成都网站建设设计

将想法与焦点和您一起共享

Harbor2.0.0安装及使用

本篇文章给大家分享的是有关Harbor 2.0.0安装及使用,小编觉得挺实用的,因此分享给大家学习,希望大家阅读完这篇文章后可以有所收获,话不多说,跟着小编一起来看看吧。

创新互联是一家网站设计公司,集创意、互联网应用、软件技术为一体的创意网站建设服务商,主营产品:响应式网站设计高端网站设计成都营销网站建设。我们专注企业品牌在网站中的整体树立,网络互动的体验,以及在手机等移动端的优质呈现。成都网站设计、网站建设、移动互联产品、网络运营、VI设计、云产品.运维为核心业务。为用户提供一站式解决方案,我们深知市场的竞争激烈,认真对待每位客户,为客户提供赏析悦目的作品,网站的价值服务。

背景:随着工作的不断推进,镜像越来越多,部署的机器越来越多,每次部署都需要build一次镜像非常耗时,尤其是在树莓派上build带有pip3 install pandas的镜像,往往耗时一个小时(虽然apt install python3-pandas快,但目前版本仅支持到0.25.3,1.0.0+的新接口并不支持,如pandas.json_normalize),因而就萌生了将镜像上传至镜像仓库中,而镜像仓库分为公共仓库和私有仓库,受限于隐私性,只能考虑私有仓库,目前的仓库部署方式:

部署:

服务器主机:

>>> docker pull registry:2

>>> docker run -d -p 5000:5000 --restart always --name registry registry:2

客户主机:

# 为了使http可用,需添加信任ip

>>> sudo vim /etc/docker/daemon.json

{ "insecure-registries":["服务器主机ip:5000"] } 

>>> service docker restart

上传

>>> docker tag ubuntu:latest 服务器主机ip/test/ubuntu:20.04

>>> docker push 服务器主机ip/test/ubuntu:20.04

可以看到,非常简单,但是也非常简陋,存在问题:

缺乏权限控制,理论上只要知道ip、端口、项目名称、仓库名称就能获取;

无图形化界面,管理繁琐

为了解决上述问题,引入Harbor,一个由VMware公司开源的容器镜像管理工具,貌似是中国团队开发的,因而原生支持中文,废话不多说,安装部署使用方式如下:

安装环境:

CentOS 7.8.2003

Docker 19.03.11

Docker compose 1.26.0

安装过程参考:https://juejin.im/post/5d9c2f25f265da5bbb1e3de5

有部分修改

准备:

# 安装最新版docker

参考:https://docs.docker.com/engine/install/centos/

# 修改docker配置

>>> sed -i '/ExecStart=\/usr\/bin\/dockerd/i\ExecStartPost=\/sbin/iptables -I FORWARD -s 0.0.0.0\/0 -d 0.0.0.0\/0 -j ACCEPT' /usr/lib/systemd/system/docker.service

>>> sed -i '/dockerd/s/$/ \-\-storage\-driver\=overlay2 --insecure-registry 服务器ip/g' /usr/lib/systemd/system/docker.service

# 时间同步

>>> yum -y install ntp

>>> systemctl enable ntpd

>>> systemctl start ntpd

>>> ntpdate -u cn.pool.ntp.org

>>> hwclock --systohc

>>> timedatectl set-timezone Asia/Shanghai

# 关闭swap分区

>>> vim /etc/fstab

#注释掉SWAP分区项

#/dev/mapper/centos00-swap swap                    swap    defaults        0 0

# 关闭防火墙

>>> systemctl stop firewalld

>>> systemctl disable firewalld

>>> setenforce 0

>>> sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config

# 升级内核

>>> rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

>>> rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm

>>> yum --enablerepo=elrepo-kernel install kernel-ml -y&&

>>> sed -i s/saved/0/g /etc/default/grub&&

>>> grub2-mkconfig -o /boot/grub2/grub.cfg && reboot

# 安装docker-compose

>>> curl -L https://github.com/docker/compose/releases/download/1.26.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose

>>> chmod +x /usr/local/bin/docker-compose

>>> docker-compose --version

docker-compose version 1.26.0, build d4451659

# 安装

# 下载在线安装包

>>> wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v2.0.0.tgz

>>> tar xf harbor-online-installer-v2.0.0.tgz

>>> cd harbor

安装:

# 编辑配置文件

>>> vim harbor.yml.tmpl

# 修改hostname

hostname: 服务器ip

# 将https注释掉,以关闭https支持

# https related config

#https:

#  # https port for harbor, default is 443

#  port: 443

#  # The path of cert and key files for nginx

#  certificate: /your/certificate/path

#  private_key: /your/private/key/path

# 默认的管理员账号密码也可以修改

# 安装 

>>> mv harbor.yml.tmpl harbor.yml

>>> ./install.sh

......

Creating harbor-log ... done

Creating harbor-db     ... done

Creating registryctl   ... done

Creating harbor-portal ... done

Creating registry      ... done

Creating redis         ... done

Creating harbor-core   ... done

Creating nginx             ... done

Creating harbor-jobservice ... done

✔ ----Harbor has been installed and started successfully.----

>>> docker ps

CONTAINER ID        IMAGE                                              COMMAND                  CREATED             STATUS                 PORTS                                            NAMES

d894c16c987f        goharbor/harbor-jobservice:v2.0.0                  "/harbor/entrypoint.…"   2 hours ago         Up 2 hours (healthy)                                                    harbor-jobservice

a3378467ff00        goharbor/nginx-photon:v2.0.0                       "nginx -g 'daemon of…"   2 hours ago         Up 2 hours (healthy)   0.0.0.0:80->8080/tcp                             nginx

318b4ad0d0bb        goharbor/harbor-core:v2.0.0                        "/harbor/entrypoint.…"   2 hours ago         Up 2 hours (healthy)                                                    harbor-core

9348e1566bd0        goharbor/redis-photon:v2.0.0                       "redis-server /etc/r…"   2 hours ago         Up 2 hours (healthy)   6379/tcp                                         redis

cc69fe7876b9        goharbor/registry-photon:v2.0.0                    "/home/harbor/entryp…"   2 hours ago         Up 2 hours (healthy)   5000/tcp                                         registry

dc213cb7c5e8        goharbor/harbor-portal:v2.0.0                      "nginx -g 'daemon of…"   2 hours ago         Up 2 hours (healthy)   8080/tcp                                         harbor-portal

e69e2ee6d791        goharbor/harbor-registryctl:v2.0.0                 "/home/harbor/start.…"   2 hours ago         Up 2 hours (healthy)                                                    registryctl

8bfcbe9f3d1c        goharbor/harbor-db:v2.0.0                          "/docker-entrypoint.…"   2 hours ago         Up 2 hours (healthy)   5432/tcp                                         harbor-db

59e32a7ecb2a        goharbor/harbor-log:v2.0.0                         "/bin/sh -c /usr/loc…"   2 hours ago         Up 2 hours (healthy)   127.0.0.1:1514->10514/tcp                        harbor-log

使用:

进入管理界面:http://服务器ip

上传镜像:

创建项目:

如果不创建项目,则会报错‘unauthorized: project not found, name: test: project not found, name: test’

登录:

# 登录

>>> docker login 服务器ip

Username:

Password:

Authenticating with existing credentials...

Login Succeeded

# 登出

>>> docker logout 服务器ip

# 登出后再push

>>> docker push 10.8.15.49/test/python:1.0

The push refers to repository [10.8.15.49/test/python]

9867e295092a: Preparing 

4a2b3a37baa3: Preparing 

64f465a5c456: Preparing 

912ca77102af: Preparing 

5900cd753a41: Preparing 

afae6f50abb9: Waiting 

136a15f81f25: Waiting 

185574602537: Waiting 

24efcd549ab5: Waiting 

unauthorized: unauthorized to access repository: test/python, action: push: unauthorized to access repository: test/python, action: push

设置标签:

>>> docker tag 镜像名:标签名 服务器ip/项目名/镜像名:标签名

上传:

>>> docker push 服务器ip/项目名/镜像名:标签名

2020-06-11更新

Harbor系统运维

在docker-compose.yml目录下执行

Stopping Harbor:

#docker-compose stop

Stopping harbor-jobservice ... done

Stopping nginx             ... done

Stopping harbor-core       ... done

Stopping redis             ... done

Stopping registry          ... done

Stopping harbor-portal     ... done

Stopping registryctl       ... done

Stopping harbor-db         ... done

Stopping harbor-log        ... done

Restarting Harbor after stopping:

#docker-compose start

Starting log         ... done

Starting registry    ... done

Starting registryctl ... done

Starting postgresql  ... done

Starting portal      ... done

Starting redis       ... done

Starting core        ... done

Starting jobservice  ... done

Starting proxy       ... done

To change Harbor’s configuration, first stop existing Harbor instance and update harbor.cfg.

Then run prepare script to populate the configuration. Finally re-create and start Harbor’s instance:

# docker-compose down

# vim harbor.cfg

# ./prepare

# docker-compose up -d

Removing Harbor’s containers while keeping the image data and Harbor’s database files on the file system:

# docker-compose down

Removing Harbor’s database and image data (for a clean re-installation):

# rm -r /data/database

# rm -r /data/registry

修改监听端口(默认监听80端口)

Configuring Harbor listening on a customized port.

By default, Harbor listens on port 80(HTTP) and 443(HTTPS, if configured) for both admin portal and docker commands, you can configure it with a customized one.

For HTTP protocol

Modify docker-compose.yml,Replace the first “80” to a customized port, e.g. 8888:80.

# vim docker-compose.yml

proxy:

  image: library/nginx:1.11.5

  restart: always

  volumes:

    - ./config/nginx:/etc/nginx

  ports:

    - 8888:80

    - 443:443

  depends_on:

    - MySQL

    - registry

    - ui

    - log

  logging:

    driver: "syslog"

    options:  

      syslog-address: "tcp://127.0.0.1:1514"

      tag: "proxy"

Modify harbor.cfg, add the port to the parameter “hostname”.

# vim harbor.cfg

hostname = 10.90.5.105:8888

Re-deploy Harbor refering to previous section.

# docker-compose down

# ./prepare

# docker-compose up -d

以上就是Harbor 2.0.0安装及使用,小编相信有部分知识点可能是我们日常工作会见到或用到的。希望你能通过这篇文章学到更多知识。更多详情敬请关注创新互联行业资讯频道。


分享题目:Harbor2.0.0安装及使用
分享路径:http://chengdu.cdxwcx.cn/article/jhdhjp.html