centos7 离线安装自签名harbor
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos7 离线安装自签名harbor相关的知识,希望对你有一定的参考价值。
安装docker,git
yum install docker docker-logrotate git -y
安装docker-compose
yum install python-virtualenv -y virtualenv ven_harbor source ven_harbor/bin/activate pip install --upgrade pip pip install docker-compose
下载harbor
wget https://github.com/vmware/harbor/releases/download/0.4.1/harbor-offline-installer-0.4.1.tgz tar xvzf harbor-offline-installer-0.4.1.tgz
生成自签名证书
mkdir ca cd ca openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt openssl req -newkey rsa:4096 -nodes -sha256 -keyout yourdomain.com.key -out yourdomain.com.csr touch /etc/pki/CA/index.txt echo ‘01‘ > /etc/pki/CA/serial openssl ca -in yourdomain.com.csr -out yourdomain.com.crt -cert ca.crt -keyfile ca.key -outdir .
安装harbor
cd harbor/config/nginx cp ~/ca/yourdomain.com.crt cert/ cp ~/ca/yourdomain.com.key cert/ mv nginx.conf nginx.conf.bak cp nginx.https.conf nginx.conf sed -i s/harbordomain.com/yourdomain.com/g nginx.conf sed -i s/harbordomain/yourdomain.com/g nginx.conf # 编辑 ~/harbor/harbor.cfg hostname = yourdomain.com ui_url_protocol = https harbor_admin_password = Harbor12345 auth_mode = db_auth db_password = root123 # 安装harbor ./install.sh
配置client
将-insecure-registry从docker配置文件中移除,重启docker
复制ca.crt到client
mkdir -p /etc/docker/certs.d/yourdomain.com cp ca.crt /etc/docker/certs.d/yourdomain.com
创建项目
使用http://yourdomain.com 登录 harbor,会自动重定向到 https://yourdomain.com
创建项目test
将镜像推送到harbor中
docker login yourdomain.com docker tag centos:7 yourdomain.com/test/centos:7 docker push yourdomain.com/test/centos:7
本文出自 “武陵荒草” 博客,请务必保留此出处http://penguintux.blog.51cto.com/3021117/1864615
以上是关于centos7 离线安装自签名harbor的主要内容,如果未能解决你的问题,请参考以下文章