我的技术分享

okami

0%

Harbor部署

发表于
本文字数: 4.1k 阅读时长 ≈ 4 分钟

安装环境

Harbor 被部署为多个 Docker 容器。因此,您可以将它部署在任何支持 Docker 的 Linux 发行版上。目标主机需要 Docker,并且需要安装 Docker Compose

  • 硬件环境(下表为安装harbor对于硬件环境的要求)

    资源 最低配置 建议配置
    CPU 2 CPU 4 CPU
    Mem 4 GB 8 GB
    Disk 40 GB 160 GB

  • 软件环境(目标主机上必须安装以下软件环境)

    Docker engine Version 17.06.0-ce+ or higher For installation instructions, see Docker Engine documentation
    Docker Compose Version 1.18.0 or higher For installation instructions, see Docker Compose documentation
    Openssl Latest is preferred Used to generate certificate and keys for Harbor

  • 端口(Harbor 要求在目标主机上打开以下端口)

    Port Protocol Description
    443 HTTPS Harbor portal and core API accept HTTPS requests on this port. You can change this port in the configuration file.
    4443 HTTPS Connections to the Docker Content Trust service for Harbor. Only required if Notary is enabled. You can change this port in the configuration file.
    80 HTTP Harbor portal and core API accept HTTP requests on this port. You can change this port in the configuration file.

安装步骤

1、下载解压安装包

通过harbor的releases页面下载harbor的安装包。以2.5.1版本为例,在服务器上执行以下指令下载安装包

1
$ wget https://github.com/goharbor/harbor/releases/download/v2.5.1/harbor-online-installer-v2.5.1.tgz

通过以下指令解压

1
$ tar xzvf harbor-online-installer-v2.5.1.tgz

2、配置Https(如不使用https可跳过)

https://goharbor.io/docs/2.5.0/install-config/configure-https/

3、配置harbor.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
$ cd harbor/

$ ls
common.sh  harbor.yml.tmpl  install.sh  LICENSE  prepare

$ hostname
harbor.okami.top

$ cp harbor.yml.tmpl harbor.yml

$ vim harbor.yml
hostname: harbor.okami.top	// 添加主机名

#https related config
#https:						// 注释掉证书,不使用证书就需要注释
  # https port for harbor, default is 443
  # port: 443				// 注释
  # The path of cert and key files for nginx
  # certificate: /your/certificate/path		// 注释
  # private_key: /your/private/key/path		// 注释

harbor_admin_password: Harbor12345			# 默认的登录密码
# 以上这些需要修改,其余保持默认

4、执行install.sh进行安装

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
$ ./install.sh

[Step 0]: checking if docker is installed ...

Note: docker version: 20.10.10

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 1.23.2

[Step 2]: preparing environment ...

[Step 3]: preparing harbor configs ...
......
Creating harbor-log ... done
Creating redis         ... done
Creating registry      ... done
Creating harbor-portal ... done
Creating harbor-db     ... done
Creating registryctl   ... done
Creating harbor-core   ... done
Creating nginx             ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----

查看安装的容器进程如下

1
2
3
4
5
6
7
8
9
10
11
12
$ docker ps
docker ps
CONTAINER ID   IMAGE                                COMMAND                  CREATED         STATUS                   PORTS                       NAMES
7d69676fa9dc   goharbor/nginx-photon:v2.5.1         "nginx -g 'daemon of…"   3 minutes ago   Up 3 minutes (healthy)   0.0.0.0:80->8080/tcp        nginx
bf8c45cd22fb   goharbor/harbor-jobservice:v2.5.1    "/harbor/entrypoint.…"   3 minutes ago   Up 3 minutes (healthy)                               harbor-jobservice
8e536a0699df   goharbor/harbor-core:v2.5.1          "/harbor/entrypoint.…"   3 minutes ago   Up 3 minutes (healthy)                               harbor-core
abdf789d3755   goharbor/harbor-registryctl:v2.5.1   "/home/harbor/start.…"   3 minutes ago   Up 3 minutes (healthy)                               registryctl
0577d1e8a4de   goharbor/harbor-db:v2.5.1            "/docker-entrypoint.…"   3 minutes ago   Up 3 minutes (healthy)                               harbor-db
700de9a6c9eb   goharbor/registry-photon:v2.5.1      "/home/harbor/entryp…"   3 minutes ago   Up 3 minutes (healthy)                               registry
b19c0678b2c9   goharbor/harbor-portal:v2.5.1        "nginx -g 'daemon of…"   3 minutes ago   Up 3 minutes (healthy)                               harbor-portal
9916aeb190fb   goharbor/redis-photon:v2.5.1         "redis-server /etc/r…"   3 minutes ago   Up 3 minutes (healthy)                               redis
c43b70748286   goharbor/harbor-log:v2.5.1           "/bin/sh -c /usr/loc…"   3 minutes ago   Up 3 minutes (healthy)   127.0.0.1:1514->10514/tcp   harbor-log

5、harbor网页操作

登录harbor平台

用户名:admin

密码:在harbor.yml中配置的harbor_admin_password

6、docker配置仓库

1
2
3
4
5
$ vim /etc/docker/daemon.json

{
    "insecure-registries" : ["https://harbor.okami.top"]
}

配置镜像代理缓存

harbor v2.1 新增了代理缓存的功能,类似nexus可以使用harbor代理并缓存来自公共或私有镜像仓库的图像。

1、harbor添加仓库

2、新建项目

在新建项目的时候,选择开启镜像代理,并选择对应的镜像地址

3、使用代理缓存

要开始使用代理缓存,可以通过将docker pull命令或pod 清单使用<harbor_servername>/<proxy_project_name>/
作为前缀添加到image标签,以引用代理缓存项目。例如:

1
$ docker pull harbor.okami.top/docker-hub/library/hello-world:latest

docker pull完成后,可以看到harbor中docker-hub项目中多了一个镜像

harbor间镜像同步

如果我们同时拥有多个harbor仓库,想同步不同harbor中的镜像,可以按照以下步骤实现

1、新建仓库

2、复制管理-新建规则

此处我选择的是手动触发,也可以选择定时触发

3、触发复制

如果我们在创建复制规则的时候,选择的是定时触发,则不需要手动干预

如果我们选择的是手动触发,可以先选中复制规则,然后点击复制,触发镜像的复制动作

参考链接

-------- 本文结束 感谢阅读 --------