Openshift 和Harbor的集成

Posted 2021-01-26 ericnie

 

1.安装配置Harbor

环境rhel 7.6 

• 安装docker,python
• 安装docker-compose

sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

chmod +x /usr/local/docker-compose

[[email protected] harbor]# docker-compose version
docker-compose version 1.21.2, build a133471
docker-py version: 3.3.0
CPython version: 3.6.5
OpenSSL version: OpenSSL 1.0.1t  3 May 2016

 

• 下载harbor

https://github.com/goharbor/harbor/releases

我选择的是harbor-offline-installer-v1.6.2.tgz, 之前 1.5的版本没有镜像了，所以建议选择新一点的。

tar -xvf harbor-offline-installer-v1.6.2.tgz

 

• 修改配置harbor.cfg，我就修改了hostname

[[email protected] harbor]# cat harbor.cfg
## Configuration file of Harbor

#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version = 1.6.0
#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname = 192.168.56.107:8060

#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = http

#Maximum number of job workers in job service  
max_job_workers = 10 

• 修改配置docker-compose.yml,将端口映射修改为8060

    networks:
      - harbor
    ports:
      - 8060:80
      - 443:443
      - 4443:4443

• 根据docker-compose.yml中的镜像把镜像下载到本地

[[email protected] ~]# docker images
REPOSITORY                              TAG                 IMAGE ID            CREATED             SIZE
docker.io/openjdk                       latest              8e7eacedab93        5 days ago          986 MB
docker.io/goharbor/redis-photon         v1.6.2              473bfdd9d245        3 weeks ago         210 MB
docker.io/goharbor/registry-photon      v2.6.2-v1.6.2       62c30cdb384a        3 weeks ago         196 MB
docker.io/goharbor/nginx-photon         v1.6.2              c0602500e829        3 weeks ago         132 MB
docker.io/goharbor/harbor-log           v1.6.2              781ee4ceb5d3        3 weeks ago         197 MB
docker.io/goharbor/harbor-jobservice    v1.6.2              3419a2276f96        3 weeks ago         192 MB
docker.io/goharbor/harbor-ui            v1.6.2              66268686bb96        3 weeks ago         215 MB
docker.io/goharbor/harbor-adminserver   v1.6.2              4024440925a4        3 weeks ago         181 MB
docker.io/goharbor/harbor-db            v1.6.2              0ed4186be0d1        3 weeks ago         219 MB

 

• 修改docker配置 /etc/sysconfig/docker，主要是OPTIONS,ADD_REGISTRY,INSECURE_REGISTRY

[[email protected] harbor]# cat /etc/sysconfig/docker
# /etc/sysconfig/docker

# Modify these options if you want to change the way the docker daemon runs
OPTIONS=‘--selinux-enabled=false --log-driver=journald --insecure-registry=192.168.56.107:8060‘
if [ -z "${DOCKER_CERT_PATH}" ]; then
    DOCKER_CERT_PATH=/etc/docker
fi

# Do not add registries in this file anymore. Use /etc/containers/registries.conf
# instead. For more information reference the registries.conf(5) man page.
ADD_REGISTRY=‘--add-registry 192.168.56.107:8060‘
INSECURE_REGISTRY=‘--insecure-registry=192.168.56.107:8060‘

# Location used for temporary files, such as those created by
# docker load and build operations. Default is /var/lib/docker/tmp
# Can be overriden by setting the following environment variable.
# DOCKER_TMPDIR=/var/tmp

# Controls the /etc/cron.daily/docker-logrotate cron job status.
# To disable, uncomment the line below.
# LOGROTATE=false

• 重启docker服务

systemctl daemon-reload
systemctl restart docker.service

• 安装

[[email protected] harbor]# ./prepare
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.

[[email protected] harbor]# ./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 1.13.1

Note: docker-compose version: 1.21.2

[Step 1]: loading Harbor images ...
Loaded image: goharbor/registry-photon:v2.6.2-v1.6.2
0155cb3a636c: Loading layer [==================================================>] 23.38 MB/23.38 MB
62f917db5fed: Loading layer [==================================================>] 12.16 MB/12.16 MB
2e192a070c25: Loading layer [==================================================>]  17.3 MB/17.3 MB
64fa72e486ec: Loading layer [==================================================>] 11.26 kB/11.26 kB
23afd47b0f1a: Loading layer [==================================================>] 3.072 kB/3.072 kB
3fa7415d357e: Loading layer [==================================================>] 29.46 MB/29.46 MB
Loaded image: goharbor/notary-server-photon:v0.5.1-v1.6.2
2f06068ec40a: Loading layer [==================================================>]   158 MB/158 MB
d6e5bcc842f3: Loading layer [==================================================>] 10.93 MB/10.93 MB
c272c6b03ae0: Loading layer [==================================================>] 2.048 kB/2.048 kB
7b0653de0007: Loading layer [==================================================>] 48.13 kB/48.13 kB
484f0b8e979d: Loading layer [==================================================>] 3.072 kB/3.072 kB
72004696fb26: Loading layer [==================================================>] 10.98 MB/10.98 MB

 

• 验证

[[email protected] harbor]# docker-compose ps
       Name                     Command                  State                                     Ports                               
---------------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/start.sh                 Up (healthy)                                                                     
harbor-db            /entrypoint.sh postgres          Up (healthy)   5432/tcp                                                          
harbor-jobservice    /harbor/start.sh                 Up                                                                               
harbor-log           /bin/sh -c /usr/local/bin/ ...   Up (healthy)   127.0.0.1:1514->10514/tcp                                         
harbor-ui            /harbor/start.sh                 Up (healthy)                                                                     
nginx                nginx -g daemon off;             Up (healthy)   0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:8060->80/tcp
redis                docker-entrypoint.sh redis ...   Up             6379/tcp                                                          
registry             /entrypoint.sh /etc/regist ...   Up (healthy)   5000/tcp       

 

登录192.168.56.107:8060, admin/Harbor12345

添加用户，添加项目，然后push镜像验证。