: Loading layer [==================================================>] 13.72MB/13.72MB 609e23b66d11: Loading layer [==================================================>] 26.47MB/26.47MB 8ce88310d375: Loading layer [==================================================>] 22.02kB/22.02kB 602eedb3335f: Loading layer [==================================================>] 3.072kB/3.072kB 56dd592d20de: Loading layer [==================================================>] 45.33MB/45.33MB Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.7.5 df2cb2cf198e: Loading layer [==================================================>] 113MB/113MB e3f619b84905: Loading layer [==================================================>] 10.94MB/10.94MB 89efce1acffc: Loading layer [==================================================>] 2.048kB/2.048kB 62d0ab2efbea: Loading layer [==================================================>] 48.13kB/48.13kB 25f3904dc4c6: Loading layer [==================================================>] 3.072kB/3.072kB f2f432f47d0c: Loading layer [==================================================>] 10.99MB/10.99MB Loaded image: goharbor/clair-photon:v2.0.8-v1.7.5 [Step 2]: preparing environment ... Clearing the configuration file: ./common/config/adminserver/env Clearing the configuration file: ./common/config/core/env Clearing the configuration file: ./common/config/core/app.conf Clearing the configuration file: ./common/config/core/private_key.pem Clearing the configuration file: ./common/config/db/env Clearing the configuration file: ./common/config/jobservice/env Clearing the configuration file: ./common/config/jobservice/config.yml Clearing the configuration file: ./common/config/registry/config.yml Clearing the configuration file: ./common/config/registry/root.crt Clearing the configuration file: ./common/config/registryctl/env Clearing the configuration file: ./common/config/registryctl/config.yml Clearing the configuration file: ./common/config/nginx/nginx.conf Clearing the configuration file: ./common/config/log/logrotate.conf loaded secret from file: /data/secretkey Generated configuration file: ./common/config/nginx/nginx.conf Generated configuration file: ./common/config/adminserver/env Generated configuration file: ./common/config/core/env Generated configuration file: ./common/config/registry/config.yml Generated configuration file: ./common/config/db/env Generated configuration file: ./common/config/jobservice/env Generated configuration file: ./common/config/jobservice/config.yml Generated configuration file: ./common/config/log/logrotate.conf Generated configuration file: ./common/config/registryctl/env Generated configuration file: ./common/config/core/app.conf Creating harbor-log ... done The configuration files are ready, please use docker-compose to start the service. [Step 3]: checking existing instance of Harbor ... Creating harbor-adminserver ... done Creating harbor-core ... done [Step 4]: starting Harbor ... Creating harbor-portal ... done Creating nginx ... done Creating registryctl ... Creating harbor-adminserver ... Creating harbor-db ... Creating registry ... Creating redis ... Creating harbor-core ... Creating harbor-jobservice ... Creating harbor-portal ... Creating nginx ... ✔ ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at http://10.0.0.103. For more details, please visit https://github.com/goharbor/harbor .
编写unit文件
[root@docker04 harbor]# vi /usr/lib/systemd/system/harbor.service [Unit] Description=Harbor After=docker.service systemd-networkd.service systemd-resolved.service Requires=docker.service Documentation=http://github.com/vmware/harbor [Service] Type=simple Restart=on-failure RestartSec=5 ExecStart=/usr/bin/docker-compose -f /usr/local/src/harbor/docker-compose.yml up ExecStop=/usr/bin/docker-compose -f /usr/local/src/harbor/docker-compose.yml down [Install] WantedBy=multi-user.target
启动harbor
[root@docker03 harbor]# systemctl daemon-reload
[root@docker03 harbor]# systemctl restart docker
[root@docker03 harbor]# systemctl start harbor
新建项目
配置信任镜像仓库
[root@docker01 ~]# vim /etc/docker/daemon.json { "registry-mirrors": ["https://05eotbde.mirror.aliyuncs.com"], "insecure-registries": ["zhanghao:443","10.0.0.103","10.0.0.104"] }
[root@docker01 ~]# systemctl daemon-reload
[root@docker01 ~]# systemctl restart docker
测试登录并推送镜像到镜像仓库
[root@docker01 ~]# docker login -u admin 10.0.0.103 Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@docker01 ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 4cdc5dd7eaad 11 days ago 133MB nginx 1.16.1-alpine 5fad07aba15a 18 months ago 21.8MB mytest.harbor.com:80/test/nginx 1.16.1-alpine 5fad07aba15a 18 months ago 21.8MB [root@docker01 ~]# docker tag nginx 10.0.0.103/test/nginx:test [root@docker01 ~]# docker push 10.0.0.103/test/nginx:test The push refers to repository [10.0.0.103/test/nginx] 9d1af766c818: Pushed d97733c0a3b6: Pushed c553c6ba5f13: Pushed 48b4a40de359: Pushed ace9ed9bcfaf: Pushed 764055ebc9a7: Pushed test: digest: sha256:1c70a669bbf07f9862f269162d776c35144b116938d1becb4e4676270cff8f75 size: 1570
通过docker-compose.yml 查看镜像存储位置
[root@docker03 harbor]# cat docker-compose.yml version: '2' services: log: image: goharbor/harbor-log:v1.7.5 container_name: harbor-log restart: always dns_search: . cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /var/log/harbor/:/var/log/docker/:z - ./common/config/log/:/etc/logrotate.d/:z ports: - 127.0.0.1:1514:10514 networks: - harbor registry: image: goharbor/registry-photon:v2.6.2-v1.7.5 container_name: registry restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z - ./common/config/registry/:/etc/registry/:z - ./common/config/custom-ca-bundle.crt:/harbor_cust_cert/custom-ca-bundle.crt:z networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "registry" registryctl: image: goharbor/harbor-registryctl:v1.7.5 container_name: registryctl env_file: - ./common/config/registryctl/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z #镜像存储位置 - ./common/config/registry/:/etc/registry/:z - ./common/config/registryctl/config.yml:/etc/registryctl/config.yml:z networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "registryctl" postgresql: image: goharbor/harbor-db:v1.7.5 container_name: harbor-db restart: always cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /data/database:/var/lib/postgresql/data:z networks: - harbor dns_search: . env_file: - ./common/config/db/env depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "postgresql" adminserver: image: goharbor/harbor-adminserver:v1.7.5 container_name: harbor-adminserver env_file: - ./common/config/adminserver/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/config/:/etc/adminserver/config/:z - /data/secretkey:/etc/adminserver/key:z - /data/:/data/:z networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "adminserver" core: image: goharbor/harbor-core:v1.7.5 container_name: harbor-core env_file: - ./common/config/core/env restart: always cap_drop: - ALL cap_add: - SETGID - SETUID volumes: - ./common/config/core/app.conf:/etc/core/app.conf:z - ./common/config/core/private_key.pem:/etc/core/private_key.pem:z - ./common/config/core/certificates/:/etc/core/certificates/:z - /data/secretkey:/etc/core/key:z - /data/ca_download/:/etc/core/ca/:z - /data/psc/:/etc/core/token/:z - /data/:/data/:z networks: - harbor dns_search: . depends_on: - log - adminserver - registry logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "core" portal: image: goharbor/harbor-portal:v1.7.5 container_name: harbor-portal restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE networks: - harbor dns_search: . depends_on: - log - core logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "portal" jobservice: image: goharbor/harbor-jobservice:v1.7.5 container_name: harbor-jobservice env_file: - ./common/config/jobservice/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/job_logs:/var/log/jobs:z - ./common/config/jobservice/config.yml:/etc/jobservice/config.yml:z networks: - harbor dns_search: . depends_on: - redis - core - adminserver logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "jobservice" redis: image: goharbor/redis-photon:v1.7.5 container_name: redis restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/redis:/var/lib/redis networks: - harbor dns_search: . depends_on: - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "redis" proxy: image: goharbor/nginx-photon:v1.7.5 container_name: nginx restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE volumes: - ./common/config/nginx:/etc/nginx:z networks: - harbor dns_search: . ports: - 80:80 - 443:443 - 4443:4443 depends_on: - postgresql - registry - core - portal - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "proxy" networks: harbor: external: false
查看存储目录
[root@docker03 harbor]# du -sh /data/registry/docker/registry/ 52M /data/registry/docker/registry/
高可用
找另外一台服务器,也按照上面的方式安装harbor
建立同步目标
新建复制管理
建立规则
这时,已经可以在104上看到镜像同步过来了
再测试从104上传镜像,是否能同步到103
[root@docker01 ~]# docker login 10.0.0.104 Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded [root@docker01 ~]# docker tag mysql:latest 10.0.0.104/test/mysql:test104 [root@docker01 ~]# docker push 10.0.0.104/test/mysql:test104 The push refers to repository [10.0.0.104/test/mysql] 027a41439ba4: Pushed cd0c4980990f: Pushed eeabd280c12e: Pushed 1a4de2199d77: Pushed ae8fcba6091c: Pushed d7cde20f3f68: Pushed b8d0aeaeeee8: Pushed 893f6aea2ce2: Pushed 1952fb2b0eb4: Pushed 50854886015e: Pushed 71a14cc55692: Pushed 764055ebc9a7: Pushed test104: digest: sha256:c1afde725e2cfb627136a299b4d4bd35ae30a31fae1297dd2b3c3c951d9c7240 size: 2828
