安装docker,官网,这里主要是docker-compose. yum install epel-release yum install python-pip -y pip install --upgrade pip pip install docker-compose docker-compose -v wget http:///harbor-v1.4.0/harbor-offline-installer-v1.4.0.tgz 1 采用HTTPS,这里主要是证书的生成过程。 openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt -subj "/C=CN/L=shenzhen/O=we2tu/CN=harbor-registry" openssl req -newkey rsa:4096 -nodes -sha256 -keyout .key -out server.csr -subj "/C=CN/L=shenzhen/O=we2tu/CN=" openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out .crt
2 关于配置文件的修改:
vim harbor.cfg
1 hostname
2 证书位置:上述搭建完毕后,需要在客户端设置仓库地址,并加载证书:
[root@node200 ]# scp root@172.17.0.207:/data/cert/harbor.we2tucom.crt .
The authenticity of host '172.17.0.207 (172.17.0.207)' can't be established.
ECDSA key fingerprint is SHA256:HQSZIXbDyL10+dSUzcN+rgvPVFA8gnmixkIpnZDG9NY.
ECDSA key fingerprint is MD5:1b:48:82:27:a4:97:19:9e:80:b0:c4:69:69:e8:45:60.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.17.0.207' (ECDSA) to the list of known hosts.
root@172.17.0.207's password:
harbor.we2tucom.crt 100% 1818 836.6KB/s 00:00
[root@node200 ]# ls
harbor.we2tucom.crt,
[root@node200 ]# docker login
#docker login -u admin -p Harbor12345 ip地址这个是无交互的操作,也是一种方式。
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@node200 ]# pwd
/etc/docker/certs.d/ 证书的位置,注意此目录没有需要创建,我这里是centos7.5
[root@node200 ]# ls
harbor.we2tucom.crt
演示上传下载镜像:
[root@node206 ~]# docker tag nginx:latest /java/nginx:latest
[root@node206 ~]# docker push /java/nginx:latest
The push refers to repository [/java/nginx]
579c75bb43c0: Pushed
67d3ae5dfa34: Pushed
8b15606a9e3e: Pushed
latest: digest: sha256:c0b69559d28fb325a64c6c8f47d14c26b95aa047312b29c699da10380e90b4d7 size: 948
如果是docker 原生registry,客户端需要编辑文档: xtadmin@docker960:~$ vim /etc/docker/daemon.json 这个是ubuntu安装的docker
{
"bip":"192.168.39.1/24", "insecure-registries": [ ":5000" ],
"registry-mirrors": [ "http://04be47cf.m.daocloud.io" ]
}
参考链接
https://blog.csdn.net/qq_35959573/article/details/80664353
https:///goharbor/harbor/blob/master/docs/configure_https.md
http://blog.51cto.com/yanconggod/2104447
http://blog.51cto.com/10880347/2326146 kubernetes 1.13 的安装和部署过程
