docker install
http://wu1g119.iteye.com/blog/2388260
Harbor is an open source enterprise-level Docker Registry management project of Vmwar. It mainly provides Docker Registry management UI, which can be based on role-based access control, AD/LDAP integration, log auditing and other functions, and fully supports Chinese. All components of Harbor are deployed in Docker, so Harbor can be quickly deployed using Docker Compose.
1. Download harbor
Here is offline installation and download
harbor-offline-installer-v1.1.2.tgz
into the /home/tools/ directory of linux
The original address is very slow to download, here is a friendly network disk https://share.weiyun.com/3cc103ec4969f0544f0684459d52562d
2. Unzip
cd / home / tools / tar xvf harbor-offline-installer-v1.1.2.tgz
3. Modify the configuration configuration Harbor configuration parameters are placed in the file harbor.cfg
cd ./harbor vim ./harbor.cfgRefer to the following configuration
#Configure the hostname of the target host, which is used to access Harbor ui and mirror warehouses. It can be configured as ip address and full domain name, such as 192.168.101.150 or docker-register.yourdomain.com. Do not use localhost or 127.0.0.1 as the host name hostname = docker-register.yourdomain.com #(http or https. The default protocol is http) The protocol used to access the UI and the token/notification service. The default is http. To set the https protocol, see the link Configure Harbor to support the https protocol. ui_url_protocol = http #(default 3) Set the largest working copy in the task service. For each image copy task, there will be a worker to synchronize all tags from the repository to the remote. Increasing this value will allow more current replica tasks. However, because each worker consumes certain resources such as network/cpu/io, the value must be set reasonably according to the resources of the system. max_job_workers = 3 #(on or off. The default is on) When set to on, a script will be used to create the private key and root certificate to authenticate the registry token customize_crt = on ssl_cert = /data/cert/server.crt ssl_cert_key = /data/cert/server.key secretkey_path = /data admiral_url = NA #Configure Harbor to send emails, of course, changing the configuration is not necessary. Note: the default ssl link is not enabled, if SMTP needs ssl support, you can set the following parameters to support email_identity = email_server = smtp.163.com email_server_port = 25 email_username = [email protected] email_password = xxx email_from = admin email_ssl = false #Set the administrator's internal password, which takes effect when Harbor is started for the first time. After this setting is ignored, and the administrator's password will be reset in the UI. The default username and password are as follows: admin/Harbor12345 . harbor_admin_password = admin-123 #The method used for authentication, the default is db_auth, the authentication will be dismembered and stored in the database. If you need to set up LDAP authentication, you need to use ldap_auth. auth_mode = db_auth #mysql database root user password db_auth mode. db_password = root #LDAP server LDAP authentication mode when auth_mode is set to ldap_auth. ldap_url = ldaps://ldap.mydomain.com ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com ldap_search_pwd = password ldap_basedn = ou=people,dc=mydomain,dc=com ldap_filter = (objectClass=person) ldap_uid = uid ldap_scope = 3 ldap_timeout = 5 #(on or off. Default is on) Enables and disables the user registration function. When disabled, new user functions are created by the admin user. _Note: When auth_mode is set to ldap_auth, self-registration will always be turned off, and this parameter will also be ignored self_registration = off #token expiration time, default 30 minutes token_expiration = 30 #Project creation permission everyone: everyone, adminonly: administrator project_creation_restriction = everyone #(on or off. Default on) This parameter determines whether to use SSL/TLS when interacting with the remote registry instance of the harbor box. When set to off, the remote registry will generally use self-signed or untrusted Certificate. verify_remote_cert = on
4. Execute the installation
sudo ./install.sh
Report exception missing docker-compose
✖ Need to install docker-compose(1.7.1+) by yourself first and run this script again.
Refer to docker-compose installation
http://blog.csdn.net/gsying1474/article/details/52988784
harbor docker-compose.yml 参考 http://wu1g119.iteye.com/blog/2388261
execute again
sudo ./install.sh
5. Installation is complete
docker ps
can be seen
Prove that harbor started successfully
6. web login
enter
http://192.168.101.150/
and set the account password
7. Use repository in maven
1.) First create a new project hsd in harbor, and add the personnel
========maven plugin configuration========================
2.) settings.xml add warehouse password
<servers> <!--docker private server--> <server> <id>docker-hub</id> <username>harbor project staff account</username> <password>password of harbor project staff</password> <configuration> <email>Email address of the harbor project staff</email> </configuration> </server> </servers>
3.)
<plugin> <groupId>com.spotify</groupId> <artifactId>docker-maven-plugin</artifactId> <version>1.0.0</version> <configuration> <serverId> docker-hub </serverId> <registryUrl>http://192.168.101.150</registryUrl> <dockerHost>http://192.168.101.150:2375</dockerHost> <exposes>80</exposes> <pushImage>true</pushImage> <imageName>192.168.101.150/hsd/${project.artifactId}:${project.version}</imageName> <imageTags> <imageTag>1.0</imageTag> </imageTags> <dockerDirectory>src/main/docker</dockerDirectory> <skipDockerBuild>false</skipDockerBuild> <resources> <resource> <targetPath>/</targetPath> <directory>src/main/resources</directory> <filtering>true</filtering> <includes> <include>**/Dockerfile</include> </includes> <directory>${project.build.directory}</directory> <include>${project.build.finalName}.jar</include> </resource> </resources> </configuration> </plugin>
release
mvn clean install
start up
docker -H 192.168.101.150:2375 run -p 6060:6060 hsd/hsd-account-server:1.0
References