1 搭建Harbor企业级docker仓库

搭建docker私有仓库是企业在docker使用中必不可少的步骤，harbor是由vmware几个大神开源出来的一款非常优秀的产品。因此今天来讲述一下如何在centos7环境中配置harhor。

1.1 环境准备

1.1.1 安装docker

由于docker已经放在centos7的extra源内，因此可直接使用yum进行安装配置。

1.1.1.1 安装

yum install docker

1.1.1.2 修改docker存储目录

修改配置文件/etc/sysconfig/docker

OPTIONS='--graph=/data/docker --selinux-enabled --log-driver=journald --signature-verification=false'
注：--graph=/data/docker即为修改docker默认路径

1.1.1.3 配置docker镜像加速器

镜像加速器有利于快速下载镜像,修改如下：

[root@node249 tomcat8_jre8_supervisor]# cat /etc/docker/daemon.json
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"]
}

1.1.1.4 启停服务&开机自启动

重新加载配置文件：systemctl daemon-reload
启动：systemctl start docker.service
停止：systemctl stop docker.service
开机自启动：systemctl enable docker.service

1.1.2 安装docker-compose

注：操作系统不自带pip 请自行安装

pip install docker-compose

1.1.3 下载harbor

url地址：https://github.com/goharbor/harbor/releases
选择所需版本。我所下载的为：harbor-online-installer-v1.6.0.tgz
tar -zxf /root/harbor-online-installer-v1.6.0.tgz -C /usr/local/

1.1.4 修改配置文件harbor.cfg

hostname = 192.168.2.46 
harbor_admin_password = mvtech123
self_registration = off
project_creation_restriction = adminonly

1.1.5 安装前检查

1.2 安装harbor

[root@harbor ~]# /usr/local/harbor/install.sh 

[Step 0]: checking installation environment ...

Note: docker version: 1.13.1

Note: docker-compose version: 1.22.0


[Step 1]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/registryctl/env
Clearing the configuration file: ./common/config/registryctl/config.yml
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/log/logrotate.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.


[Step 2]: checking existing instance of Harbor ...


[Step 3]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Pulling log (goharbor/harbor-log:v1.6.0)...
Trying to pull repository docker.io/goharbor/harbor-log ... 
v1.6.0: Pulling from docker.io/goharbor/harbor-log
51be32cd3c9d: Pull complete
fd9cdcfcef45: Pull complete
4167b797c339: Pull complete
b22d11b0e478: Pull complete
d5aad3df7cee: Pull complete
bd43de1bbd44: Pull complete
7494eff3da48: Pull complete
Digest: sha256:27f9e24f28393a6052b71c93b1571f2269e1d3c489f4081996a099ac88ff56ff
Status: Downloaded newer image for docker.io/goharbor/harbor-log:v1.6.0
Pulling postgresql (goharbor/harbor-db:v1.6.0)...
Trying to pull repository docker.io/goharbor/harbor-db ... 
v1.6.0: Pulling from docker.io/goharbor/harbor-db
51be32cd3c9d: Already exists
16bdbb239be8: Pull complete
1f2308455a1a: Pull complete
886c09e06dee: Pull complete
4c74f43fb3f6: Pull complete
a5a85370032d: Pull complete
c393ddbdd7fb: Pull complete
ae546b8414b0: Pull complete
Digest: sha256:ee65d512c93860bd4872be296de80c079842a64e2a4002360e720222a87ec346
Status: Downloaded newer image for docker.io/goharbor/harbor-db:v1.6.0
Pulling redis (goharbor/redis-photon:v1.6.0)...
Trying to pull repository docker.io/goharbor/redis-photon ... 
v1.6.0: Pulling from docker.io/goharbor/redis-photon
51be32cd3c9d: Already exists
c400e93ba418: Pull complete
170ae129f67d: Pull complete
bffa31ec55cd: Pull complete
5b72a97a5506: Pull complete
Digest: sha256:4095dc26d6331b4d3c25377bc02d95501c51fbba99f31f9761d321bbc17803af
Status: Downloaded newer image for docker.io/goharbor/redis-photon:v1.6.0
Pulling adminserver (goharbor/harbor-adminserver:v1.6.0)...
Trying to pull repository docker.io/goharbor/harbor-adminserver ... 
v1.6.0: Pulling from docker.io/goharbor/harbor-adminserver
51be32cd3c9d: Already exists
a12ecf0fa8fc: Pull complete
3757394ad64f: Pull complete
26ceec7e26ff: Pull complete
e8d90789101d: Pull complete
Digest: sha256:c3ca012c2d69099ba4e3bbedc58ffe146fd10aa5129d44cc7d735edf6167959e
Status: Downloaded newer image for docker.io/goharbor/harbor-adminserver:v1.6.0
Pulling registry (goharbor/registry-photon:v2.6.2-v1.6.0)...
Trying to pull repository docker.io/goharbor/registry-photon ... 
v2.6.2-v1.6.0: Pulling from docker.io/goharbor/registry-photon
51be32cd3c9d: Already exists
eaf5637d77d9: Pull complete
c68621c7e44d: Pull complete
314e16c23f49: Pull complete
e3f6c59a8a19: Pull complete
e4f08365b84c: Pull complete
29c822b725fa: Pull complete
Digest: sha256:070dcc29fb5b34cdcc982394ead57f598160fd61bd8daee4b2a5f39ea37bd7a0
Status: Downloaded newer image for docker.io/goharbor/registry-photon:v2.6.2-v1.6.0
Pulling ui (goharbor/harbor-ui:v1.6.0)...
Trying to pull repository docker.io/goharbor/harbor-ui ... 
v1.6.0: Pulling from docker.io/goharbor/harbor-ui
51be32cd3c9d: Already exists
ec6a6b245304: Pull complete
a88d6c453ccb: Pull complete
d5e2e9e0086a: Pull complete
f8d7e9d8512c: Pull complete
a06b1a705b19: Pull complete
Digest: sha256:de332db437b8df6ce05203247cbf97ac9f4953672a8c22be8858aee47a0f435f
Status: Downloaded newer image for docker.io/goharbor/harbor-ui:v1.6.0
Pulling jobservice (goharbor/harbor-jobservice:v1.6.0)...
Trying to pull repository docker.io/goharbor/harbor-jobservice ... 
v1.6.0: Pulling from docker.io/goharbor/harbor-jobservice
51be32cd3c9d: Already exists
ffcdeda0f50f: Pull complete
e69daf7ff175: Pull complete
840fbfb5576e: Pull complete
Digest: sha256:51d2bf14cd9d1bbf082793a0556ff949937655c67569a86424210a1455f60057
Status: Downloaded newer image for docker.io/goharbor/harbor-jobservice:v1.6.0
Pulling proxy (goharbor/nginx-photon:v1.6.0)...
Trying to pull repository docker.io/goharbor/nginx-photon ... 
v1.6.0: Pulling from docker.io/goharbor/nginx-photon
51be32cd3c9d: Already exists
edc138fa5ed7: Pull complete
Digest: sha256:3270c6fc3bdaaecd16280592e916e2cfcf7c5eb54ffc46d79b507b625e3fb4c6
Status: Downloaded newer image for docker.io/goharbor/nginx-photon:v1.6.0
Creating harbor-log ... done
Creating redis              ... done
Creating harbor-adminserver ... done
Creating registry           ... done
Creating harbor-db          ... done
Creating harbor-ui          ... done
Creating harbor-jobservice  ... done
Creating nginx              ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://192.168.2.46 . 
For more details, please visit https://github.com/goharbor/harbor .

1.3 使用harbor

web访问：http://192.168.2.46 客户端若使用harbor仓库则需进行如下配置

#修改配置文件
[root@localhost ~]# cat /etc/docker/daemon.json 
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn"],
  "insecure-registries": ["192.168.2.46"]
}
#重启docker服务
[root@localhost ~]# systemctl restart docker

1.3.1 push镜像至harbor中

1.3.1.1 登陆

1.3.1.2 push镜像

若为从其他地方pull的镜像需要修改tag

docker tag centos:latest 192.168.2.46/library/centos:latest
docker push 192.168.2.46/library/centos:latest

1.3.2 客户端pull镜像

1.3.2.1 客户端从服务器中拉取镜像

命令如下：docker pull 192.168.2.46/library/zabbix2.4.8:v1.0

1.3.2.2 查看此客户端的镜像

2 使用harbor私有仓库

本章用来介绍私有仓库的使用

2.1 登陆

2.2 项目

harbor通过项目管理不同的仓库，用户可以向不同的项目中上传该项目使用的镜像

2.2 日志

日志模块记录harbor的每一步操作，方便查看操作步骤。

2.3 用户管理

本模块来管理用户

2.4 仓库管理

此模块用可以添加一些仓库，用来复制

2.5 复制管理

复制管理可以通过定时任务或立即将本仓库的镜像复制到仓库管理中的仓库中

2.6 配置管理

本模块用来对仓库进行配置管理，例如允许字注册等