企业级Docker镜像仓库Harbor部署记录
2017-06-23
我们一直使用Docker官方的Registry v2搭建我们的私有Docker镜像仓库。 最近我们打算使用Harbor这个VMware China开源的企业级镜像仓库,实际上Harbor以Docker官方的Registry为基础,在其上增加了管理UI、访问控制等企业用户需要的功能。
Harbor官方发布的版本使用docker-compose来编排Harbor的各个组件(容器),本着快速开始的策略,我们先基于这种形式快速在一个主机上将Harbor跑起来,好进行后续的学习。
实验环境 #
我们使用一台CentOS 7主机来部署Harbor:
1CentOS 7.3 192.168.61.11
这台主机上已经事先安装好了Docker CE 17.03:
1docker version
2Client:
3 Version: 17.03.1-ce
4 API version: 1.27
5 Go version: go1.7.5
6 Git commit: c6d412e
7 Built: Mon Mar 27 17:05:44 2017
8 OS/Arch: linux/amd64
9
10Server:
11 Version: 17.03.1-ce
12 API version: 1.27 (minimum version 1.12)
13 Go version: go1.7.5
14 Git commit: c6d412e
15 Built: Mon Mar 27 17:05:44 2017
16 OS/Arch: linux/
接下来我们按照docker-compose:
1curl -L https://github.com/docker/compose/releases/download/1.14.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
2
3chmod +x /usr/local/bin/docker-compose
4
5docker-compose -v
6docker-compose version 1.14.0, build c7bdf9e
最后我们确认一下主机上的python版本:
1python --version
2Python 2.7.5
缺省安装Harbor #
下载Harbor的离线安装包:
1wget https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-offline-installer-v1.1.2.tgz
2
3tar -zxvf harbor-offline-installer-v1.1.2.tgz
4
5cd harbor/
6ls
7common docker-compose.notary.yml docker-compose.yml harbor_1_1_0_template harbor.cfg harbor.v1.1.2.tar.gz install.sh LICENSE NOTICE prepare upgrade
修改harbor.cfg:
1hostname = 192.168.61.11
- 由于这里是内网的主机,我们先设置hostname为主机的ip
运行安装包中的install.sh:
1./install.sh
2
3[Step 0]: checking installation environment ...
4
5Note: docker version: 17.03.1
6
7Note: docker-compose version: 1.14.0
8
9[Step 1]: loading Harbor images ...
10......
11[Step 4]: starting Harbor ...
12Creating network "harbor_harbor" with the default driver
13Creating harbor-log ...
14Creating harbor-log ... done
15Creating registry ...
16Creating harbor-db ...
17Creating harbor-adminserver ...
18Creating registry
19Creating harbor-db
20Creating harbor-adminserver ... done
21Creating harbor-ui ...
22Creating harbor-ui ... done
23Creating nginx ...
24Creating harbor-jobservice ...
25Creating nginx
26Creating harbor-jobservice ... done
27
28✔ ----Harbor has been installed and started successfully.----
29
30Now you should be able to visit the admin portal at http://192.168.61.11.
31For more details, please visit https://github.com/vmware/harbor .
harbor的nginx组件默认监听80端口,直接在浏览器打开http://192.168.61.11,输入默认用户名密码admin/Harbor12345. 即可打开Harbor的管理UI界面。
Harbor组件启动和停止 #
1cd harbor/
2ls
3common docker-compose.notary.yml docker-compose.yml harbor_1_1_0_template harbor.cfg harbor.v1.1.2.tar.gz install.sh LICENSE NOTICE prepare upgrade
4
5docker-compose stop
6
7docker-compose start
更新Harbor的配置 #
例如要修改harbor的nginx组件端口为8090。
修改docker-compose.yml文件:
1proxy:
2 image: vmware/nginx:1.11.5-patched
3 container_name: nginx
4 restart: always
5 volumes:
6 - ./common/config/nginx:/etc/nginx:z
7 networks:
8 - harbor
9 ports:
10 - 8090:80
修改harbor.cfg:
1hostname = 192.168.61.11:8090
因为修改了配置需要重新prepare:
1docker-compose down -v
2
3./prepare
4
5docker-compose up -d
使用docker client测试 #
因为docker客户端默认采用https访问docker registry,而我们默认安装的Harbor并没有启用https。 我们这里简单测试,因此可以在Docker客户端所在的机器修改/etc/docker/daemon.json:
1{
2 "insecure-registries": ["192.168.61.11:8090"]
3}
重启改机器上的Docker:
1systemctl restart docker
测试:
1docker login -u admin -p Harbor12345 192.168.61.11:8090
2Login Succeeded
3
4docker pull alpine
5docker tag alpine 192.168.61.11:8090/library/alpine
6
7docker push 192.168.61.11:8090/library/alpine
至此Harbor已经快速run起来了,基本的使用快速过一遍Harbor User Guide。