目 录CONTENT

文章目录

docker私有仓库harbor的安装及使用

Seven
2021-09-29 / 0 评论 / 0 点赞 / 504 阅读 / 7861 字 / 正在检测是否收录...

环境说明

docker 192.168.20.135

安装harbor

1.安装docker-compose

[root@docker ~]# yum -y install docker-compose

2.下载并压缩包解压

[root@docker ~]# cd /usr/src/
[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.0.2/harbor-offline-installer-v2.0.2.tgz

[root@docker ~]# tar xf harbor-offline-installer-v2.0.2.tgz -C /usr/local/

[root@docker ~]# cd /usr/local/harbor

[root@docker harbor]# ls
common.sh             harbor.yml.tmpl  LICENSE
harbor.v2.0.2.tar.gz  install.sh       prepare

3.复制harbor.yml.tmpl文件为harbor.yml

[root@docker harbor]# cp harbor.yml.tmpl harbor.yml

4.修改配置文件

[root@docker harbor]# vim harbor.yml

//改为本机IP
hostname: 192.168.20.135

//没有配置ssl证书就注释掉
# https related config
#https:
  # https port for harbor, default is 443
#  port: 443
  # The path of cert and key files for nginx
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path


//用户名admin,密码Harbor12345
# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: Harbor12345

启动Harbor

[root@docker harbor]# systemctl start docker
[root@docker harbor]# ./install.sh 

✔ ----Harbor has been installed and started successfully.---- 
[root@docker harbor]# ss -antl
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      128     *:22                  *:*                  
LISTEN      0      100    127.0.0.1:25                  *:*                  
LISTEN      0      128    127.0.0.1:1514                *:*                  
LISTEN      0      128    :::80                 :::*                  
LISTEN      0      128    :::22                 :::*                  
LISTEN      0      100       ::1:25                 :::*                  

使用Harbor

登入

默认账号:admin
默认密码:Harbor12345
image.png
我们可以看到系统各个模块如下:
image.png

项目:新增/删除项目,查看镜像仓库,给项目添加成员、查看操作日志、复制项目等
日志:仓库各个镜像create、push、pull等操作日志

系统管理

  1. 用户管理:新增/删除用户、设置管理员等
  2. 仓库管理:新增/删除从库目标、新建/删除/启停复制规则等
  3. 复制管理:认证模式、复制、邮箱设置、系统设置等标签添加到本项目的镜像中。
  4. 全局级别标签:由系统管理员管理,用于管理整个系统的镜像。它 们可以添加到任何项目下的镜像中。
  5. 项目级别标签:由项目管理员或者系统管理员在项目下管理,只能
  6. 项目定额:分配每个项目多少存储空间
  7. 审查服务:扫描漏铜
  8. 垃圾清理:清理不需要的镜像
  9. 配置管理:认证设置、邮箱设置、系统设置
    注意:非系统管理员用户登录,只能看到有权限的项目和日志,其他模块不可见。
    在这里插入图片描述

登录传镜像了
我们需要在/etc/docker/daemon.json加上 “insecure-registries”:[“harborIP”]

[root@docker ~]# vim /etc/docker/daemon.json
[root@docker ~]# cat /etc/docker/daemon.json
{
    "registry-mirrors": ["https://0v0l236l.mirror.aliyuncs.com"],
    "insecure-registries":["192.168.20.135"]
}



//重启服务
[root@docker harbor]# systemctl restart docker


//登入
[root@docker harbor]# docker login 192.168.20.135
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

//改标签
[root@docker ~]# docker tag nginx:latest 192.168.20.135/nginx/nginx:v0.1


[root@docker ~]# docker images
REPOSITORY                      TAG                 IMAGE ID            CREATED             SIZE
192.168.20.135/nginx/nginx      v0.1                4bb46517cac3        2 weeks ago         133MB
nginx                           latest              4bb46517cac3        2 weeks ago         133MB
//上传镜像到harbor仓库

[root@docker ~]# docker push 192.168.20.135/nginx/nginx:v0.1
The push refers to repository [192.168.20.135/nginx/nginx]
550333325e31: Pushed 
22ea89b1a816: Pushed 
a4d893caa5c9: Pushed 
0338db614b95: Pushed 
d0f104dc0a1f: Pushed 
v0.1: digest: sha256:179412c42fe3336e7cdc253ad4a2e03d32f50e3037a860cf5edbeb1aaddb915c size: 1362

image.png

创建用户,分配权限

image.png在这里插入图片描述
添加到nginx项目中,并设置权限
image.png

[root@localhost ~]# vim /etc/docker/daemon.json
{
    "registry-mirrors": ["https://0v0l236l.mirror.aliyuncs.com"],
    "insecure-registries":["192.168.20.135"]
}

[root@localhost ~]# systemctl restart docker

登录

[root@localhost ~]# docker login 192.168.20.135
Username: zzl
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

上传镜像

[root@localhost ~]# docker tag nginx:latest 192.168.20.135/nginx/nginx:v0.2
[root@localhost ~]# docker push 192.168.20.135/nginx/nginx:v0.2
The push refers to repository [192.168.20.135/nginx/nginx]
550333325e31: Layer already exists 
22ea89b1a816: Layer already exists 
a4d893caa5c9: Layer already exists 
0338db614b95: Layer already exists 
d0f104dc0a1f: Layer already exists 
v0.2: digest: sha256:179412c42fe3336e7cdc253ad4a2e03d32f50e3037a860cf5edbeb1aaddb915c size: 1362

image.png

Docker 镜像复制

docker 192.168.20.135/24
harbor002 192.168.20.99/24

在仓库管理,新建一个目标

image.png
image.png

同步

image.png
在192.168.20.99上查看,同步完成
image.png

0

评论区