harbor
企业级内网镜像管理软件,加速拉取镜像速度,web 页面管理方便。
系统优化
systemctl stop NetworkManager systemctl disable NetworkManager iptables -F systemctl restart docker
安装docker
[root@test05 ~]# yum install -y docker-compose docker [root@test05 ~]# docker-compose version docker-compose version 1.18.0, build 8dd22a9 docker-py version: 2.6.1 CPython version: 3.6.8 OpenSSL version: OpenSSL 1.0.2k-fips 26 Jan 2017
下载软件
mkdir /data && cd /data # mv /tmp/harbor-offline-installer-v2.10.0.tgz . # wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
安装
tar xvf harbor-offline-installer-v2.10.0.tgz mkdir -p /data/harbor/ssl && cd /data/harbor/ssl
配置证书
openssl genrsa -out ca.key 3072 # 一路回车 openssl req -new -x509 -days 36500 -key ca.key -out ca.pem # 一路回车 openssl genrsa -out harbor.key 3072 # 一路回车 openssl req -new -key harbor.key -out harbor.csr # 一路回车 openssl x509 -req -in harbor.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out harbor.pem -days 36500 # 一路回车
修改配置
[root@test05 harbor]# cd /data/harbor/ [root@test05 harbor]# cp harbor.yml.tmpl harbor.yml [root@test05 harbor]# vim harbor.yml # 改以下几个地方即可 hostname: 10.10.8.66 certificate: /data/harbor/ssl/harbor.pem private_key: /data/harbor/ssl/harbor.key harbor_admin_password: your-admin-password
默认的账号密码:admin/Harbor12345
脚本安装
[root@test05 harbor]# ./install.sh 。。。 ✔ ----Harbor has been installed and started successfully.----
配置开机自启动
[root@test05 harbor]# cat >/data/harbor/harborup.sh<<'EOF' #!/bin/bash cd /data/harbor sleep 30s; docker-compose up -d >> /dev/null 2>&1 EOF [root@test05 harbor]# chmod 700 /data/harbor/harborup.sh [root@test05 harbor]# cat >>/var/spool/cron/root<<'EOF' @reboot /bin/sh /data/harbor/harborup.sh EOF
默认的账号密码:admin/Harbor12345
web 使用
创建项目 ——> 项目名称(test) ——> 访问级别(勾选公开) ——> 确定即可
其他机器配置使用
配置私有地址
[root@test01 ~]# cat >/etc/docker/daemon.json<<'EOF' { "registry-mirrors": [ "https://10.10.8.66", "http://hub-mirror.c.163.com", "https://docker.mirrors.ustc.edu.cn", "https://registry.docker-cn.com" ], "insecure-registries": ["10.10.8.66","harbor"], "exec-opts": ["native.cgroupdriver=systemd"] } EOF [root@test01 ~]# systemctl restart docker
登录账号
[root@test01 ~]# docker login 10.10.8.66 Username: admin Password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
打标签
docker tag 10.10.8.66:5000/elasticsearch:6.8.1 10.10.8.66/test/elasticsearch:6.8.1
上传镜像
docker push 10.10.8.66/test/elasticsearch:6.8.1
拉取镜像
docker pull 10.10.8.66/test/elasticsearch:6.8.1
