Harbor is an open source image storage, image can be protected through role-based access control, the new version also adds vulnerabilities and Harbor image as a trusted signature scanning mirror in .
As CNCF incubator project, Harbor provides compliance, performance and interoperability to help you cross Kubernetes and Docker and other native cloud computing platforms continue to safely manage images.
Harbor Docker container components are the way to start, so you can be deployed on any supported Linux distributions Docker's.
Hardware Requirements
Software Requirements
network port
download link
https://github.com/goharbor/harbor/releases
Official Harbor are provided online version (without mirror assembly, relatively small) and offline (comprising a mirror assembly, is relatively large).
Since github download very, very slow, the bottom of this article has provided the latest version of the offline package (harbor-offline-installer-v1.10.1.tgz).
Create a https certificate
# Create a certificate directory and give permission
mkdir -p / the Data / CERT && chmod -R 777 / the Data / CERT && cd / the Data / CERT
# Generates a secret key, setting up a password OpenSSL genrsa--out-des3-harbor.key 2048 # generated CA certificate, a password is required OpenSSL REQ -sha512 - new new \ -subj " / C = the CN / ST = the JS / L = WX / O ZWX = / OU = jhmy / CN = hub.jhmy.com " \ - Key harbor.key \ - OUT harbor.csr # backup certificate cp harbor.key harbor.key.org # drained away private key password in order to access the docker ( See also official mutual authentication) OpenSSL rsa - in harbor.key.org - OUT harbor.key # use the certificate to sign OpenSSL X509 -req -days 365 - in harbor.crt harbor.csr -signkey harbor.key -out
To deploy the installation
-
Extract the package
-
Edit harbor.yml, modify the hostname, https certificate path, admin password
-
Run install.sh to be parameters (
--with-notary
)
Process: Check the environment -> Import Mirror -> Prepare Environment -> Prepare configuration (including removing the old version) -> started
[root@hub harbor]# ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.8 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.23.1 [Step 2]: loading Harbor images ... Loaded image: goharbor/clair-adapter-photon:v1.0.1-v1.10.1 Loaded image: goharbor/harbor-jobservice:v1.10.1 Loaded image: goharbor/redis-photon:v1.10.1 Loaded image: goharbor/notary-server-photon:v0.6.1-v1.10.1 Loaded image: goharbor/clair-photon:v2.1.1-v1.10.1 Loaded image: goharbor/harbor-log:v1.10.1 Loaded image: goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.10.1 Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.10.1 Loaded image: goharbor/chartmuseum-photon:v0.9.0-v1.10.1 Loaded image: goharbor/harbor-registryctl:v1.10.1 Loaded image: goharbor/nginx-photon:v1.10.1 Loaded image: goharbor/harbor-migrator:v1.10.1 Loaded image: goharbor/prepare:v1.10.1 Loaded image: goharbor/harbor-portal:v1.10.1 Loaded image: goharbor/harbor-core:v1.10.1 Loaded image: goharbor/harbor-db:v1.10.1 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ... prepare base dir is set to /root/harbor Clearing the configuration file: /config/log/logrotate.conf Clearing the configuration file: /config/log/rsyslog_docker.conf Clearing the configuration file: /config/nginx/conf.d/notary.upstream.conf Clearing the configuration file: /config/nginx/conf.d/notary.server.conf Clearing the configuration file: /config/nginx/nginx.conf Clearing the configuration file: /config/core/env Clearing the configuration file: /config/core/app.conf Clearing the configuration file: /config/registry/config.yml Clearing the configuration file: /config/registry/root.crt Clearing the configuration file: /config/registryctl/env Clearing the configuration file: /config/registryctl/config.yml Clearing the configuration file: /config/db/env Clearing the configuration file: /config/jobservice/env Clearing the configuration file: /config/jobservice/config.yml Clearing the configuration file: /config/notary/server-config.postgres.json Clearing the configuration file: /config/notary/server_env Clearing the configuration file: /config/notary/signer_env Clearing the configuration file: /config/notary/signer-config.postgres.json Clearing the configuration file: /config/notary/notary-signer.crt Clearing the configuration file: /config/notary/notary-signer.key Clearing the configuration file: /config/notary/notary-signer-ca.crt Clearing the configuration file: /config/notary/root.crt Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml loaded secret from file: /secret/keys/secretkey Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir # 如果已安装harbor将会自动移除 Note: stopping existing Harbor instance ... Stopping nginx ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping redis ... done Stopping harbor-portal ... done Stopping registry ... done Stopping harbor-db ... done Stopping harbor-log ... done Removing nginx ... done Removing harbor-jobservice ... done Removing harbor-core ... done Removing redis ... done Removing harbor-portal ... done Removing registry ... done Removing harbor-db ... done Removing registryctl ... done Removing harbor-log ... done Removing network harbor_harbor [Step 5]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-portal ... done Creating registry ... done Creating redis ... done Creating harbor-db ... done Creating registryctl ... done Creating harbor-core ... done Creating harbor-jobservice ... done Creating nginx ... done ✔ ----Harbor has been installed and started successfully.----
Application Configuration
# Configure mirroring warehouse address (recommended configuration domain) vim / etc / Docker / daemon.json { " in the insecure-Registries " : [ " ServerIP " ] } # download the test image Docker pull Hello- world # to the mirror retag docker tag hello ServerIP -World / Hello- world: Latest # Login to upload Docker ServerIP the Login Docker ServerIP the Push / the Hello-world: Latest
other instructions
- The new version of the harbor using pg database, if you are very old version, you may still use mysql, you need to manually pause the old service.
And the need to back up and delete the / data / database folder, otherwise the new version will not be resolved pg old mysql data, which led to the installation fails, the two databases for data conversion is a hassle.
- Interface changes
Links: https://pan.baidu.com/s/1IKhBILaocDJkUveG-rXgVQ extraction code: 7bts
Author: Leozhang GG
Source: https://www.cnblogs.com/leozhanggg/p/12554399.html
This article belongs to the author and blog Park total, welcome to reprint, but without the author's consent declared by this section must be retained, and given the original connection in the apparent position of the article page, otherwise the right to pursue legal responsibilities.
Harbor is an open source image storage, image can be protected through role-based access control, the new version also adds vulnerabilities and Harbor image as a trusted signature scanning mirror in .
As CNCF incubator project, Harbor provides compliance, performance and interoperability to help you cross Kubernetes and Docker and other native cloud computing platforms continue to safely manage images.
Harbor Docker container components are the way to start, so you can be deployed on any supported Linux distributions Docker's.
Hardware Requirements
Software Requirements
network port
download link
https://github.com/goharbor/harbor/releases
Official Harbor are provided online version (without mirror assembly, relatively small) and offline (comprising a mirror assembly, is relatively large).
Since github download very, very slow, the bottom of this article has provided the latest version of the offline package (harbor-offline-installer-v1.10.1.tgz).
Create a https certificate
# Create a certificate directory and give permission
mkdir -p / the Data / CERT && chmod -R 777 / the Data / CERT && cd / the Data / CERT
# Generates a secret key, setting up a password OpenSSL genrsa--out-des3-harbor.key 2048 # generated CA certificate, a password is required OpenSSL REQ -sha512 - new new \ -subj " / C = the CN / ST = the JS / L = WX / O ZWX = / OU = jhmy / CN = hub.jhmy.com " \ - Key harbor.key \ - OUT harbor.csr # backup certificate cp harbor.key harbor.key.org # drained away private key password in order to access the docker ( See also official mutual authentication) OpenSSL rsa - in harbor.key.org - OUT harbor.key # use the certificate to sign OpenSSL X509 -req -days 365 - in harbor.crt harbor.csr -signkey harbor.key -out
To deploy the installation
-
Extract the package
-
Edit harbor.yml, modify the hostname, https certificate path, admin password
-
Run install.sh to be parameters (
--with-notary
)
Process: Check the environment -> Import Mirror -> Prepare Environment -> Prepare configuration (including removing the old version) -> started
[root@hub harbor]# ./install.sh [Step 0]: checking if docker is installed ... Note: docker version: 19.03.8 [Step 1]: checking docker-compose is installed ... Note: docker-compose version: 1.23.1 [Step 2]: loading Harbor images ... Loaded image: goharbor/clair-adapter-photon:v1.0.1-v1.10.1 Loaded image: goharbor/harbor-jobservice:v1.10.1 Loaded image: goharbor/redis-photon:v1.10.1 Loaded image: goharbor/notary-server-photon:v0.6.1-v1.10.1 Loaded image: goharbor/clair-photon:v2.1.1-v1.10.1 Loaded image: goharbor/harbor-log:v1.10.1 Loaded image: goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.10.1 Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.10.1 Loaded image: goharbor/chartmuseum-photon:v0.9.0-v1.10.1 Loaded image: goharbor/harbor-registryctl:v1.10.1 Loaded image: goharbor/nginx-photon:v1.10.1 Loaded image: goharbor/harbor-migrator:v1.10.1 Loaded image: goharbor/prepare:v1.10.1 Loaded image: goharbor/harbor-portal:v1.10.1 Loaded image: goharbor/harbor-core:v1.10.1 Loaded image: goharbor/harbor-db:v1.10.1 [Step 3]: preparing environment ... [Step 4]: preparing harbor configs ... prepare base dir is set to /root/harbor Clearing the configuration file: /config/log/logrotate.conf Clearing the configuration file: /config/log/rsyslog_docker.conf Clearing the configuration file: /config/nginx/conf.d/notary.upstream.conf Clearing the configuration file: /config/nginx/conf.d/notary.server.conf Clearing the configuration file: /config/nginx/nginx.conf Clearing the configuration file: /config/core/env Clearing the configuration file: /config/core/app.conf Clearing the configuration file: /config/registry/config.yml Clearing the configuration file: /config/registry/root.crt Clearing the configuration file: /config/registryctl/env Clearing the configuration file: /config/registryctl/config.yml Clearing the configuration file: /config/db/env Clearing the configuration file: /config/jobservice/env Clearing the configuration file: /config/jobservice/config.yml Clearing the configuration file: /config/notary/server-config.postgres.json Clearing the configuration file: /config/notary/server_env Clearing the configuration file: /config/notary/signer_env Clearing the configuration file: /config/notary/signer-config.postgres.json Clearing the configuration file: /config/notary/notary-signer.crt Clearing the configuration file: /config/notary/notary-signer.key Clearing the configuration file: /config/notary/notary-signer-ca.crt Clearing the configuration file: /config/notary/root.crt Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml loaded secret from file: /secret/keys/secretkey Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir # 如果已安装harbor将会自动移除 Note: stopping existing Harbor instance ... Stopping nginx ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping redis ... done Stopping harbor-portal ... done Stopping registry ... done Stopping harbor-db ... done Stopping harbor-log ... done Removing nginx ... done Removing harbor-jobservice ... done Removing harbor-core ... done Removing redis ... done Removing harbor-portal ... done Removing registry ... done Removing harbor-db ... done Removing registryctl ... done Removing harbor-log ... done Removing network harbor_harbor [Step 5]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-portal ... done Creating registry ... done Creating redis ... done Creating harbor-db ... done Creating registryctl ... done Creating harbor-core ... done Creating harbor-jobservice ... done Creating nginx ... done ✔ ----Harbor has been installed and started successfully.----
Application Configuration
# Configure mirroring warehouse address (recommended configuration domain) vim / etc / Docker / daemon.json { " in the insecure-Registries " : [ " ServerIP " ] } # download the test image Docker pull Hello- world # to the mirror retag docker tag hello ServerIP -World / Hello- world: Latest # Login to upload Docker ServerIP the Login Docker ServerIP the Push / the Hello-world: Latest
other instructions
- The new version of the harbor using pg database, if you are very old version, you may still use mysql, you need to manually pause the old service.
And the need to back up and delete the / data / database folder, otherwise the new version will not be resolved pg old mysql data, which led to the installation fails, the two databases for data conversion is a hassle.
- Interface changes
Links: https://pan.baidu.com/s/1IKhBILaocDJkUveG-rXgVQ extraction code: 7bts
Author: Leozhang GG
Source: https://www.cnblogs.com/leozhanggg/p/12554399.html
This article belongs to the author and blog Park total, welcome to reprint, but without the author's consent declared by this section must be retained, and given the original connection in the apparent position of the article page, otherwise the right to pursue legal responsibilities.