企业级Docker镜像仓库Harbor部署记录

2017-06-23 阅读: Harbor

我们一直使用Docker官方的Registry v2搭建我们的私有Docker镜像仓库。 最近我们打算使用Harbor这个VMware China开源的企业级镜像仓库,实际上Harbor以Docker官方的Registry为基础,在其上增加了管理UI、访问控制等企业用户需要的功能。

Harbor官方发布的版本使用docker-compose来编排Harbor的各个组件(容器),本着快速开始的策略,我们先基于这种形式快速在一个主机上将Harbor跑起来,好进行后续的学习。

实验环境

我们使用一台CentOS 7主机来部署Harbor:

CentOS 7.3 192.168.61.11

这台主机上已经事先安装好了Docker CE 17.03:

docker version
Client:
 Version:      17.03.1-ce
 API version:  1.27
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Mon Mar 27 17:05:44 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.1-ce
 API version:  1.27 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   c6d412e
 Built:        Mon Mar 27 17:05:44 2017
 OS/Arch:      linux/

接下来我们按照docker-compose:

curl -L https://github.com/docker/compose/releases/download/1.14.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose

chmod +x /usr/local/bin/docker-compose

docker-compose -v
docker-compose version 1.14.0, build c7bdf9e

最后我们确认一下主机上的python版本:

python --version
Python 2.7.5

缺省安装Harbor

下载Harbor的离线安装包:

wget https://github.com/vmware/harbor/releases/download/v1.1.2/harbor-offline-installer-v1.1.2.tgz

tar -zxvf harbor-offline-installer-v1.1.2.tgz

cd harbor/
ls
common  docker-compose.notary.yml  docker-compose.yml  harbor_1_1_0_template  harbor.cfg  harbor.v1.1.2.tar.gz  install.sh  LICENSE  NOTICE  prepare  upgrade

修改harbor.cfg:

hostname = 192.168.61.11
  • 由于这里是内网的主机,我们先设置hostname为主机的ip

运行安装包中的install.sh:

./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 17.03.1

Note: docker-compose version: 1.14.0

[Step 1]: loading Harbor images ...
......
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ...
Creating harbor-log ... done
Creating registry ...
Creating harbor-db ...
Creating harbor-adminserver ...
Creating registry
Creating harbor-db
Creating harbor-adminserver ... done
Creating harbor-ui ...
Creating harbor-ui ... done
Creating nginx ...
Creating harbor-jobservice ...
Creating nginx
Creating harbor-jobservice ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://192.168.61.11.
For more details, please visit https://github.com/vmware/harbor .

harbor的nginx组件默认监听80端口,直接在浏览器打开http://192.168.61.11,输入默认用户名密码admin/Harbor12345. 即可打开Harbor的管理UI界面。

Harbor组件启动和停止

cd harbor/
ls
common  docker-compose.notary.yml  docker-compose.yml  harbor_1_1_0_template  harbor.cfg  harbor.v1.1.2.tar.gz  install.sh  LICENSE  NOTICE  prepare  upgrade

docker-compose stop

docker-compose start

更新Harbor的配置

例如要修改harbor的nginx组件端口为8090。

修改docker-compose.yml文件:

proxy:
    image: vmware/nginx:1.11.5-patched
    container_name: nginx
    restart: always
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    ports:
      - 8090:80

修改harbor.cfg:

hostname = 192.168.61.11:8090

因为修改了配置需要重新prepare:

docker-compose down -v

./prepare

docker-compose up -d

使用docker client测试

因为docker客户端默认采用https访问docker registry,而我们默认安装的Harbor并没有启用https。 我们这里简单测试,因此可以在Docker客户端所在的机器修改/etc/docker/daemon.json:

{
    "insecure-registries": ["192.168.61.11:8090"]
}

重启改机器上的Docker:

systemctl restart docker

测试:

docker login -u admin -p Harbor12345 192.168.61.11:8090
Login Succeeded

docker pull alpine
docker tag alpine 192.168.61.11:8090/library/alpine

docker push 192.168.61.11:8090/library/alpine

至此Harbor已经快速run起来了,基本的使用快速过一遍Harbor User Guide

参考

标题:企业级Docker镜像仓库Harbor部署记录
本文链接:https://blog.frognew.com/2017/06/install-harbor.html
转载请注明出处。

目录