一、安装docker和docker-compose
1、安装docker
#wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo #yum -y install docker-ce-18.06.1.ce-3.el7 #systemctl enable docker && systemctl start docker #docker --version Docker version 18.06.1-ce, build e68fc7a
2.下载docker-compose的最新版本
#curl -L "https://github.com/docker/compose/releases/download/1.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
3.为docker-compose添加可执行权限
#chmod +x /usr/local/bin/docker-compose
4.验证查看docker-compose版本
#docker-compose --version
docker-compose version 1.22.0, build f46880f
二、安装Harbor(存储在/data)
1、Harbor支持在线和离线安装方式,这里,我们使用离线方式,先下载Harbor安装包:
#wget https://github.com/goharbor/harbor/releases/download/v1.10.1/harbor-offline-installer-v1.10.1.tgz
2、创建 https 证书
# 创建证书目录,并赋予权限 #mkdir -p /data/cert && chmod -R 777 /data/cert && cd /data/cert # 生成私钥,需要设置密码 #openssl genrsa -des3 -out harbor.key 2048 # 生成CA证书,需要输入密码 #openssl req -sha512 -new -subj "/C=CN/ST=JS/L=WX/O=zwx/OU=jhmy/CN=hub.jhmy.com" -key harbor.key -out harbor.csr # 备份证书 #cp harbor.key harbor.key.org # 退掉私钥密码,以便docker访问(也可以参考官方进行双向认证) #openssl rsa -in harbor.key.org -out harbor.key # 使用证书进行签名 #openssl x509 -req -days 365 -in harbor.csr -signkey harbor.key -out harbor.crt
Signature ok
subject=/C=CN/ST=JS/L=WX/O=zwx/OU=jhmy/CN=hub.jhmy.com
Getting Private key
3、 解压离线安装包
# tar -zxvf harbor-offline-installer-v1.10.1.tgz #解压离线安装包
# ls
common docker-compose.yml harbor.yml LICENSE
common.sh harbor.v1.10.1.tar.gz install.sh prepare
4、配置Harbor
## vim harbor.yml (编辑harbor.yml,修改hostname、https证书路径、admin密码) hostname = 192.168.40.121
certificate: /data/cert/harbor.crt
private_key: /data/cert/harbor.key
harbor_admin_password: Harbor12345
5、安装harbor
# ./install.sh
报错Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already
解决:# netstat -tanlp
6、访问:http://192.168.40.121
7、推送一个镜像到仓库
# cat /etc/docker/daemon.json
{
"insecure-registries": ["192.168.40.121"]
}
# docker login 192.168.40.121 Username: aa Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded # docker tag hello-world:latest 192.168.40.121/test/hello-world:latest # docker push 192.168.40.121/test/hello-world:latest The push refers to repository [192.168.40.121/test/hello-world] af0b15c8625b: Pushed latest: digest: sha256:92c7f9c92844bbbb5d0a101b22f7c2a7949e40f8ea90c8b3bc396879d95e899a size: 524
8、harbor开机自启
vim /lib/systemd/system/harbor.service
[Unit] Description=Harbor After=docker.service systemd-networkd.service systemd-resolved.service Requires=docker.service [Service] Type=simple Restart=on-failure RestartSec=5 ExecStart=/usr/local/bin/docker-compose -f /disk01/sw/harbor/SW/harbor/docker-compose.yml up ExecStop=/usr/local/bin/docker-compose -f /disk01/sw/harbor/SW/harbor/docker-compose.yml down [Install] WantedBy=multi-user.target
systemctl enable harbor
systemctl start harbor
9、harbor主从同步
参考
https://www.cnblogs.com/leozhanggg/p/12554399.html 容器版(默认数据库pg,PostgreSql)
https://www.cnblogs.com/anxminise/p/9764221.html 二进制版(默认数据库mysql)