Harbor installation is very simple, but how to operate after installation, Baidu method for a long time did not find practical operation, the update to the private warehouse after how pulled from the official mirror? Get this for a long time, after the same kind of test to find a way, we are not familiar with the private warehouse white, a little pit. Fortunately, it took some time to solve.
1. Harbor Introduction
Harbor is open source solutions to build enterprise-class private docker mirrored warehouse, it is more advanced packaging Docker Registry, which in addition to providing friendly Web UI interface, user roles and rights management, user actions audit and other functions, it also incorporates K8s plug (Add-ons) storage, i.e. by Helm chart download, management, installation K8s plug, and may be provided chartmuseum chart data warehousing.
It also incorporates two open-source security components, is a Notary, the other is Clair, Notary similar to the CA private center, and Clair is a container security scanning tools, CVE vulnerability database that provided by the major manufacturers to get the latest vulnerability information, and scan users to upload a container if there is a known vulnerability information, the two security features for enterprise-class private warehouse is very meaningful.
2. The mounting assembly docker-compose
yum -y install epel-release yum -y install python-pip pip install --upgrade pip pip install docker-compose docker-compose version
3. Install Harbor
Installation Docker
Press " install Docker " document installed decker environment
Docker modify configuration items
we /usr/lib/systemd/system/docker.service
Modify the following content item (insecure-registry server the current value ip)
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --selinux-enabled=false --insecure-registry 192.168.15.216
Restart Service
systemctl daemon-reload
systemctl restart docker
Harbor obtain the installation package download link
Login https://github.com/goharbor/harbor/releases/ find the version you want to install, get offline version of the download link
Run the installation Harbor
# Create a log store directory mkdir -p / the Data / logs / Harbor cd / usr / local / src / wget HTTPS: // github.com/goharbor/harbor/releases/download/v1.10.0/harbor-offline-installer-v1 .10.0.tgz the tar -zxvf Harbor-Offline-Installer-V1. 10.0 .tgz CD Harbor VI harbor.yml
Modify the following
# Current server ip, after the installation is complete, you can access the web management page with this address hostname : 192.168 . 1.xx # comment out the https of all, do not open the https access #https: # https Port for Harbor, default IS 443 # Port: 443 # at the path of CERT and Key Files for nginx #certificate: / your / Certificate / path #private_key: / your / Private / Key / path # Harbor ui background administrator password harbor_admin_password: XXXXX # must be set, otherwise after installation when reassembling can not be modified unless you reinstall the deleted database password: xxxx # Harbor log storage path LOCATION: / the Data / logs / Harbor
And then run the installation script
./prepare ./install
Verifying the Installation
Enter the address of your server browser to http: //192.168.1.xx/ Access Management page
Enter the account number: admin and the administrator password configuration parameters, you can normally log in
docker-compose start and stop commands
docker-compose start
docker-compose stop
Modify the configuration operation
If you need to change the configuration item harbor, the following steps can be modified to update
docker-compose down -v vim /usr/local/harbor/harbor.yml ./prepare docker-compose up -d
Pulling test and update mirroring
Do the following tests on the server can be installed in another docker: PS
Configure registry security service is reliable
we /etc/docker/daemon.json
Modify the contents to the following configuration (insecure-registries should be changed to your server address)
{ "exec-opts": ["native.cgroupdriver=systemd"], "log-driver": "json-file", "log-opts": { "max-size": "100m" }, "storage-driver": "overlay2", "storage-opts": [ "overlay2.override_kernel_check=true" ], "insecure-registries": [ "192.168.1.xx" ], "registry-mirrors": [ "https://registry.docker-cn.com", "https://a8qh6yqv.mirror.aliyuncs.com", "http://hub-mirror.c.163.com" ] }
Restart docker
systemctl restart docker
And pulling the test image update
# From the official website HTTPS: // hub.docker.com/search?q=&type=image pull mirroring Docker pull Redis # view the downloaded image Docker ImagesRF Royalty Free # mirrored using the tag flag is going to push to the private warehouse mirror (default private warehouse mirror directory Library) Docker Tag redis 192.168 . 1.xx / Library / redis # command, do not add back redis version argument, the current version number for the latest, can be specified as:. v1 0 .0 version number, etc. when pulling the mirror after a specified, also need to add a version number # Log harbor, where you need to add the url parameter, or the default login is the official website, url need to add http, otherwise default HTTPS Docker the Login HTTP: // 192.168.1 .xx # enter the user name admin, and password, if the background is the new account, you need to project => library (corresponding project name) => members added to the corresponding account # mirrored submitted to a private warehouse Docker the Push 192.168 . 1.xx / Library /redis after # submit the login web management console, enter the project => library (corresponding project name) => Mirror warehouse you can see the new image of the # test installation image from a private warehouse # view the current server mirroring Docker ImagesRF Royalty Free # the REPOSITORY the iMAGE SIZE ID CREATED the TAG # 192.168 . 1.xx / Library / Redis Latest c33c9b2541a8 33 is hours ago Member 98 .2MB # Redis Latest c33c9b2541a8 33 is hours ago Member 98 .2MB # delete the current mirrored on the server Docker Docker RMI 192.168 . 1.xx / Library / Redis: Latest Docker rmi Redis: Latest # View the current server images (redis mirror is gone) Docker ImagesRF Royalty Free # installation image from a private warehouse Docker pull 192.168 . 1.xx / Library / Redis # View the current server mirroring Docker ImagesRF Royalty Free # TAG the REPOSITORY the IMAGE CREATED SIZE ID # 192.168 . 1 .xx / Library / Redis Latest c33c9b2541a8 33 is hours ago Member 98 .2MB
The above operation is the default library library in a private warehouse operation, if you need to create different sub-item library, you can log in web management console, create a new library in the project
If you need to manage warehouse operations for different people, you can add the account in the user administration, then a member of the new library, add users and bind the corresponding operating authority
Disclaimer: This article was published in the original garden blog , author AllEmpty herein welcome to reprint, but without the author's consent declared by this section must be retained, and given the original connection in the apparent position of the article page, otherwise regarded as infringement.
On the blog: http: //www.cnblogs.com/EmptyFS/