Docker搭建私有仓库Harbor

安装搭建私有仓库Harbor

# 安装docker编排工具docker compose
[root@localhost ~]# yum install docker-compose -y

# 下载Harbor安装包(资源可以下载,但是很慢。需要的联系我)
[root@localhost ~]# wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.1.tgz
[root@localhost ~]# tar -xf harbor-offline-installer-v1.7.1.tgz -C /data/

# 配置harbor.cfg配置文件
[root@localhost ~]# grep "^[^#]" /data/harbor/harbor.cfg
_version = 1.7.0
hostname = docker2
ui_url_protocol = http
max_job_workers = 2
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
log_rotate_count = 50
log_rotate_size = 200M
http_proxy =
https_proxy =
no_proxy = 127.0.0.1,localhost,core,registry
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
email_insecure = false
harbor_admin_password = Harbor12345
auth_mode = db_auth
ldap_url = ldaps://ldap.mydomain.com
ldap_basedn = ou=people,dc=mydomain,dc=com
ldap_uid = uid
ldap_scope = 2
ldap_timeout = 5
ldap_verify_cert = true
ldap_group_basedn = ou=group,dc=mydomain,dc=com
ldap_group_filter = objectclass=group
ldap_group_gid = cn
ldap_group_scope = 2
self_registration = on
token_expiration = 30
project_creation_restriction = everyone
db_host = postgresql
db_password = root123
db_port = 5432
db_user = postgres
redis_host = redis
redis_port = 6379
redis_password =
redis_db_index = 1,2,3
clair_db_host = postgresql
clair_db_password = root123
clair_db_port = 5432
clair_db_username = postgres
clair_db = postgres
clair_updaters_interval = 12
uaa_endpoint = uaa.mydomain.org
uaa_clientid = id
uaa_clientsecret = secret
uaa_verify_cert = true
uaa_ca_cert = /path/to/ca.pem
registry_storage_provider_name = filesystem
registry_storage_provider_config =
registry_custom_ca_bundle =

# 主要修改了
hostname:主机名
max_job_workers:最cpu数,小于等于自己服务器的硬件

# 定义docker-compose.yml文件(可省略)
# docker-copmose.yml文件是docker编排时,对容器的一些操作:
[root@localhost ~]# cat /data/harbor/docker-compose.yml
# 端口
ports:
      - 80:80
      - 443:443
      - 4443:4443
# 众多存储器路径
如:volumes:
      - /data/registry:/storage:z
在生产环境中,尽量将容器的存储卷定义在空间较为充足的磁盘;
自己根据实际情况进行修改;

安装启动harbor

[root@localhost ~]# cd /data/harbor/
[root@localhost harbor]# ./install.sh
[Step 0]: checking installation environment ...

Note: docker version: 19.03.6

Note: docker-compose version: 1.18.0

[Step 1]: loading Harbor images ...
Loaded image: goharbor/registry-photon:v2.6.2-v1.7.1
Loaded image: goharbor/harbor-migrator:v1.7.1
Loaded image: goharbor/harbor-adminserver:v1.7.1
Loaded image: goharbor/harbor-core:v1.7.1
Loaded image: goharbor/harbor-log:v1.7.1
Loaded image: goharbor/harbor-jobservice:v1.7.1
Loaded image: goharbor/notary-server-photon:v0.6.1-v1.7.1
Loaded image: goharbor/clair-photon:v2.0.7-v1.7.1
Loaded image: goharbor/harbor-portal:v1.7.1
Loaded image: goharbor/harbor-db:v1.7.1
Loaded image: goharbor/redis-photon:v1.7.1
Loaded image: goharbor/nginx-photon:v1.7.1
Loaded image: goharbor/harbor-registryctl:v1.7.1
Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.7.1
Loaded image: goharbor/chartmuseum-photon:v0.7.1-v1.7.1


[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/core/env
Clearing the configuration file: ./common/config/core/app.conf
Clearing the configuration file: ./common/config/core/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/registryctl/env
Clearing the configuration file: ./common/config/registryctl/config.yml
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/log/logrotate.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/core/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/core/app.conf
Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.


[Step 3]: checking existing instance of Harbor ...

Note: stopping existing Harbor instance ...
Stopping registryctl        ... done
Stopping redis              ... done
Stopping harbor-db          ... done
Stopping harbor-adminserver ... done
Stopping harbor-log         ... done
Removing registryctl        ... done
Creating harbor-log ... done
Removing harbor-db          ... done
Removing harbor-adminserver ... done
Removing harbor-log         ... done
Removing network harbor_harbor
Creating redis ... done
Creating harbor-core ... done
[Step 4]: starting Harbor ...
Creating harbor-portal ... done
Creating nginx ... done
Creating registry ...
Creating harbor-adminserver ...
Creating registryctl ...
Creating harbor-db ...
Creating redis ...
Creating harbor-core ...
Creating harbor-jobservice ...
Creating harbor-portal ...
Creating nginx ...

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://docker2.
For more details, please visit https://github.com/goharbor/harbor .

# 安装后验证
[root@localhost harbor]# ss -ntpl | grep docker
LISTEN     0      128    127.0.0.1:1514                     *:*                   users:(("docker-proxy",pid=6175,fd=4))
LISTEN     0      128         :::80                      :::*                   users:(("docker-proxy",pid=7095,fd=4))
LISTEN     0      128         :::443                     :::*                   users:(("docker-proxy",pid=7084,fd=4))
LISTEN     0      128         :::4443                    :::*                   users:(("docker-proxy",pid=7073,fd=4))

# harbor实际就是启动了一些docker服务
[root@localhost harbor]# docker ps
CONTAINER ID        IMAGE                                    COMMAND                  CREATED              STATUS                        PORTS        NAMES
0e664ee633da        goharbor/nginx-photon:v1.7.1             "nginx -g 'daemon of…"   About a minute ago   Up About a minute (healthy)   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
c5471230c005        goharbor/harbor-jobservice:v1.7.1        "/harbor/start.sh"       About a minute ago   Up About a minute        harbor-jobservice
324e71de854d        goharbor/harbor-portal:v1.7.1            "nginx -g 'daemon of…"   About a minute ago   Up About a minute (healthy)   80/tcp        harbor-portal
22c7ac0feeb1        goharbor/harbor-core:v1.7.1              "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        harbor-core
481aa001d239        goharbor/redis-photon:v1.7.1             "docker-entrypoint.s…"   About a minute ago   Up About a minute             6379/tcp        redis
ea90c9acc63b        goharbor/harbor-db:v1.7.1                "/entrypoint.sh post…"   About a minute ago   Up About a minute (healthy)   5432/tcp        harbor-db
ec075505058f        goharbor/harbor-registryctl:v1.7.1       "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        registryctl
6aee78545b5a        goharbor/harbor-adminserver:v1.7.1       "/harbor/start.sh"       About a minute ago   Up About a minute (healthy)        harbor-adminserver
61f039ab9f5f        goharbor/registry-photon:v2.6.2-v1.7.1   "/entrypoint.sh /etc…"   About a minute ago   Up About a minute (healthy)   5000/tcp        registry
a8b4454ee0e7        goharbor/harbor-log:v1.7.1               "/bin/sh -c /usr/loc…"   About a minute ago   Up About a minute (healthy)   127.0.0.1:1514->10514/tcp        harbor-log

harbor使用参考博客

上一篇:harbor


下一篇:docker仓库之分布式harbor (一)