Harbor 是 VMware 公司开源的企业级 Docker Registry 项目, 项目地址: https://github.com/vmware/harbor
1, 下载离线安装包
2, 安装 Docker
3, 安装 docker-compose
4, 自签 TLS 证书
5, Harbor 安装与配置
6, Docker 主机访问 Harbor
- curl -L https://github.com/docker/compose/releases/download/1.21.0-rc1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-composechmod +x /usr/local/bin/docker-compose
- wget https://storage.googleapis.com/harbor-releases/release-1.4.0/harbor-offline-installer-v1.4.0.tgz
- tar xf harbor-offline-installer-v1.4.0.tgz
自签 TLS 证书 https://github.com/vmware/harbor/blob/master/docs/configure_https.md
- cd harbor/
- mkdir ssl
- cd ssl
- openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt
- Country Name (2 letter code) [XX]:CN
- State or Province Name (full name) []:
- Locality Name (eg, city) [Default City]:
- Organization Name (eg, company) [Default Company Ltd]:
- Organizational Unit Name (eg, section) []:
- Common Name (eg, your name or your server's hostname) []:hequan
- Email Address []:
- openssl req -newkey rsa:4096 -nodes -sha256 -keyout reg.hequan.xyz.key -out reg.hequan.xyz.csr
- -----
- Country Name (2 letter code) [XX]:CN
- State or Province Name (full name) []:
- Locality Name (eg, city) [Default City]:
- Organization Name (eg, company) [Default Company Ltd]:
- Organizational Unit Name (eg, section) []:
- Common Name (eg, your name or your server's hostname) []:reg.hequan.xyz
- Email Address []:
- Please enter the following 'extra' attributes
- to be sent with your certificate request
- A challenge password []:
- An optional company name []:
- openssl x509 -req -days 365 -in reg.hequan.xyz.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out reg.hequan.xyz.crt
- vim harbor.cfg
- hostname = reg.hequan.xyz
- ui_url_protocol = https
- ssl_cert = ./ssl/reg.hequan.xyz.crt
- ssl_cert_key = ./ssl/reg.hequan.xyz.key
- harbor_admin_password = 12345
- ./prepare
- ./install.sh
- docker-compose ps
- Name Command State Ports
- -------------------------------------------------------------------------------------------------------------------------------------
- harbor-adminserver /harbor/start.sh Up (healthy)
- harbor-db /usr/local/bin/docker-entr ... Up (healthy) 3306/tcp
- harbor-jobservice /harbor/start.sh Up (healthy)
- harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp
- harbor-ui /harbor/start.sh Up (healthy)
- nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
- registry /entrypoint.sh serve /etc/ ... Up (healthy) 5000/tcp
修改 C:\Windows\System32\drivers\etc\hosts
192.168.1.112 reg.hequan.xyz
登录 admin 12345
创建仓库
创建用户
项目 - 成员 - 新建成员
客户端
- mkdir /etc/docker/certs.d/reg.hequan.xyz -p
- echo 192.168.1.112 reg.hequan.xyz>> /etc/hosts
- scp root@reg.hequan.xyz:/data/harbor/ssl/reg.hequan.xyz.crt /etc/docker/certs.d/reg.hequan.xyz
登录
- docker login reg.hequan.xyz
- Username: hequan
- Password:
- Login Succeeded
或者 docker login reg.hequan.xyz -u hequan -p 12345
在项目中标记镜像:
docker tag SOURCE_IMAGE[:TAG] reg.hequan.xyz/test/IMAGE[:TAG]
推送镜像到当前项目:
- docker push reg.hequan.xyz/test/IMAGE[:TAG]
- docker tag centos reg.hequan.xyz/test/centos:v1
- docker push reg.hequan.xyz/test/centos:v1
- docker pull reg.hequan.xyz/test/centos:v1
来源: http://www.bubuko.com/infodetail-2550559.html