Docker之企业级私有镜像仓库Harbor的部署

摘要

公司内网机房之前用harbor搭建了一套Docker的镜像服务器,但是上次停电造成harbor的物理节点磁盘阵列坏了,于是又要搭建一套,趁这次机会记录下搭建过程

一、下载harbor的离线安装包

[root@DS-VM-Node168 ~]# curl -Lk https://github.com/vmware/harbor/releases/download/0.4.1/harbor-offline-installer-0.4.1.tgz|tar xz -C /data/
[root@DS-VM-Node168 ~]# cd /data/harbor

二、编辑harbor.cfg配置文件
Docker之企业级私有镜像仓库Harbor的部署

Harbor 的配置文件是 harbor.cfg,里面有各种参数可以配置。 本文演示修改以下几个参数。如果要生产上部署,其他密码相关参数也务必要修改。

Harbor 的每个组件都是以 Docker 容器的形式构建的,使用 Docker Compose 来对它进行部署。

你可以查看 docker-compose.yml 文件,可以发现 Harbor 有 6 个容器组成:

  1. harbor_ui:Harbor 的核心服务
  2. harbor_log:运行着 rsyslog 的容器,进行日志收集
  3. harbor_mysql:由官方 mysql 镜像构成的数据库容器
  4. nginx:使用 Nginx 做反向代理
  5. registry:官方的 Docker Registry
  6. harbor_jobservice:Harbor 的任务管理服务。

三、配置nginx的SSL和自签SSL证书

1、配置nginx启用ssl

[root@DS-VM-Node168 /data/harbor]# cd config/nginx/
[root@DS-VM-Node168 /data/harbor/config/nginx]# mv nginx.conf{,.backup}
[root@DS-VM-Node168 /data/harbor/config/nginx]# cp nginx{.https,}.conf

2、自签ssl证书

[root@DS-VM-Node168 /data/harbor/config/nginx]# cd cert/
[root@DS-VM-Node168 /data/harbor/config/nginx/cert]# openssl genrsa -out nginx.key 2048
[root@DS-VM-Node168 /data/harbor/config/nginx/cert]# openssl req -new -key nginx.key -sha256 -out nginx.csr
[root@DS-VM-Node168 /data/harbor/config/nginx/cert]# openssl x509 -req -days 3650 -in nginx.csr -signkey nginx.key -sha256 -out nginx.crt

[root@DS-VM-Node168 /data/harbor/config/nginx/cert]# cd /data/harbor/

3、将自签的SSL证书导入系统的CA

[root@DS-VM-Node168 /data/harbor]# openssl s_client -showcerts -connect registry.ds.com:443 </dev/null 2>/dev/null | openssl x509 -outform PEM >/etc/pki/ca-trust/source/anchors/registry.ds.com.crt
[root@DS-VM-Node168 /data/harbor]# update-ca-trust
[root@DS-VM-Node168 /data/harbor]# systemctl restart docker.service

四、安装启动 Harbor

[root@DS-VM-Node168 /data/harbor]# ./install.sh 
[Step 0]: checking installation environment ...
docker version: 1.12.2
docker-compose version: 1.8.0
[Step 1]: loading Harbor images ...
c5cc83103be7: Loading layer [==================================================>]   131 MB/131 MB
5f70bf18a086: Loading layer [==================================================>] 1.024 kB/1.024 kB
b130b4720ff3: Loading layer [==================================================>] 6.144 kB/6.144 kB
3a5d8b4d4af1: Loading layer [==================================================>] 3.072 kB/3.072 kB
c7b72e82d306: Loading layer [==================================================>]  8.28 MB/8.28 MB
943b315a8e6d: Loading layer [==================================================>] 3.072 kB/3.072 kB
d24da286ea0a: Loading layer [==================================================>] 3.072 kB/3.072 kB
Loaded image: nginx:1.9.0er [========>                                          ]    512 B/3.072 kB
4fe15f8d0ae6: Loading layer [==================================================>] 5.046 MB/5.046 MB
aa3a31ee27f3: Loading layer [==================================================>] 1.627 MB/1.627 MB
d00444e19d65: Loading layer [==================================================>] 27.23 MB/27.23 MB
35039a507f7a: Loading layer [==================================================>] 3.584 kB/3.584 kB
3bb5bc5ad373: Loading layer [==================================================>] 2.048 kB/2.048 kB
Loaded image: registry:2.5.0[============>                                      ]    512 B/2.048 kB
dd60b611baaa: Loading layer [==================================================>] 133.2 MB/133.2 MB
c104b726e010: Loading layer [==================================================>] 1.536 kB/1.536 kB
22deeafa86d1: Loading layer [==================================================>] 17.13 MB/17.13 MB
a5ad5bccad18: Loading layer [==================================================>] 17.13 MB/17.13 MB
Loaded image: harbor_jobservice_photon:0.4.1                                    ] 196.6 kB/17.13 MB
bb5619c2d562: Loading layer [==================================================>]  57.7 MB/57.7 MB
5200046063ae: Loading layer [==================================================>] 19.46 MB/19.46 MB
bea85b33aa99: Loading layer [==================================================>] 91.14 kB/91.14 kB
642a318689e6: Loading layer [==================================================>] 1.911 MB/1.911 MB
9a0ed7312023: Loading layer [==================================================>] 9.728 kB/9.728 kB
67054e4a8ad0: Loading layer [==================================================>] 4.096 kB/4.096 kB
99e6de711989: Loading layer [==================================================>] 19.61 MB/19.61 MB
Loaded image: harbor_ui_photon:0.4.1                                            ] 196.6 kB/19.61 MB
242fa6f47eec: Loading layer [==================================================>] 60.39 MB/60.39 MB
8616686ebfae: Loading layer [==================================================>] 3.584 kB/3.584 kB
8b83978b12a5: Loading layer [==================================================>] 3.072 kB/3.072 kB
def0184e45f4: Loading layer [==================================================>] 3.072 kB/3.072 kB
f4641394e474: Loading layer [==================================================>] 3.072 kB/3.072 kB
Loaded image: harbor_log_photon:0.4.1>                                          ]    512 B/3.072 kB
917c0fc99b35: Loading layer [==================================================>] 130.9 MB/130.9 MB
5f70bf18a086: Loading layer [==================================================>] 1.024 kB/1.024 kB
dc53f85c39f7: Loading layer [==================================================>] 344.6 kB/344.6 kB
fd876b830f48: Loading layer [==================================================>] 1.536 kB/1.536 kB
8c1117388a35: Loading layer [==================================================>] 33.79 MB/33.79 MB
aad315928251: Loading layer [==================================================>] 25.09 kB/25.09 kB
ab2a27c37f8a: Loading layer [==================================================>] 3.584 kB/3.584 kB
b8772200209c: Loading layer [==================================================>] 166.3 MB/166.3 MB
863a3011c84f: Loading layer [==================================================>]  5.12 kB/5.12 kB
e530b2a3ad33: Loading layer [==================================================>]  5.12 kB/5.12 kB
e2297a9a0883: Loading layer [==================================================>]  7.68 kB/7.68 kB
8156024d8b1d: Loading layer [==================================================>] 3.072 kB/3.072 kB
642d87204caf: Loading layer [==================================================>] 3.072 kB/3.072 kB
Loaded image: harbor_mysql:0.4.1=====>                                          ]    512 B/3.072 kB

[Step 2]: preparing environment ...
Clearing the configuration file: ./config/ui/app.conf
Clearing the configuration file: ./config/ui/env
Clearing the configuration file: ./config/registry/config.yml
Clearing the configuration file: ./config/db/env
Clearing the configuration file: ./config/jobservice/env
Generated configuration file: ./config/ui/env
Generated configuration file: ./config/ui/app.conf
Generated configuration file: ./config/registry/config.yml
Generated configuration file: ./config/db/env
Generated configuration file: ./config/jobservice/env
Clearing the configuration file: ./config/ui/private_key.pem
Clearing the configuration file: ./config/registry/root.crt
Generated configuration file: ./config/ui/private_key.pem
Generated configuration file: ./config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.

[Step 3]: checking existing instance of Harbor ...

[Step 4]: starting Harbor ...
Creating harbor_log_1
Creating harbor_mysql_1
Creating harbor_ui_1
Creating harbor_registry_1
Creating harbor_proxy_1
Creating harbor_jobservice_1

----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at https://registry.ds.com. 
For more details, please visit https://github.com/vmware/harbor .

[root@DS-VM-Node168 /data/harbor]#

如果一切工作正常,可以使用浏览器访问 Harbor 管理入口 https://registry.ds.com。
默认的管理员用户名、密码是:admin/Harbor12345。再次提醒,生产环境中部署一定要修改配置复杂密码。
Docker之企业级私有镜像仓库Harbor的部署

五、测试

[root@DS-VM-Node168 /data/harbor]# docker login -u lookback -p 'lookback' registry.ds.com
[root@DS-VM-Node168 /data/harbor]# docker images 
REPOSITORY                 TAG                 IMAGE ID            CREATED             SIZE
harbor_mysql               0.4.1               454464329533        3 weeks ago         324.3 MB
harbor_jobservice_photon   0.4.1               5f64c96acafd        3 weeks ago         161.8 MB
harbor_ui_photon           0.4.1               d98798190a8b        3 weeks ago         224.4 MB
harbor_log_photon          0.4.1               15eaeaa38afa        3 weeks ago         185.3 MB
registry                   2.5.0               c6c14b3960bd        12 weeks ago        33.31 MB
nginx                      1.9.0               7e156d496c9f        17 months ago       132.9 MB
[root@DS-VM-Node168 /data/harbor]# docker tag harbor_mysql:0.4.1 registry.ds.com/benyoo/harbor_mysql:0.4.1
[root@DS-VM-Node168 /data/harbor]# docker tag harbor_jobservice_photon:0.4.1 registry.ds.com/benyoo/harbor_jobservice_photon:0.4.1
[root@DS-VM-Node168 /data/harbor]# docker tag harbor_ui_photon:0.4.1 registry.ds.com/benyoo/harbor_ui_photon:0.4.1
[root@DS-VM-Node168 /data/harbor]# docker tag harbor_log_photon:0.4.1 registry.ds.com/benyoo/harbor_log_photon:0.4.1
[root@DS-VM-Node168 /data/harbor]# docker tag registry:2.5.0 registry.ds.com/benyoo/registry:2.5.0
[root@DS-VM-Node168 /data/harbor]# docker tag nginx:1.9.0 registry.ds.com/benyoo/nginx:1.9.0
[root@DS-VM-Node168 /data/harbor]# for i in registry.ds.com/benyoo/harbor_mysql:0.4.1 registry.ds.com/benyoo/harbor_jobservice_photon:0.4.1 registry.ds.com/benyoo/harbor_ui_photon:0.4.1 registry.ds.com/benyoo/harbor_log_photon:0.4.1 registry.ds.com/benyoo/registry:2.5.0 registry.ds.com/benyoo/nginx:1.9.0;do docker push $i;done
The push refers to a repository [registry.ds.com/benyoo/harbor_mysql]
642d87204caf: Pushed 
8156024d8b1d: Pushed 
e2297a9a0883: Pushed 
5f70bf18a086: Pushed 
e530b2a3ad33: Pushed 
863a3011c84f: Pushed 
b8772200209c: Pushed 
ab2a27c37f8a: Pushed 
aad315928251: Pushed 
8c1117388a35: Pushed 
fd876b830f48: Pushed 
dc53f85c39f7: Pushed 
917c0fc99b35: Pushed 
0.4.1: digest: sha256:0bcfbb92c3be32d8863028600b1540aab1692dbfe43aa96977d7ed6cfaeca549 size: 4263
The push refers to a repository [registry.ds.com/benyoo/harbor_jobservice_photon]
a5ad5bccad18: Pushed 
22deeafa86d1: Pushed 
c104b726e010: Pushed 
dd60b611baaa: Pushed 
0.4.1: digest: sha256:5bbbf725c745a58da1db4e19a3dcbed0d7f628fc0121a5d1f71b6caf3034f378 size: 1157
The push refers to a repository [registry.ds.com/benyoo/harbor_ui_photon]
99e6de711989: Pushed 
67054e4a8ad0: Pushed 
9a0ed7312023: Pushed 
642a318689e6: Pushed 
bea85b33aa99: Pushed 
5200046063ae: Pushed 
bb5619c2d562: Pushed 
c104b726e010: Mounted from benyoo/harbor_jobservice_photon 
dd60b611baaa: Mounted from benyoo/harbor_jobservice_photon 
0.4.1: digest: sha256:493810bddf8b6315fde95817c02a7c7ac729c54791f7ea867e9ca4c1b4bd7e09 size: 2202
The push refers to a repository [registry.ds.com/benyoo/harbor_log_photon]
f4641394e474: Pushed 
def0184e45f4: Pushed 
8b83978b12a5: Pushed 
8616686ebfae: Pushed 
242fa6f47eec: Pushed 
dd60b611baaa: Mounted from benyoo/harbor_ui_photon 
0.4.1: digest: sha256:c99bd9181be80ae918888139fe672b8d23fceaa65ace3b7ea58830f67b86073f size: 1569
The push refers to a repository [registry.ds.com/benyoo/registry]
3bb5bc5ad373: Pushed 
35039a507f7a: Pushed 
d00444e19d65: Pushed 
aa3a31ee27f3: Pushed 
4fe15f8d0ae6: Pushed 
2.5.0: digest: sha256:51d8869caea35f58dd6a2309423ec5382f19c4e649b5d2c0e3898493f42289d6 size: 1363
The push refers to a repository [registry.ds.com/benyoo/nginx]
5f70bf18a086: Mounted from benyoo/harbor_mysql 
d24da286ea0a: Pushed 
943b315a8e6d: Pushed 
c7b72e82d306: Pushed 
3a5d8b4d4af1: Pushed 
b130b4720ff3: Pushed 
c5cc83103be7: Pushed 
1.9.0: digest: sha256:a904be9a4f971b5f1de33ac9a03a045f030c9f6e432dac384356ba6aaa2dc11a size: 2805
[root@DS-VM-Node168 /data/harbor]#

Docker之企业级私有镜像仓库Harbor的部署

lookback
  • 本文由 发表于 2016年10月23日11:06:18
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: