centos离线安装Harbor

Others 2021-11-18 14:06:50 views: null

本文记录自己在centos7上离线安装Harbor过程,其中借鉴了不少网上的资源,如有重复拷贝请联系。
现在机器上安装docker,如果不知道请看: centos离线二进制安装kubernetes和docker

安装环境如下:

组件 版本
docker 19.03.9
docker-compose 1.28.6
harbor 2.1.6

首先下载安装docker-compose

wget https://github.com/docker/compose/releases/download/1.28.6/docker-compose-Linux-x86_64
mv docker-compose-Linux-x86_64 docker-compose
chmod +x docker-compose
cp docker-compose /usr/local/bin

下载harbor:

wget  https://github.com/goharbor/harbor/releases/download/v2.1.6/harbor-offline-installer-v2.1.6.tgz

然后生成HTTPS相关证书:

mkdir -p /data1/harbor/ssl
cd /root/harbor/ssl
openssl genrsa -out ca.key 4096

openssl req -x509 -new -nodes -sha512 -days 3650 \
 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=my.registry.harbor.com" \
 -key ca.key \
 -out ca.crt

openssl genrsa -out my.registry.harbor.com.key 4096

openssl req -sha512 -new \
    -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=my.registry.harbor.com" \
    -key my.registry.harbor.com.key \
    -out my.registry.harbor.com.csr



cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1=my.registry.harbor.com
DNS.2=my.registry.harbor
DNS.3=harbor
EOF


openssl x509 -req -sha512 -days 3650 \
    -extfile v3.ext \
    -CA ca.crt -CAkey ca.key -CAcreateserial \
    -in my.registry.harbor.com.csr \
    -out my.registry.harbor.com.crt


openssl x509 -inform PEM -in my.registry.harbor.com.crt -out my.registry.harbor.com.cert

复制证书到docker配置中:

mkdir -p /etc/docker/certs.d/my.registry.harbor.com/
cp my.registry.harbor.com.cert /etc/docker/certs.d/my.registry.harbor.com/
cp my.registry.harbor.com.key /etc/docker/certs.d/my.registry.harbor.com/
cp ca.crt /etc/docker/certs.d/my.registry.harbor.com/

重启docker:

systemctl restart docker

启动
然后解压缩配置harbor:

tar -zxvf harbor-offline-installer-v2.1.6.tgz

解压完之后,有一个harbor.yml.tmpl,这是默认的配置模板,我这边配置如下:
在这里插入图片描述

然后执行如下安装语句:

./prepare
./install.sh

本机浏览器输入:
my.registry.harbor.com
即可访问

在这里插入图片描述
(注意需要配置域名具体对应本地IP地址)

另外,由于有HTTPS证书,需要在docker使用节点上安装相关证书,执行如下步骤:

mkdir -p /etc/docker/certs.d/my.registry.harbor.com/
cp my.registry.harbor.com.cert /etc/docker/certs.d/my.registry.harbor.com/
cp my.registry.harbor.com.key /etc/docker/certs.d/my.registry.harbor.com/
cp ca.crt /etc/docker/certs.d/my.registry.harbor.com/

如果要重启harbor,执行如下操作:
先停止docker-compose

docker-compose stop

启动容器

docker-compose up -d

有的可能会报如下错误:

ERROR: 
        Can't find a suitable configuration file in this directory or any
        parent. Are you in the right directory?

        Supported filenames: docker-compose.yml, docker-compose.yaml, compose.yml, compose.yaml

这是需要docker-compose.yml,一般在安装harbor的时候,执行install的目录会生成这个文件。

Guess you like

Origin blog.csdn.net/LeoHan163/article/details/119737428
Recommended
Ranking
How to make the url of the picture have the download attribute and force the download. Jump browser to download automatically.
Lr CC 8.3 Installation Guide
MD5Utils (MD5 encryption tools! Unsalted)
Econ 325 (004)
Photo studio photography appointment app based on java SpringBoot and Vue uniapp
What is b
2017 Second Guangdong strong network Cup online game --Nonstandard
myeclipse8.5 add tomact7
mpeg1, mpeg2 and mpeg4 standard comparative analysis and summary
Tencent sub-sub-group 6-color program
Daily
More
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)
2024-04-16(23)

Code World

© 2018 codetd.com