yovinchen
/
Note
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Note/环境/安装教程/Harbor.md

239 lines
6.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Harbor是一个开源的可信云原生注册表用于存储、签名和扫描内容。它为开源Docker发行版添加了安全、身份和管理等功能。
## 自动安装
```console
curl -LO https://raw.githubusercontent.com/bitnami/containers/main/bitnami/harbor-portal/docker-compose.yml
curl -L https://github.com/bitnami/containers/archive/main.tar.gz | tar xz --strip=2 containers-main/bitnami/harbor-portal && cp -RL harbor-portal/config . && rm -rf harbor-portal
docker-compose up
```
## 手动安装
### 1、下载安装包
```shell
wget https://github.com/goharbor/harbor/releases/download/v2.7.4/harbor-offline-installer-v2.7.4.tgz
```
### 2、解压安装包,进入目录并展示文件
```shell
tar -xvf harbor-offline-installer-v2.7.4.tar
cd harbor
ll
```
![image-20231208150823727](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702019310.png)
### 3、复制harbor.yml配置文件并编辑
```shell
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
```
### 4、编辑文件内容如图
![image-20231208151131781](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702019492.png)
### 5、启动项目
```shell
./install.sh
```
即可看到安装,等待安装完毕即可。
## 简单使用
首先进入页面输入上面设置的密码登录默认访问80端口ip:80
![image-20231208151408705](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702019649.png)
进入页面后新建一个项目例如 `public`
![image-20231208151853837](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702019934.png)
访问级别是公开存储限制为无限镜像代理可以去配置aliyun此代理是用户在harbor仓库中找不到对应镜像然后去代理仓库中查找镜像
![image-20231208152259575](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702020179.png)
打开另外一台服务器,配置`docker`镜像设置
```shell
sudo vim /etc/docker/daemon.json
```
将下面的内容复制进去(`<ip>`更换为上述`Harbor`服务器地址)
```xml
{
"registry-mirrors": [
"https://hub.docker.com",
"http://<ip>:80"
],
"insecure-registries" : [
"<ip>:80"
]
}
```
保存退出,然后重新加载配置启动`docker`
```shell
sudo systemctl daemon-reload
sudo systemctl restart docker
```
在本地镜像(下载了一个`redis`作为演示)打一个标签
```shell
#下载镜像
docker pull redis
#给镜像打标签
# redis:latest 被打标签的本地镜像
# <ip>:80/public/redis:v1新的标签名称
# <ip> 是指定的 IP 地址80 是端口号public/redis:v1 是新的标签。
docker tag redis:latest <ip>:80/public/redis:v1
#登录远程Harbor仓库
docker login -u <username> -p <password> http://<ip>:80
#推送镜像
docker push <ip>:80/public/redis:v1
```
![image-20231208154658318](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702021618.png)
在`Harbor`中就可以看到镜像了
![image-20231208230150057](https://lsky.hhdxw.top/imghub/2023/12/image-202312081702047710.png)
```yaml
# Copyright VMware, Inc.
# SPDX-License-Identifier: APACHE-2.0
version: '2'
services:
registry:
image: docker.io/bitnami/harbor-registry:2
environment:
- REGISTRY_HTTP_SECRET=CHANGEME
volumes:
- registry_data:/storage
- ./config/registry/:/etc/registry/:ro
registryctl:
image: docker.io/bitnami/harbor-registryctl:2
environment:
- CORE_SECRET=CHANGEME
- JOBSERVICE_SECRET=CHANGEME
- REGISTRY_HTTP_SECRET=CHANGEME
volumes:
- registry_data:/storage
- ./config/registry/:/etc/registry/:ro
- ./config/registryctl/config.yml:/etc/registryctl/config.yml:ro
postgresql:
image: docker.io/bitnami/postgresql:13
container_name: harbor-db
environment:
- POSTGRESQL_PASSWORD=bitnami
- POSTGRESQL_DATABASE=registry
volumes:
- postgresql_data:/bitnami/postgresql
core:
image: docker.io/bitnami/harbor-core:2
container_name: harbor-core
depends_on:
- registry
environment:
- CORE_KEY=change-this-key
- _REDIS_URL_CORE=redis://redis:6379/0
- SYNC_REGISTRY=false
- CHART_CACHE_DRIVER=redis
- _REDIS_URL_REG=redis://redis:6379/1
- PORT=8080
- LOG_LEVEL=info
- EXT_ENDPOINT=http://reg.mydomain.com
- DATABASE_TYPE=postgresql
- REGISTRY_CONTROLLER_URL=http://registryctl:8080
- POSTGRESQL_HOST=postgresql
- POSTGRESQL_PORT=5432
- POSTGRESQL_DATABASE=registry
- POSTGRESQL_USERNAME=postgres
- POSTGRESQL_PASSWORD=bitnami
- POSTGRESQL_SSLMODE=disable
- REGISTRY_URL=http://registry:5000
- TOKEN_SERVICE_URL=http://core:8080/service/token
- HARBOR_ADMIN_PASSWORD=bitnami
- CORE_SECRET=CHANGEME
- JOBSERVICE_SECRET=CHANGEME
- ADMIRAL_URL=
- CORE_URL=http://core:8080
- JOBSERVICE_URL=http://jobservice:8080
- REGISTRY_STORAGE_PROVIDER_NAME=filesystem
- REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user
- REGISTRY_CREDENTIAL_PASSWORD=harbor_registry_password
- READ_ONLY=false
- RELOAD_KEY=
volumes:
- core_data:/data
- ./config/core/app.conf:/etc/core/app.conf:ro
- ./config/core/private_key.pem:/etc/core/private_key.pem:ro
portal:
image: docker.io/bitnami/harbor-portal:2
container_name: harbor-portal
depends_on:
- core
jobservice:
image: docker.io/bitnami/harbor-jobservice:2
container_name: harbor-jobservice
depends_on:
- redis
- core
environment:
- CORE_SECRET=CHANGEME
- JOBSERVICE_SECRET=CHANGEME
- CORE_URL=http://core:8080
- REGISTRY_CONTROLLER_URL=http://registryctl:8080
- REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user
- REGISTRY_CREDENTIAL_PASSWORD=harbor_registry_password
volumes:
- jobservice_data:/var/log/jobs
- ./config/jobservice/config.yml:/etc/jobservice/config.yml:ro
redis:
image: docker.io/bitnami/redis:7.0
environment:
# ALLOW_EMPTY_PASSWORD is recommended only for development.
- ALLOW_EMPTY_PASSWORD=yes
harbor-nginx:
image: docker.io/bitnami/nginx:1.25
container_name: nginx
volumes:
- ./config/proxy/nginx.conf:/opt/bitnami/nginx/conf/nginx.conf:ro
ports:
- '80:8080'
depends_on:
- postgresql
- registry
- core
- portal
volumes:
registry_data:
driver: local
core_data:
driver: local
jobservice_data:
driver: local
postgresql_data:
driver: local
```
Reference in New Issue View Git Blame Copy Permalink