长沙网站建设公司有哪些,网站要怎么创建,wordpress福利,快速建站代理【Docker】从零开始#xff1a;11.Harbor搭建企业镜像仓库 1. Harbor介绍2. 软硬件要求(1). 硬件要求(2). 软件要求 3.Harbor优势4.Harbor的误区5.Harbor的几种安装方式6.在线安装(1).安装composer(2).配置内核参数,开启路由转发(3).下载安装包并解压(4).创建并修改配置文件(5… 【Docker】从零开始11.Harbor搭建企业镜像仓库 1. Harbor介绍2. 软硬件要求(1). 硬件要求(2). 软件要求 3.Harbor优势4.Harbor的误区5.Harbor的几种安装方式6.在线安装(1).安装composer(2).配置内核参数,开启路由转发(3).下载安装包并解压(4).创建并修改配置文件(5).生成各个组件的配置(6).安装Harbor(7).查看Harbor服务状态(8).登录Harbor UI界面 7.离线安装(1).安装composer(2).配置内核参数,开启路由转发(3).下载安装包并解压(4).创建并修改配置文件(5).加载Harbor所需的镜像(6)把配置文件注入到Harbor(7).安装Harbor(8).查看Harbor服务状态(9).登录Harbor UI界面 8.相关命令(1).停止所有Hoabor(2).启动所有Harbor(3).卸载Harbor 1. Harbor介绍
Harbor是由VMware公司中国团队开发的一个企业级Registry项目可用于搭建企业内部的容器镜像仓库。Harbor在Docker Registry的基础上增加了企业用户所需的权限控制、安全漏洞扫描、日志审核和远程复制等重要功能还提供了图形管理界面及面向国内用户的中文支持开源后便迅速业内流行开来成为中国云原生用户的主流容器镜像仓库。
2018年7月Harbor正式进入CNCF(谷歌创办的云原生基金会旗下项目包括Kubernetes、Prometheus等世界级产品并在2020年6月顺利毕业成为了CNCF首个来自中国的开源项目。 Harbor的架构如下图所示其中Core services为Harbor的核心模块主要包括UI、token和webhook三个组件。UI提供图形化界面辅助用户管理镜像webhook 用于及时 获取Registry上镜像状态的变化情况并传递给其他模块token组件用于提供验证令牌。
另外还有Job service用于多个Harbor间的镜像同步功能Log collector用于日志收集和审核功能。 除了自身组件外Harbor也需要使用到一些外部组件如使用Nginx作为代理、Registry v2作为镜像存储、PostgreSQL作为数据库等等。
harbor的每个组件都是以Docker容器的形式进行部署可以使用Docker Compose来进行统一管理。
2. 软硬件要求
(1). 硬件要求
硬件最低配置推荐配置CPU2CPU4CPU内存4GB8GB磁盘40G160G
注硬件配置只是官方提供的一个参考生产环境还需要根据实际情况进行容量规划。
(2). 软件要求
软件版本Docker17.06.0-ce版或更高版本Docker Compose1.18.0或更高Openssl首选最新版本
3.Harbor优势
基于角色控制用户和仓库都是基于项目进行组织的而用户在项目中可以拥有不同的权限。基于镜像的复制策略镜像可以在多个Harbor实例之间进行复制同步。支持 LDAP/ADHarbor 可以集成企业内部已有的 AD/LDAP类似数据库的一张表用于对已经存在的用户认证和管理。镜像删除和垃圾回收镜像可以被删除也可以回收镜像占用的空间。图形化用户界面用户可以通过浏览器来浏览搜索镜像仓库以及对项目进行管理。审计管理所有针对镜像仓库的操作都可以被记录追溯用于审计管理。支持 RESTful APIRESTful API 提供给管理员对于 Harbor 更多的操控, 使得与其它管理软件集成变得更容易。Harbor和docker registry的关系Harbor实质上是对docker registry做了封装扩展了自己的业务模板。
4.Harbor的误区 误区一: Harbor是负责存储容器镜像的 (Harbor是镜像仓库那么它就应当是存储镜像的),其实关于镜像的存储Harbor使用的是官方的docker registry服务去完成至于registry是用本地存储或者s3都是可以的Harbor的功能是在此之上提供用户权限管理、镜像复制等功能提高使用的registry的效率。 误区二Harbor镜像复制是存储直接复制 (镜像的复制很多人以为应该是镜像分层文件的直接拷贝),其实Harbor镜像复制采用了一个更加通用、高屋建瓴的做法通过docker registry 的API去拷贝这不是省事这种做法屏蔽了繁琐的底层文件操作、不仅可以利用现有docker registry功能不必重复造轮子而且可以解决冲突和一致性的问题。
5.Harbor的几种安装方式 Harbor提供以下几种安装方式以适应不同的安装环境。 在线安装适合初学者快速搭建一个Harbor仓库简单快速安装过程需要从官方拉取镜像资源包带online。离线安装适合公司内网环境离线安装包装载了安装过程需要的镜像自动导入资源包带offline。源码安装适合开发者对Harbor进行开发和测试通过编译源码到本地进行安装安装条件较苛刻需要了解Harbor底层原理和实现方式的可选择源码安装的方式Heml Chart通过Heml安装Harbor到kubernetes集群Operater安装 Harbor Operator提供了可深度定制的能力用户通过配置顶级 CRD HarborCluster根据实际需要定义和配置自己的 Harbor 组件。
6.在线安装
(1).安装composer
[rootdocker ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 56.9M 100 56.9M 0 0 7515k 0 0:00:07 0:00:07 --:--:-- 8608k
[rootdocker ~]# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[rootdocker ~]# chmod x /usr/local/bin/docker-compose
[rootdocker ~]# docker-compose -v
Docker Compose version v2.23.3
[rootdocker ~]# (2).配置内核参数,开启路由转发
[rootdocker ~]# cat /etc/sysctl.conf EOF
net.ipv4.ip_forward 1
net.bridge.bridge-nf-call-ip6tables 1
net.bridge.bridge-nf-call-iptables 1
EOF
[rootdocker ~]# sysctl -p
net.ipv4.ip_forward 1
net.bridge.bridge-nf-call-ip6tables 1
net.bridge.bridge-nf-call-iptables 1
[rootdocker ~]# (3).下载安装包并解压
[rootdocker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-online-installer-v2.3.5.tgz
--2023-11-25 11:17:20-- https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-online-installer-v2.3.5.tgz
正在解析主机 github.com (github.com)... 20.205.243.166
正在连接 github.com (github.com)|20.205.243.166|:443... 已连接。
已发出 HTTP 请求正在等待回应... 302 Found
位置https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/a0e72e1f-a016-4389-a1cb-79923e1716d1?X-Amz-AlgorithmAWS4-HMAC-SHA256X-Amz-CredentialAKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_requestX-Amz-Date20231125T031720ZX-Amz-Expires300X-Amz-Signaturec042a464262142717bb1dec5e7a19755dfe656cfb86c96179620268d5af59115X-Amz-SignedHeadershostactor_id0key_id0repo_id50613991response-content-dispositionattachment%3B%20filename%3Dharbor-online-installer-v2.3.5.tgzresponse-content-typeapplication%2Foctet-stream [跟随至新的 URL]
--2023-11-25 11:17:21-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/a0e72e1f-a016-4389-a1cb-79923e1716d1?X-Amz-AlgorithmAWS4-HMAC-SHA256X-Amz-CredentialAKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_requestX-Amz-Date20231125T031720ZX-Amz-Expires300X-Amz-Signaturec042a464262142717bb1dec5e7a19755dfe656cfb86c96179620268d5af59115X-Amz-SignedHeadershostactor_id0key_id0repo_id50613991response-content-dispositionattachment%3B%20filename%3Dharbor-online-installer-v2.3.5.tgzresponse-content-typeapplication%2Foctet-stream
正在解析主机 objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.108.133, 185.199.111.133
正在连接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... 已连接。
已发出 HTTP 请求正在等待回应... 200 OK
长度9452 (9.2K) [application/octet-stream]
正在保存至: “harbor-online-installer-v2.3.5.tgz”100%[] 9,452 --.-K/s 用时 0.005s 2023-11-25 11:17:22 (1.90 MB/s) - 已保存 “harbor-online-installer-v2.3.5.tgz” [9452/9452])[rootdocker ~]# tar zxvf harbor-online-installer-v2.3.5.tgz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
[rootdocker ~]# cd harbor
[rootdocker harbor]# (4).创建并修改配置文件
根据配置文件模板复制为配置文件
cp harbor.yml.tmpl harbor.yml修改配置文件
vi harbor.yml
hostname: 192.168.40.21 #主机名称或者IP地址
#https: #不使用https安全加密端口
# port: 443
# certificate: /your/certificate/path
# private_key: /your/private/key/path(5).生成各个组件的配置
[rootdocker harbor]# ./prepare
prepare base dir is set to /root/harbor
Unable to find image goharbor/prepare:v2.3.5 locallyv2.3.5: Pulling from goharbor/prepare
91519930665a: Pull complete
b8547b4b6d59: Pull complete
4cfb18ed7c8b: Pull complete
1f7c4d37aa15: Pull complete
720465e03cf9: Pull complete
47bf36709ddf: Pull complete
7b6689f99a3d: Pull complete
660d0135472b: Pull complete
Digest: sha256:b0bad7e35d427d7337fdde85934415e133a9e8dba7dca5c0a0829bd31cd20790
Status: Downloaded newer image for goharbor/prepare:v2.3.5
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[rootdocker harbor]# (6).安装Harbor
[rootdocker harbor]# ./install.sh --with-trivy --with-chartmuseum[Step 0]: checking if docker is installed ...Note: docker version: 24.0.7[Step 1]: checking docker-compose is installed ...Note: docker-compose version: 2.23.3[Step 2]: preparing environment ...[Step 3]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /config/trivy-adapter/env
Generated configuration file: /config/chartserver/env
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir[Step 4]: starting Harbor ...
[] Running 75/30✔ portal 3 layers [⣿⣿⣿] 0B/0B Pulled 48.4s ✔ redis 4 layers [⣿⣿⣿⣿] 0B/0B Pulled 43.8s ✔ proxy 2 layers [⣿⣿] 0B/0B Pulled 2.5s ✔ chartmuseum 5 layers [⣿⣿⣿⣿⣿] 0B/0B Pulled 27.4s ✔ registry 5 layers [⣿⣿⣿⣿⣿] 0B/0B Pulled 34.4s ✔ registryctl 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 44.9s ✔ core 9 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 32.4s ✔ log 7 layers [⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 51.9s ✔ jobservice 5 layers [⣿⣿⣿⣿⣿] 0B/0B Pulled 12.8s ✔ postgresql 12 layers [⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 102.6s ✔ trivy-adapter 6 layers [⣿⣿⣿⣿⣿⣿] 0B/0B Pulled 23.0s [] Running 13/13✔ Network harbor_harbor Created 0.3s ✔ Network harbor_harbor-chartmuseum Created 0.2s ✔ Container harbor-log Started 0.6s ✔ Container registry Started 0.0s ✔ Container redis Started 0.0s ✔ Container chartmuseum Started 0.0s ✔ Container registryctl Started 0.0s ✔ Container harbor-db Started 0.0s ✔ Container harbor-portal Started 0.0s ✔ Container trivy-adapter Started 0.0s ✔ Container harbor-core Started 0.0s ✔ Container harbor-jobservice Started 0.0s ✔ Container nginx Started 0.0s
✔ ----Harbor has been installed and started successfully.----
[rootdocker harbor]#
(7).查看Harbor服务状态
[rootdocker harbor]# docker-compose ps
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
chartmuseum goharbor/chartmuseum-photon:v2.3.5 ./docker-entrypoint… chartmuseum 3 minutes ago Up 3 minutes (healthy)
harbor-core goharbor/harbor-core:v2.3.5 /harbor/entrypoint.… core 3 minutes ago Up 3 minutes (healthy)
harbor-db goharbor/harbor-db:v2.3.5 /docker-entrypoint.… postgresql 3 minutes ago Up 3 minutes (healthy)
harbor-jobservice goharbor/harbor-jobservice:v2.3.5 /harbor/entrypoint.… jobservice 3 minutes ago Up 3 minutes (healthy)
harbor-log goharbor/harbor-log:v2.3.5 /bin/sh -c /usr/loc… log 3 minutes ago Up 3 minutes (healthy) 127.0.0.1:1514-10514/tcp
harbor-portal goharbor/harbor-portal:v2.3.5 nginx -g daemon of… portal 3 minutes ago Up 3 minutes (healthy)
nginx goharbor/nginx-photon:v2.3.5 nginx -g daemon of… proxy 3 minutes ago Up 3 minutes (healthy) 0.0.0.0:80-8080/tcp, :::80-8080/tcp
redis goharbor/redis-photon:v2.3.5 redis-server /etc/r… redis 3 minutes ago Up 3 minutes (healthy)
registry goharbor/registry-photon:v2.3.5 /home/harbor/entryp… registry 3 minutes ago Up 3 minutes (healthy)
registryctl goharbor/harbor-registryctl:v2.3.5 /home/harbor/start.… registryctl 3 minutes ago Up 3 minutes (healthy)
trivy-adapter goharbor/trivy-adapter-photon:v2.3.5 /home/scanner/entry… trivy-adapter 3 minutes ago Up 3 minutes (healthy)
[rootdocker harbor]# (8).登录Harbor UI界面
在浏览器输入地址http://192.168.40.21:80 用户名admin 密码Harbor12345
7.离线安装
(1).安装composer
[rootdocker ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose% Total % Received % Xferd Average Speed Time Time Time CurrentDload Upload Total Spent Left Speed0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 56.9M 100 56.9M 0 0 7515k 0 0:00:07 0:00:07 --:--:-- 8608k
[rootdocker ~]# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[rootdocker ~]# chmod x /usr/local/bin/docker-compose
[rootdocker ~]# docker-compose -v
Docker Compose version v2.23.3
[rootdocker ~]# (2).配置内核参数,开启路由转发
[rootdocker ~]# cat /etc/sysctl.conf EOF
net.ipv4.ip_forward 1
net.bridge.bridge-nf-call-ip6tables 1
net.bridge.bridge-nf-call-iptables 1
EOF
[rootdocker ~]# sysctl -p
net.ipv4.ip_forward 1
net.bridge.bridge-nf-call-ip6tables 1
net.bridge.bridge-nf-call-iptables 1
[rootdocker ~]# (3).下载安装包并解压
[rootdocker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz
--2023-11-25 12:41:38-- https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz
正在解析主机 github.com (github.com)... 20.205.243.166
正在连接 github.com (github.com)|20.205.243.166|:443... 已连接。
已发出 HTTP 请求正在等待回应... 302 Found
位置https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/8bc3aa48-e2a4-4ab6-ae52-3ecf16dfe73a?X-Amz-AlgorithmAWS4-HMAC-SHA256X-Amz-CredentialAKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_requestX-Amz-Date20231125T044154ZX-Amz-Expires300X-Amz-Signaturec953b5e3ba2dd066e4650529b5b303d7e754af2b95fa8ecadf27722575dc2349X-Amz-SignedHeadershostactor_id0key_id0repo_id50613991response-content-dispositionattachment%3B%20filename%3Dharbor-offline-installer-v2.9.1.tgzresponse-content-typeapplication%2Foctet-stream [跟随至新的 URL]
--2023-11-25 12:41:54-- https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/8bc3aa48-e2a4-4ab6-ae52-3ecf16dfe73a?X-Amz-AlgorithmAWS4-HMAC-SHA256X-Amz-CredentialAKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_requestX-Amz-Date20231125T044154ZX-Amz-Expires300X-Amz-Signaturec953b5e3ba2dd066e4650529b5b303d7e754af2b95fa8ecadf27722575dc2349X-Amz-SignedHeadershostactor_id0key_id0repo_id50613991response-content-dispositionattachment%3B%20filename%3Dharbor-offline-installer-v2.9.1.tgzresponse-content-typeapplication%2Foctet-stream
正在解析主机 objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.108.133, 185.199.110.133, 185.199.111.133
正在连接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.108.133|:443... 失败拒绝连接。
正在连接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... 已连接。
已发出 HTTP 请求正在等待回应... 200 OK
长度796863822 (760M) [application/octet-stream]
正在保存至: “harbor-offline-installer-v2.9.1.tgz”100%[] 796,863,822 57.0MB/s 用时 18s 2023-11-25 12:42:34 (42.3 MB/s) - 已保存 “harbor-offline-installer-v2.9.1.tgz” [796863822/796863822])
[rootdocker ~]# tar -xzvf harbor-offline-installer-v2.9.1.tgz
harbor/harbor.v2.9.1.tar.gz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
[rootdocker ~]# (4).创建并修改配置文件
根据配置文件模板复制为配置文件
cp harbor.yml.tmpl harbor.yml修改配置文件
vi harbor.yml
hostname: 192.168.40.21 #主机名称或者IP地址
#https: #不使用https安全加密端口
# port: 443
# certificate: /your/certificate/path
# private_key: /your/private/key/path(5).加载Harbor所需的镜像
[rootdocker harbor]# docker load -i harbor.v2.9.1.tar.gz a1dcbad8836c: Loading layer [] 40.11MB/40.11MB
4349dad1c75c: Loading layer [] 10.89MB/10.89MB
b3619b11127a: Loading layer [] 3.584kB/3.584kB
7b38a647487c: Loading layer [] 2.56kB/2.56kB
af63cee918f4: Loading layer [] 44.69MB/44.69MB
087e0e1d01ed: Loading layer [] 45.48MB/45.48MB
Loaded image: goharbor/harbor-jobservice:v2.9.1
7a18cae000bb: Loading layer [] 7.873MB/7.873MB
6e8443cb30ea: Loading layer [] 4.096kB/4.096kB
7e6f1921b03b: Loading layer [] 17.4MB/17.4MB
7ab103a3c9e9: Loading layer [] 3.072kB/3.072kB
afdeb50007ba: Loading layer [] 32.78MB/32.78MB
0838cfee6fc3: Loading layer [] 50.97MB/50.97MB
Loaded image: goharbor/harbor-registryctl:v2.9.1
06a21a75ac76: Loading layer [] 10.89MB/10.89MB
7ef38c74aa21: Loading layer [] 3.584kB/3.584kB
78e12b1b294b: Loading layer [] 2.56kB/2.56kB
7415bb76ee07: Loading layer [] 58.23MB/58.23MB
c25cd46ee82a: Loading layer [] 5.632kB/5.632kB
1a3de5a9a094: Loading layer [] 122.4kB/122.4kB
2d2d193fbdcd: Loading layer [] 80.38kB/80.38kB
ee47e7543fea: Loading layer [] 59.23MB/59.23MB
6ebe4d7b431b: Loading layer [] 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.9.1
7d9f76d29c1c: Loading layer [] 124.4MB/124.4MB
50cb5ae20a44: Loading layer [] 3.584kB/3.584kB
59a78c21122c: Loading layer [] 3.072kB/3.072kB
6beb01cc5baa: Loading layer [] 2.56kB/2.56kB
b09018e5a73f: Loading layer [] 3.072kB/3.072kB
c1078fb9f5c7: Loading layer [] 3.584kB/3.584kB
59dadef71b1b: Loading layer [] 20.48kB/20.48kB
Loaded image: goharbor/harbor-log:v2.9.1
d1de629330a4: Loading layer [] 60.48MB/60.48MB
3cb3537a6da7: Loading layer [] 173.9MB/173.9MB
a327f18369ed: Loading layer [] 25.46MB/25.46MB
3f5c8182a7a2: Loading layer [] 63.37MB/63.37MB
a972da56e974: Loading layer [] 5.12kB/5.12kB
2fa2fe9c942b: Loading layer [] 6.144kB/6.144kB
53214b04b836: Loading layer [] 3.072kB/3.072kB
7fde99a5b238: Loading layer [] 2.048kB/2.048kB
b985c63bb4f0: Loading layer [] 2.56kB/2.56kB
58e8be9a88e4: Loading layer [] 7.68kB/7.68kB
Loaded image: goharbor/harbor-db:v2.9.1
64966afbcdad: Loading layer [] 10.89MB/10.89MB
7ffad26c4cb7: Loading layer [] 27.62MB/27.62MB
ce5f177604e5: Loading layer [] 4.608kB/4.608kB
4c46c82379dc: Loading layer [] 28.41MB/28.41MB
Loaded image: goharbor/harbor-exporter:v2.9.1
f2d51adf2664: Loading layer [] 60.48MB/60.48MB
962114f3c6f4: Loading layer [] 110.8MB/110.8MB
fa9bce70fee8: Loading layer [] 3.072kB/3.072kB
034a19d4e2af: Loading layer [] 59.9kB/59.9kB
ea8a227a5ce4: Loading layer [] 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.9.1
b99018c986e9: Loading layer [] 115.1MB/115.1MB
Loaded image: goharbor/nginx-photon:v2.9.1
7e85bea4f9eb: Loading layer [] 7.873MB/7.873MB
2d7031c02133: Loading layer [] 4.096kB/4.096kB
f2f29a057a0e: Loading layer [] 3.072kB/3.072kB
c465d9ffbcae: Loading layer [] 17.4MB/17.4MB
e8392e2d1c5c: Loading layer [] 18.19MB/18.19MB
Loaded image: goharbor/registry-photon:v2.9.1
0ee5099becd4: Loading layer [] 8.424MB/8.424MB
709c954772b5: Loading layer [] 4.096kB/4.096kB
4b4592e67634: Loading layer [] 3.072kB/3.072kB
db64864bc2d4: Loading layer [] 196.4MB/196.4MB
b2e16fced657: Loading layer [] 14.21MB/14.21MB
261777ce207b: Loading layer [] 211.4MB/211.4MB
Loaded image: goharbor/trivy-adapter-photon:v2.9.1
8bb88f3b5655: Loading layer [] 89.16MB/89.16MB
58f41452397c: Loading layer [] 65.05MB/65.05MB
56353e1b0c2c: Loading layer [] 58.46MB/58.46MB
78dc49080966: Loading layer [] 65.54kB/65.54kB
f1e566e1fcc5: Loading layer [] 2.56kB/2.56kB
1baf36cc0bfd: Loading layer [] 1.536kB/1.536kB
4f36dbd6f970: Loading layer [] 12.29kB/12.29kB
0b3526c9e5d6: Loading layer [] 5.322MB/5.322MB
e7daf9b6bcbe: Loading layer [] 429.1kB/429.1kB
Loaded image: goharbor/prepare:v2.9.1
d0dcb5740755: Loading layer [] 115.1MB/115.1MB
a68394b34761: Loading layer [] 6.46MB/6.46MB
e47863752870: Loading layer [] 245.8kB/245.8kB
eb0d64571e29: Loading layer [] 1.233MB/1.233MB
Loaded image: goharbor/harbor-portal:v2.9.1
[rootdocker harbor]# (6)把配置文件注入到Harbor
[rootdocker harbor]# ./prepare
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[rootdocker harbor]# (7).安装Harbor
[rootdocker harbor]# ./install.sh[Step 0]: checking if docker is installed ...Note: docker version: 24.0.7[Step 1]: checking docker-compose is installed ...Note: Docker Compose version v2.21.0[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-jobservice:v2.9.1
Loaded image: goharbor/harbor-registryctl:v2.9.1
Loaded image: goharbor/harbor-core:v2.9.1
Loaded image: goharbor/harbor-log:v2.9.1
Loaded image: goharbor/harbor-db:v2.9.1
Loaded image: goharbor/harbor-exporter:v2.9.1
Loaded image: goharbor/redis-photon:v2.9.1
Loaded image: goharbor/nginx-photon:v2.9.1
Loaded image: goharbor/registry-photon:v2.9.1
Loaded image: goharbor/trivy-adapter-photon:v2.9.1
Loaded image: goharbor/prepare:v2.9.1
Loaded image: goharbor/harbor-portal:v2.9.1[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dirNote: stopping existing Harbor instance ...[Step 5]: starting Harbor ...
[] Running 10/10✔ Network harbor_harbor Created 0.4s ✔ Container harbor-log Started 0.0s ✔ Container registryctl Started 0.0s ✔ Container redis Started 0.0s ✔ Container harbor-portal Started 0.0s ✔ Container harbor-db Started 0.0s ✔ Container registry Started 0.0s ✔ Container harbor-core Started 0.0s ✔ Container nginx Started 0.0s ✔ Container harbor-jobservice Started 0.0s
✔ ----Harbor has been installed and started successfully.----
[rootdocker harbor]# (8).查看Harbor服务状态
[rootdocker harbor]# docker-compose ps
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
harbor-core goharbor/harbor-core:v2.9.1 /harbor/entrypoint.… core 47 seconds ago Up 45 seconds (healthy)
harbor-db goharbor/harbor-db:v2.9.1 /docker-entrypoint.… postgresql 47 seconds ago Up 46 seconds (healthy)
harbor-jobservice goharbor/harbor-jobservice:v2.9.1 /harbor/entrypoint.… jobservice 47 seconds ago Up 36 seconds (healthy)
harbor-log goharbor/harbor-log:v2.9.1 /bin/sh -c /usr/loc… log 47 seconds ago Up 46 seconds (healthy) 127.0.0.1:1514-10514/tcp
harbor-portal goharbor/harbor-portal:v2.9.1 nginx -g daemon of… portal 47 seconds ago Up 46 seconds (healthy)
nginx goharbor/nginx-photon:v2.9.1 nginx -g daemon of… proxy 47 seconds ago Up 45 seconds (healthy) 0.0.0.0:80-8080/tcp, :::80-8080/tcp
redis goharbor/redis-photon:v2.9.1 redis-server /etc/r… redis 47 seconds ago Up 46 seconds (healthy)
registry goharbor/registry-photon:v2.9.1 /home/harbor/entryp… registry 47 seconds ago Up 46 seconds (healthy)
registryctl goharbor/harbor-registryctl:v2.9.1 /home/harbor/start.… registryctl 47 seconds ago Up 46 seconds (healthy)
[rootdocker harbor]# (9).登录Harbor UI界面
在浏览器输入地址http://192.168.40.21:80 用户名admin 密码Harbor12345 8.相关命令
(1).停止所有Hoabor stop不会删除镜像和容器 down则反之 docker compose -f /root/harbor/docker-compose.yml stopdocker compose -f /root/harbor/docker-compose.yml down(2).启动所有Harbor start不会创建所需要的镜像和容器 up则反之 docker compose -f /root/harbor/docker-compose.yml startdocker compose -f /root/harbor/docker-compose.yml up(3).卸载Harbor
trivy-adapter goharbor/trivy-adapter-photon v2.3.5 5c0212e98070 133MB
[rootdocker harbor]# docker compose -f /root/harbor/docker-compose.yml down
[] Running 13/13✔ Container trivy-adapter Removed 0.0s ✔ Container chartmuseum Removed 0.0s ✔ Container harbor-jobservice Removed 0.0s ✔ Container registryctl Removed 0.0s ✔ Container nginx Removed 0.0s ✔ Container harbor-portal Removed 0.0s ✔ Container harbor-core Removed 0.0s ✔ Container registry Removed 0.0s ✔ Container redis Removed 0.0s ✔ Container harbor-db Removed 0.0s ✔ Container harbor-log Removed 0.0s ✔ Network harbor_harbor Removed 0.4s ✔ Network harbor_harbor-chartmuseum Removed 0.2s
[rootdocker harbor]# docker compose images
CONTAINER REPOSITORY TAG IMAGE ID SIZE
[rootdocker harbor]# rm -rf /root/harbor
[rootdocker harbor]# rm -rf /root/harbor-online-installer-v2.3.5.tgz
[rootdocker harbor]#
