部署Docker
[zhuxiaoshuai@docker-repository ~]# cd /etc/yum.repos.d/
[zhuxiaoshuai@docker-repository yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[zhuxiaoshuai@docker-repository ~]# yum install -y docker-ce
[zhuxiaoshuai@docker-repository ~]# systemctl start docker
[zhuxiaoshuai@docker-repository ~]# systemctl enable docker
部署docker-compose
[zhuxiaoshuai@docker-repository ~]# curl -L https://github.com/docker/compose/releases/download/1.22.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
[zhuxiaoshuai@docker-repository ~]# chmod +x /usr/local/bin/docker-compose
部署Harbor仓库
[zhuxiaoshuai@docker-repository ~]# mkdir -p /app/harbor
[zhuxiaoshuai@docker-repository ~]# tar zxvf harbor.tgz -C /app/harbor
[zhuxiaoshuai@docker-repository ~]# cd harbor
看到Harbor的目录结构,关键的配置文件就只有:
[zhuxiaoshuai@docker-repository harbor]# ls -l docker-compose.yml harbor.cfg
-rw-r--r-- 1 root root 3580 Jan 28 12:05 docker-compose.yml
-rw-r--r-- 1 root root 6682 Jan 28 12:05 harbor.cfg
修改harbor.cfg文件配置,主要修改的地方只有几个
hostname =203.0.113.111 #Harbor监听的地址,可以通过浏览器进行访问
harbor_admin_password = zhuxiaoshuai1QAZ #初始化默认admin的登陆密码
使用prepare生成配置文件
[zhuxiaoshuai@docker-repository harbor]# ./prepare
使用docker-compose启动集群之前,先修改一下docker-compose的配置,Harbor默认是在80端口,因为服务器80端口被占用了。所以需要修改一下端口
proxy:
image: vmware/nginx-photon:v1.5.1
container_name: nginx
restart: always
volumes:
- ./common/config/nginx:/etc/nginx:z
networks:
- harbor
ports:
- 18080:80
- 444:443
启动Harbor,解压的时候默认有一个安装脚本
[zhuxiaoshuai@docker-repository harbor]# ./install.sh
查看Harbor的状态
[zhuxiaoshuai@docker-repository harbor]# docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------
harbor-adminserver /harbor/start.sh Up
harbor-db /usr/local/bin/docker-entr ... Up 3306/tcp
harbor-jobservice /harbor/start.sh Up
harbor-log /bin/sh -c /usr/local/bin/ ... Up 127.0.0.1:1514->10514/tcp
harbor-ui /harbor/start.sh Up
nginx nginx -g daemon off; Up 0.0.0.0:444->443/tcp, 0.0.0.0:18080->80/tcp
redis docker-entrypoint.sh redis ... Up 6379/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
可以通过IP+PORT的方式访问Harbor了
登陆的用户默认是:admin
初始密码:harbor.cfg文件中定义的
如果需要调整配置文件,修改后,那么就需要执行一遍
[zhuxiaoshuai@docker-repository harbor]# docker-compose down
[zhuxiaoshuai@docker-repository harbor]# ./prepare
[zhuxiaoshuai@docker-repository harbor]# docker-compose up -d
测试
上传下载镜像
配置docker的http,因为安装的时候,没有选择的HTTPS,所以需要配置
[zhuxiaoshuai@docker-repository harbor]# echo { "insecure-registries":["203.0.113.111:18080"] }>>/etc/docker/daemon.json
[zhuxiaoshuai@docker-repository harbor]# systemctl reload docker
登陆harbor仓库,docker login
[zhuxiaoshuai@docker-repository harbor]# docker login 203.0.113.111:18080
Username (admin): admin
Password:
Login Succeeded
在本地上传一个镜像,这里我们在本地的一个本地镜像上传到仓库中
[zhuxiaoshuai@docker-repository harbor]# docker images|grep ldap
ldap zhuxiaoshuai 88f7510eb7e4 3 weeks ago 482MB
首先给镜像打tag,tag的格式是固定的 【仓库地址】【项目名】【镜像名:TAG】
[zhuxiaoshuai@docker-repository harbor]# docker tag ldap:zhuxiaoshuai 203.0.113.111:18080/zhuxs/ldap:zhuxiaoshuai
[zhuxiaoshuai@docker-repository harbor]# docker images |grep ldap
203.0.113.111:18080/zhuxs/ldap zhuxiaoshuai 88f7510eb7e4 3 weeks ago 482MB
将镜像推送到Harbor上面
[zhuxiaoshuai@docker-repository harbor]# docker push 203.0.113.111:18080/zhuxs/ldap
The push refers to repository [203.0.113.111:18080/zhuxs/ldap]
9fc52pfpq9e1: Mounted from zhuxs/zhuxs
latest: digest: sha256:ffb5d2157acd2uelxtf0h3n8378d64e8aa839d2785c2ffd5424e472818c42755 size: 529
在界面上可以查看
确实上传到了Harbor仓库中了
在另外一台机器上面可以测试从Harbor下载我们上传的ldap镜像
[zhuxiaoshuai@docker ~]# docker login 203.0.113.111:18080
Username: admin
Password:
Login Succeeded
如果这里一样出现类似HTTP请求docker的问题,使用下面的方法解决
echo { "insecure-registries":["203.0.113.111:18080"] }>>/etc/docker/daemon.json
systemctl reload docker
使用docker pull将镜像下载下来
[zhuxiaoshuai@docker ~]# docker pull 203.0.113.111:18080/zhuxs/ldap
[zhuxiaoshuai@docker ~]# docker images |grep ldap
203.0.113.111:18080/zhuxs/ldap zhuxiaoshuai 88f7510eb7e4 3 weeks ago 482MB