安装搭建私有仓库Harbor
# 安装docker编排工具docker compose
[root@localhost ~]# yum install docker-compose -y
# 下载Harbor安装包(资源可以下载,但是很慢。需要的联系我)
[root@localhost ~]# wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz
[root@localhost ~]# tar -xf harbor-offline-installer-v1.7.1.tgz -C /data/
# 配置harbor.cfg配置文件
[root@localhost ~]# grep "^[^#]" /data/harbor/harbor.cfg
_version = 1.7.0
hostname = docker2
ui_url_protocol = http
max_job_workers = 2
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
log_rotate_count = 50
log_rotate_size = 200M
http_proxy =
https_proxy =
no_proxy = 127.0.0.1,localhost,core,registry
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
email_insecure = false
harbor_admin_password = Harbor12345
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid
ldap_scope = 2
ldap_timeout = 5
ldap_verify_cert = true
ldap_group_basedn = ou=group,dc=mydomain,dc=com
ldap_group_filter = objectclass=group
ldap_group_gid = cn
ldap_group_scope = 2
self_registration = on
token_expiration = 30
project_creation_restriction = everyone
db_host = postgresql
db_password = root123
db_port = 5432
db_user = postgres
redis_host = redis
redis_port = 6379
redis_password =
redis_db_index = 1,2,3
clair_db_host = postgresql
clair_db_password = root123
clair_db_port = 5432
clair_db_username = postgres
clair_db = postgres
clair_updaters_interval = 12
uaa_endpoint = uaa.mydomain.org
uaa_clientid = id
uaa_clientsecret = secret
uaa_verify_cert = true
uaa_ca_cert = /path/to/ca.pem
registry_storage_provider_name = filesystem
registry_storage_provider_config =
registry_custom_ca_bundle =
# 主要修改了
hostname:主机名
max_job_workers:最cpu数,小于等于自己服务器的硬件
# 定义docker-compose.yml文件(可省略)
# docker-copmose.yml文件是docker编排时,对容器的一些操作:
[root@localhost ~]# cat /data/harbor/docker-compose.yml
# 端口
ports:
- 80:80
- 443:443
- 4443:4443
# 众多存储器路径
如:volumes:
- /data/registry:/storage:z
在生产环境中,尽量将容器的存储卷定义在空间较为充足的磁盘;
自己根据实际情况进行修改;
安装启动harbor
[root@localhost ~]# cd /data/harbor/
[root@localhost harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 19.03.6
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
Loaded image: goharbor/registry-photon:v2.6.2-v1.7.1
Loaded image: goharbor/harbor-migrator:v1.7.1
Loaded image: goharbor/harbor-adminserver:v1.7.1
Loaded image: goharbor/harbor-core:v1.7.1
Loaded image: goharbor/harbor-log:v1.7.1
Loaded image: goharbor/harbor-jobservice:v1.7.1
Loaded image: goharbor/notary-server-photon:v0.6.1-v1.7.1
Loaded image: goharbor/clair-photon:v2.0.7-v1.7.1
Loaded image: goharbor/harbor-portal:v1.7.1
Loaded image: goharbor/harbor-db:v1.7.1
Loaded image: goharbor/redis-photon:v1.7.1
Loaded image: goharbor/nginx-photon:v1.7.1
Loaded image: goharbor/harbor-registryctl:v1.7.1
Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.7.1
Loaded image: goharbor/chartmuseum-photon:v0.7.1-v1.7.1
[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/core/env
Clearing the configuration file: ./common/config/core/app.conf
Clearing the configuration file: ./common/config/core/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/registryctl/env
Clearing the configuration file: ./common/config/registryctl/config.yml
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/log/logrotate.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/core/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/core/app.conf
Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
Note: stopping existing Harbor instance ...
Stopping registryctl ... done
Stopping redis ... done
Stopping harbor-db ... done
Stopping harbor-adminserver ... done
Stopping harbor-log ... done
Removing registryctl ... done
Creating harbor-log ... done
Removing harbor-db ... done
Removing harbor-adminserver ... done
Removing harbor-log ... done
Removing network harbor_harbor
Creating redis ... done
Creating harbor-core ... done
[Step 4]: starting Harbor ...
Creating harbor-portal ... done
Creating nginx ... done
Creating registry ...
Creating harbor-adminserver ...
Creating registryctl ...
Creating harbor-db ...
Creating redis ...
Creating harbor-core ...
Creating harbor-jobservice ...
Creating harbor-portal ...
Creating nginx ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://docker2.
For more details, please visit https://github.com/goharbor/harbor .
# 安装后验证
[root@localhost harbor]# ss -ntpl | grep docker
LISTEN 0 128 127.0.0.1:1514 *:* users:(("docker-proxy",pid=6175,fd=4))
LISTEN 0 128 :::80 :::* users:(("docker-proxy",pid=7095,fd=4))
LISTEN 0 128 :::443 :::* users:(("docker-proxy",pid=7084,fd=4))
LISTEN 0 128 :::4443 :::* users:(("docker-proxy",pid=7073,fd=4))
# harbor实际就是启动了一些docker服务
[root@localhost harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0e664ee633da goharbor/nginx-photon:v1.7.1 "nginx -g 'daemon of…" About a minute ago Up About a minute (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
c5471230c005 goharbor/harbor-jobservice:v1.7.1 "/harbor/start.sh" About a minute ago Up About a minute harbor-jobservice
324e71de854d goharbor/harbor-portal:v1.7.1 "nginx -g 'daemon of…" About a minute ago Up About a minute (healthy) 80/tcp harbor-portal
22c7ac0feeb1 goharbor/harbor-core:v1.7.1 "/harbor/start.sh" About a minute ago Up About a minute (healthy) harbor-core
481aa001d239 goharbor/redis-photon:v1.7.1 "docker-entrypoint.s…" About a minute ago Up About a minute 6379/tcp redis
ea90c9acc63b goharbor/harbor-db:v1.7.1 "/entrypoint.sh post…" About a minute ago Up About a minute (healthy) 5432/tcp harbor-db
ec075505058f goharbor/harbor-registryctl:v1.7.1 "/harbor/start.sh" About a minute ago Up About a minute (healthy) registryctl
6aee78545b5a goharbor/harbor-adminserver:v1.7.1 "/harbor/start.sh" About a minute ago Up About a minute (healthy) harbor-adminserver
61f039ab9f5f goharbor/registry-photon:v2.6.2-v1.7.1 "/entrypoint.sh /etc…" About a minute ago Up About a minute (healthy) 5000/tcp registry
a8b4454ee0e7 goharbor/harbor-log:v1.7.1 "/bin/sh -c /usr/loc…" About a minute ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp harbor-log
harbor使用参考博客