利用阿里云ECS部署自己的私有harbor镜像仓库
Posted 大聪明Smart
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了利用阿里云ECS部署自己的私有harbor镜像仓库相关的知识,希望对你有一定的参考价值。
文章目录
利用阿里云ECS部署自己的私有harbor镜像仓库
harbor简介
- 虽然Docker官方提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署我们私有环境内的Registry也是非常必要的。
- Harbor是由VMware公司开源的企业级的Docker Registry管理项目,相比docker官方拥有更丰富的权限权利和完善的架构设计,适用大规模docker集群部署提供仓库服务。
- 它主要提供 Dcoker Registry 管理界面UI,可基于角色访问控制,镜像复制, AD/LDAP 集成,日志审核等功能,完全的支持中文。
harbor的部署
安装依赖
harbor是依赖于docker和docker-compose的,所以先安装它俩
阿里云180端口放行
安装docker
# epel源
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install epel-release -y
Repository epel is listed more than once in the configuration
Last metadata expiration check: 2:47:33 ago on Wed 16 Jun 2021 03:07:22 PM CST.
Package epel-release-8-10.el8.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!
# 安装docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install -y yum-utils
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum list docker-ce --showduplicate
Repository epel is listed more than once in the configuration
Docker CE Stable - x86_64 78 kB/s | 14 kB 00:00
Available Packages
docker-ce.x86_64 3:19.03.13-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.14-3.el8 docker-ce-stable
docker-ce.x86_64 3:19.03.15-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.0-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.1-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.2-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.3-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.4-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.5-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.6-3.el8 docker-ce-stable
docker-ce.x86_64 3:20.10.7-3.el8 docker-ce-stable
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install docker-ce -y
# 开机自启动
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
# 启动docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl start docker
# 配置
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#vi /etc/docker/daemon.json
{
"graph": "/mydata/docker",
"storage-driver": "overlay2",
"insecure-registries": ["registry.access.redhat.com", "quay.io", "harbor.liboer.top"], # 在此处让你的域名受信任,如果你配了ssl证书可以不用写
"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com/"],
"bip": "172.17.0.1/24",
"exec-opts": ["native.cgroupdriver=systemd"],
"live-restore":true
}
# 启动docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl daemon-reload
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl restart docker
# 查看版本
docker --version
安装docker-compose
[root@aliyun ~]# curl -L https://github.com/docker/compose/releases/download/1.25.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 633 100 633 0 0 1128 0 --:--:-- --:--:-- --:--:-- 1128
100 16.2M 100 16.2M 0 0 749k 0 0:00:22 0:00:22 --:--:-- 3145k
[root@aliyun ~]# chmod +x /usr/local/bin/docker-compose
[root@aliyun ~]# docker-compose --version
docker-compose version 1.25.0, build 0a186604
安装harbor
[root@hdss12-200 ~]# cd /opt
[root@hdss12-200 opt]# mkdir src
[root@hdss12-200 opt]# cd src
[root@hdss12-200 src]# wget https://github.com/goharbor/harbor/releases/download/v1.9.4/harbor-offline-installer-v1.9.4.tgz
[root@hdss12-200 src]# ls
harbor-offline-installer-v1.9.4.tgz
[root@hdss12-200 src]# tar xf harbor-offline-installer-v1.9.4.tgz -C /opt/
[root@hdss12-200 src]# cd /opt/
[root@hdss12-200 opt]# ll
total 0
drwxr-xr-x. 2 root root 71 Jun 19 02:20 certs
drwx--x--x. 4 root root 28 Jun 19 02:50 containerd
drwxr-xr-x 2 root root 100 Jun 19 04:26 harbor
drwxr-xr-x 2 root root 49 Jun 19 04:07 src
[root@hdss12-200 opt]# mv harbor /opt/harbor-v1.9.4
# 软连接
[root@hdss12-200 opt]# ln -s /opt/harbor-v1.9.4 /opt/harbor
[root@hdss12-200 opt]# ll
total 0
drwxr-xr-x. 2 root root 71 Jun 19 02:20 certs
drwx--x--x. 4 root root 28 Jun 19 02:50 containerd
lrwxrwxrwx 1 root root 18 Jun 19 04:27 harbor -> /opt/harbor-v1.9.4
drwxr-xr-x 2 root root 100 Jun 19 04:26 harbor-v1.9.4
drwxr-xr-x 2 root root 49 Jun 19 04:07 src
[root@hdss12-200 opt]# vim /opt/harbor/harbor.yml
hostname: harbor.liboer.top
http:
port: 180
data_volume: /mydata/harbor
location: /mydata/harbor/logs
[root@hdss12-200 ~]# mkdir -p /mydata/harbor /mydata/harbor/logs
[root@hdss12-200 ~]# cd /opt/harbor/
[root@hdss12-200 ~]# systemctl restart docker
[root@hdss12-200 harbor]# ./install.sh
[root@hdss12-200 harbor]# docker ps -a
[root@hdss12-200 harbor]# yum install nginx -y
# 在nginx上添加一个server
server {
listen 80;
server_name harbor.liboer.top;
client_max_body_size 1000m;
location / {
proxy_pass http://127.0.0.1:180;
}
}
harbor的一些镜像
[root@aliyun harbor-v1.9.4]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0e86a8db6253 goharbor/nginx-photon:v1.9.4 "nginx -g 'daemon of…" 13 minutes ago Up 13 minutes (healthy) 0.0.0.0:180->8080/tcp, :::180->8080/tcp nginx
f5a364606d76 goharbor/harbor-jobservice:v1.9.4 "/harbor/harbor_jobs…" 13 minutes ago Up 13 minutes (healthy) harbor-jobservice
972a7a00ffcf goharbor/harbor-core:v1.9.4 "/harbor/harbor_core" 13 minutes ago Up 13 minutes (healthy) harbor-core
d6d338f6ebd7 goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.9.4 "/entrypoint.sh /etc…" 13 minutes ago Up 13 minutes (healthy) 5000/tcp registry
db6f600d19d5 goharbor/harbor-registryctl:v1.9.4 "/harbor/start.sh" 13 minutes ago Up 13 minutes (healthy) registryctl
467f4455614a goharbor/harbor-db:v1.9.4 "/docker-entrypoint.…" 13 minutes ago Up 13 minutes (healthy) 5432/tcp harbor-db
e7bd7b41ca61 goharbor/harbor-portal:v1.9.4 "nginx -g 'daemon of…" 13 minutes ago Up 13 minutes (healthy) 8080/tcp harbor-portal
02456f6a16ca goharbor/redis-photon:v1.9.4 "redis-server /etc/r…" 13 minutes ago Up 13 minutes (healthy) 6379/tcp redis
97075c4f04a7 goharbor/harbor-log:v1.9.4 "/bin/sh -c /usr/loc…" 13 minutes ago Up 13 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log
浏览器访问
http://harbor.liboer.top
用户名:admin
密码:/opt/harbor/harbor.yml中你修改的密码
即可登入
向harbor推送nginx镜像
新建一个公共仓库public,然后像public推送镜像
~]# docker pull nginx:1.7.9
~]# docker tag nginx:1.7.9 harbor.liboer.top/public/nginx:v1.7.9
~]# docker login harbor.liboer.top
~]# docker push harbor.liboer.top/public/nginx:v1.7.9
此时查看你的harbor仓库,已经推送过来
以上是关于利用阿里云ECS部署自己的私有harbor镜像仓库的主要内容,如果未能解决你的问题,请参考以下文章