Docker搭建Harbor公开仓库的方法示例
上一篇博文讲到了Registry私有仓库,今天配置一下Harbor仓库,Harbor呢可以作为公开仓库,也可以作为私有仓库,今天就来配置一下Harbor如何实现公开仓库和私有仓库。
关于Registry公开仓库请访问博文:部署Docker私有仓库Registry
Registry和Harbor的区别
- Registry:是一个私有镜像仓库,图形化支持较差,小型企业使用;
- Harbor:支持可视化管理,支持私有仓库和公有仓库,支持镜像的管理控制;
Docker Harbor的优点
- VMWare公司的开源镜像管理解决方案;
- 支持图形化管理;
- 方便访问和配置;
- 方便镜像访问控制;
- 支持镜像负责策略;
- 审计统计用户访问镜像使用情况;
Docker Harbor依赖的程序
- Python;
- 安装Docker;
- Docker Compose;
一、搭建Harbor仓库
案例描述:
两台CentOS7.4,一台服务器端,一台客户端(测试使用);
两台服务器都要安装Docker服务,我这里Docker版本是19.03.9版本;
关于Docker容器的安装请访问:安装Docker.v19。03.9版本
1、配置Docker Compose
访问道云官网,找到安装Docker Compose,复制命令到Docker服务器端:道云
[root@centos01 ~]# curl -L https://get.daocloud.io/docker/compose/releases/download/1.25.5/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose <!--下载Docker Compose--> [root@centos01 ~]# chmod +x /usr/local/bin/docker-compose <!--Docker Compose添加执行权限--> [root@centos01 ~]# docker-compose -v <!--查看Docker Compose版本--> docker-compose version 1.25.5, build 8a1c60f6
2、配置Docker Harbor公开仓库
1)打开Github官网
打开Github官网搜索harbor,再点击goharbor/harbor,再点击“releases”,根据自己所需,下载相应的版本,上传至服务器(网址如下:https://github.com/goharbor/harbor/releases 也可下载在线安装的包,我没试过,可自行尝试),如下:
2)配置Harbor仓库
harbor-online-installer-v1.9.1.tgz <!--上传Harbor压缩包--> [root@centos01 ~]# tar zxvf harbor-online-installer-v1.9.1.tgz -C /usr/local/ <!--解压缩harbor到/usr/local/目录--> [root@centos01 ~]# cd /usr/local/harbor/ <!--进入Harbor目录--> [root@centos01 harbor]# cp harbor.yml harbor.yml.bak <!--备份Harbor主配置文件--> [root@centos01 harbor]# vim harbor.yml <!--修改Harbor主配置文件--> 5 hostname: 192.168.100.10 <!--修改为Docker服务器端IP地址即可--> <!--hostname可以写域名,不过域名还需要更改hosts文件或者安装DNS,我这里就用IP地址--> 8 http: <!--采用http协议--> 10 port: 80 <!--80端口号--> 27 harbor_admin_password: Harbor12345 <!--默认密码,可以自定义--> [root@centos01 harbor]# ./install.sh <!--安装Harbor--> [Step 0]: checking installation environment ... Note: docker version: 19.03.9 Note: docker-compose version: 1.25.5 ……………… <!--此处省略部分内容--> Creating harbor-log ... done Creating registryctl ... done Creating redis ... done Creating harbor-portal ... done Creating registry ... done Creating harbor-db ... done Creating harbor-core ... done Creating nginx ... done Creating harbor-jobservice ... done ✔ ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at http://www.benet.com . For more details, please visit https://github.com/goharbor/harbor . <!--安装完成出现以上代码表示成功--> [root@centos01 ~]# vim /usr/lib/systemd/system/docker.service <!--编辑此配置文件--> 14 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80 <!--定位到此行,后面添加“--insecure-registr”以便指定Harbor的IP及其监听端口--> [root@centos01 harbor]# systemctl daemon-reload <!--守护进程方式运行docker--> [root@centos01 harbor]# systemctl restart docker <!--重新启动Docker服务--> [root@centos01 harbor]# docker-compose stop <!--停止所有容器--> [root@centos01 harbor]# docker-compose start <!--启动所有容器--> [root@centos01 harbor]# netstat -anptu |grep 80 <!--监听80端口--> tcp6 0 0 :::80 :::* LISTEN 23473/docker-proxy
3)安装完成浏览器访问Harbor仓库
4)创建一个公开仓库
5)确保image公开仓库已经创建成功
6)Docker服务器端登录Harbor仓库
[root@centos01 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80 <!--登录Harbor仓库--> WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded <!--出现此提示表示登录成功--> [root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/image/nginx:nginx <!--修改镜像标签--> [root@centos01 ~]# docker push 192.168.100.10:80/image/nginx:nginx <!--上传镜像到Harbor仓库--> [root@centos01 ~]# docker logout 192.168.100.10:80 <!--Docker服务器退出Harbor--> Removing login credentials for 192.168.100.10:80
7)Harbor查看镜像是否上传成功
3、配置Docker客户端
<!--Docker客户端安装Docker服务--> 1)修改配置文件加载Docker Harbor服务器 [root@centos02 ~]# vim /usr/lib/systemd/system/docker.service <!--编辑此配置文件--> ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.100.10:80 <!--定位到此行,后面添加“--insecure-registr”以便指定Harbor的IP及其监听端口--> [root@centos02 ~]# systemctl daemon-reload <!--守护进程运行docker--> [root@centos02 ~]# systemctl restart docker <!--重新启动docker服务--> [root@centos02 ~]# docker login -uadmin -pHarbor12345 192.168.100.10:80 <!--docker客户端登录Harbor--> WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded <!--登录成功--> [root@centos02 ~]# docker pull 192.168.100.10:80/image/nginx:nginx <!--docker客户端下载Harbor公开仓库中的镜像--> [root@centos02 ~]# docker images <!--查看Docker客户端镜像--> REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.100.10:80/image/nginx nginx 1b6b1fe7261e 7 days ago 647MB
4、创建Harbor私有仓库
1)创建私有仓库
2)创建一个用户
3)将刚创建的private用户添加到private私有仓库中
4)上传镜像到Harbor私有仓库
[root@centos01 ~]# docker tag tomcat:latest 192.168.100.10:80/private/tomcat:tomcat <!--Docker服务器修改镜像标签--> [root@centos01 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80 <!--登录Harbor私有仓库--> WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded <!--登录成功--> [root@centos01 ~]# docker push 192.168.100.10:80/private/tomcat:tomcat <!--上传镜像到private私有仓库-->
5)Harbor查看镜像是否上传成功
6)Docker客户端下载私有仓库中的镜像
[root@centos02 ~]# docker login -uprivate -pHarbor12345 192.168.100.10:80 <!--Docker客户端登录Harbor私有仓库--> WARNING! Using --password via the CLI is insecure. Use --password-stdin. WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded <!--登录成功--> [root@centos02 ~]# docker pull 192.168.100.10:80/private/tomcat:tomcat <!--Docker客户端下载Harbor私有仓库中的镜像--> [root@centos02 ~]# docker images <!--Docker客户端查看镜像是否下载成功--> REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.100.10:80/image/nginx nginx 1b6b1fe7261e 7 days ago 647MB 192.168.100.10:80/private/tomcat tomcat 1b6b1fe7261e 7 days ago 647MB
7)Harbor支持日志统计功能
到此这篇关于Docker搭建Harbor公开仓库的方法示例的文章就介绍到这了,更多相关Docker搭建Harbor公开仓库内容请搜索我们以前的文章或继续浏览下面的相关文章希望大家以后多多支持我们!