利用阿里云ECS部署自己的私有harbor镜像仓库

Posted 大聪明Smart

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了利用阿里云ECS部署自己的私有harbor镜像仓库相关的知识,希望对你有一定的参考价值。

利用阿里云ECS部署自己的私有harbor镜像仓库

harbor简介

  • 虽然Docker官方提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署我们私有环境内的Registry也是非常必要的。
  • Harbor是由VMware公司开源的企业级的Docker Registry管理项目,相比docker官方拥有更丰富的权限权利和完善的架构设计,适用大规模docker集群部署提供仓库服务。
  • 它主要提供 Dcoker Registry 管理界面UI,可基于角色访问控制,镜像复制, AD/LDAP 集成,日志审核等功能,完全的支持中文。
    在这里插入图片描述

harbor的部署

安装依赖

harbor是依赖于docker和docker-compose的,所以先安装它俩

阿里云180端口放行

安装docker

# epel源
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install epel-release -y
Repository epel is listed more than once in the configuration
Last metadata expiration check: 2:47:33 ago on Wed 16 Jun 2021 03:07:22 PM CST.
Package epel-release-8-10.el8.noarch is already installed.
Dependencies resolved.
Nothing to do.
Complete!


# 安装docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install -y yum-utils
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum list docker-ce --showduplicate
Repository epel is listed more than once in the configuration
Docker CE Stable - x86_64                                                     78 kB/s |  14 kB     00:00    
Available Packages
docker-ce.x86_64                              3:19.03.13-3.el8                               docker-ce-stable
docker-ce.x86_64                              3:19.03.14-3.el8                               docker-ce-stable
docker-ce.x86_64                              3:19.03.15-3.el8                               docker-ce-stable
docker-ce.x86_64                              3:20.10.0-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.1-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.2-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.3-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.4-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.5-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.6-3.el8                                docker-ce-stable
docker-ce.x86_64                              3:20.10.7-3.el8                                docker-ce-stable
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# yum install docker-ce -y



# 开机自启动
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl enable docker
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service.
# 启动docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl start docker
# 配置
[root@iZuf6g4e6vhdv58sz2z1klZ ~]#vi /etc/docker/daemon.json
{
	"graph": "/mydata/docker",
	"storage-driver": "overlay2",
	"insecure-registries": ["registry.access.redhat.com", "quay.io", "harbor.liboer.top"],  # 在此处让你的域名受信任,如果你配了ssl证书可以不用写
	"registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com/"],
    "bip": "172.17.0.1/24",
    "exec-opts": ["native.cgroupdriver=systemd"],
    "live-restore":true
}

# 启动docker
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl daemon-reload
[root@iZuf6g4e6vhdv58sz2z1klZ ~]# systemctl restart docker

# 查看版本
docker --version

安装docker-compose

[root@aliyun ~]# curl -L https://github.com/docker/compose/releases/download/1.25.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   633  100   633    0     0   1128      0 --:--:-- --:--:-- --:--:--  1128
100 16.2M  100 16.2M    0     0   749k      0  0:00:22  0:00:22 --:--:-- 3145k
[root@aliyun ~]# chmod +x /usr/local/bin/docker-compose
[root@aliyun ~]# docker-compose --version
docker-compose version 1.25.0, build 0a186604

安装harbor

[root@hdss12-200 ~]# cd /opt
[root@hdss12-200 opt]# mkdir src
[root@hdss12-200 opt]# cd src
[root@hdss12-200 src]# wget https://github.com/goharbor/harbor/releases/download/v1.9.4/harbor-offline-installer-v1.9.4.tgz
[root@hdss12-200 src]# ls
harbor-offline-installer-v1.9.4.tgz
[root@hdss12-200 src]# tar xf harbor-offline-installer-v1.9.4.tgz -C /opt/
[root@hdss12-200 src]# cd /opt/
[root@hdss12-200 opt]# ll
total 0
drwxr-xr-x. 2 root root  71 Jun 19 02:20 certs
drwx--x--x. 4 root root  28 Jun 19 02:50 containerd
drwxr-xr-x  2 root root 100 Jun 19 04:26 harbor
drwxr-xr-x  2 root root  49 Jun 19 04:07 src
[root@hdss12-200 opt]# mv harbor /opt/harbor-v1.9.4
# 软连接
[root@hdss12-200 opt]# ln -s /opt/harbor-v1.9.4 /opt/harbor
[root@hdss12-200 opt]# ll
total 0
drwxr-xr-x. 2 root root  71 Jun 19 02:20 certs
drwx--x--x. 4 root root  28 Jun 19 02:50 containerd
lrwxrwxrwx  1 root root  18 Jun 19 04:27 harbor -> /opt/harbor-v1.9.4
drwxr-xr-x  2 root root 100 Jun 19 04:26 harbor-v1.9.4
drwxr-xr-x  2 root root  49 Jun 19 04:07 src
[root@hdss12-200 opt]# vim /opt/harbor/harbor.yml
hostname: harbor.liboer.top
http:
  port: 180
data_volume: /mydata/harbor
location: /mydata/harbor/logs
[root@hdss12-200 ~]# mkdir -p /mydata/harbor /mydata/harbor/logs
[root@hdss12-200 ~]# cd /opt/harbor/
[root@hdss12-200 ~]# systemctl restart  docker
[root@hdss12-200 harbor]# ./install.sh
[root@hdss12-200 harbor]# docker ps -a
[root@hdss12-200 harbor]# yum install nginx -y
# 在nginx上添加一个server
server {
    listen       80;
    server_name  harbor.liboer.top;
    
    client_max_body_size 1000m;

    location / {
        proxy_pass http://127.0.0.1:180;
    }
}

harbor的一些镜像

[root@aliyun harbor-v1.9.4]# docker ps -a
CONTAINER ID   IMAGE                                                    COMMAND                  CREATED          STATUS                     PORTS                                     NAMES
0e86a8db6253   goharbor/nginx-photon:v1.9.4                             "nginx -g 'daemon of…"   13 minutes ago   Up 13 minutes (healthy)    0.0.0.0:180->8080/tcp, :::180->8080/tcp   nginx
f5a364606d76   goharbor/harbor-jobservice:v1.9.4                        "/harbor/harbor_jobs…"   13 minutes ago   Up 13 minutes (healthy)                                              harbor-jobservice
972a7a00ffcf   goharbor/harbor-core:v1.9.4                              "/harbor/harbor_core"    13 minutes ago   Up 13 minutes (healthy)                                              harbor-core
d6d338f6ebd7   goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.9.4   "/entrypoint.sh /etc…"   13 minutes ago   Up 13 minutes (healthy)    5000/tcp                                  registry
db6f600d19d5   goharbor/harbor-registryctl:v1.9.4                       "/harbor/start.sh"       13 minutes ago   Up 13 minutes (healthy)                                              registryctl
467f4455614a   goharbor/harbor-db:v1.9.4                                "/docker-entrypoint.…"   13 minutes ago   Up 13 minutes (healthy)    5432/tcp                                  harbor-db
e7bd7b41ca61   goharbor/harbor-portal:v1.9.4                            "nginx -g 'daemon of…"   13 minutes ago   Up 13 minutes (healthy)    8080/tcp                                  harbor-portal
02456f6a16ca   goharbor/redis-photon:v1.9.4                             "redis-server /etc/r…"   13 minutes ago   Up 13 minutes (healthy)    6379/tcp                                  redis
97075c4f04a7   goharbor/harbor-log:v1.9.4                               "/bin/sh -c /usr/loc…"   13 minutes ago   Up 13 minutes (healthy)    127.0.0.1:1514->10514/tcp                 harbor-log

浏览器访问

http://harbor.liboer.top

用户名:admin

密码:/opt/harbor/harbor.yml中你修改的密码

即可登入

向harbor推送nginx镜像

新建一个公共仓库public,然后像public推送镜像

 ~]# docker pull nginx:1.7.9
 ~]# docker tag nginx:1.7.9  harbor.liboer.top/public/nginx:v1.7.9
 ~]# docker login harbor.liboer.top
 ~]# docker push harbor.liboer.top/public/nginx:v1.7.9

此时查看你的harbor仓库,已经推送过来

以上是关于利用阿里云ECS部署自己的私有harbor镜像仓库的主要内容,如果未能解决你的问题,请参考以下文章

docker仓库使用+harbor私有仓库部署

K8S部署Harbor仓库实战

Docker--Harbor私有仓库

利用 Harbor 搭建企业级私有镜像仓库(文末赠书)

Docker学习笔记 —— 镜像仓库制作(公有+私有+Harbor)

Docker学习笔记 —— 镜像仓库制作(公有+私有+Harbor)