有关docker harbor的安装及管理说明
发表于:2024-09-25 作者:千家信息网编辑
千家信息网最后更新 2024年09月25日,今天小编就为大家带来一篇有关docker harbor的安装及管理的文章。小编觉得挺不错的,为此分享给大家做个参考。一起跟随小编过来看看吧。一、环境介绍目标主机的先决条件Harbor被部署为多个Doc
千家信息网最后更新 2024年09月25日有关docker harbor的安装及管理说明
今天小编就为大家带来一篇有关docker harbor的安装及管理的文章。小编觉得挺不错的,为此分享给大家做个参考。一起跟随小编过来看看吧。
一、环境介绍
目标主机的先决条件
Harbor被部署为多个Docker容器,因此可以部署在任何支持Docker的Linux发行版上。目标主机需要安装Python,Docker和Docker Compose。
硬件
| 资源 | 容量 | 描述 |
|---|---|---|
| cpu | 最小2cpu | 首选4cpu |
| memory | 最小4GB | 首选8GB |
| disk | 最小40GB | 首选160GB |
软件
| 软件 | 版本 | 描述 |
|---|---|---|
| Python | 2.7及以上 | linuxiso自带python2.7,此步骤可省略 |
| Docker engine | 1.10及以上 | 有关安装说明,请参阅:https://docs.docker.com/engine/×××tallation/ |
| Docker compose | 1.6.0及以上 | 有关安装说明,请访问:https://docs.docker.com/compose/×××tall/ |
| Openssl | 最新 | 为Harbor生成证书和密钥 |
二、安装
下载harbor软件包:https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-×××taller-v1.7.1.tgz
解压
cd /home
tar -zxvf harbor-offline-×××taller-v1.7.1.tgz
yum update -y
耐心等待一会
安装docekr并配置加速器和镜像仓库地址
yum ×××tall docker -y
yum ×××tall vim -y
[root@localhost docker]# cd /etc/docker/
[root@localhost docker]# ls
certs.d daemon.json seccomp.json
vim daemon.json
{
"registry-mirrors": ["https://o3niohlb.mirror.aliyuncs.com"],
"×××ecure-registries": ["172.18.74.145"]
}
这里注意IP地址前面不要加任何协议
否则会报错
systemctl daemon-reloadsystemctl enable dockersystemctl start dockersystemctl status docker安装docker-compose
yum ×××tall epel-release -yyum ×××tall docker-compose -y查看各软件版本
[root@localhost ~]# opensslOpenSSL> versionOpenSSL 1.0.2k-fips 26 Jan 2017OpenSSL> ^C[root@localhost ~]# python --versionPython 2.7.5[root@localhost ~]#[root@localhost ~]# docker -vDocker version 1.13.1, build b2f74b2/1.13.1[root@localhost ~]# docker-compose -vdocker-compose version 1.18.0, build 8dd22a9[root@localhost ~]#编辑harbor配置文件
cd /home/harbor/vim harbor.cfghostname = 172.18.74.145安装Harbor
[root@localhost harbor]# ./×××tall.sh[Step 0]: checking ×××tallation environment ...Note: docker version: 1.13.1Note: docker-compose version: 1.18.0[Step 1]: loading Harbor images ...ae18db924eef: Loading layer 32.92 MB/32.92 MB1c06074dba9c: Loading layer 8.955 MB/8.955 MB7a719a639e34: Loading layer 3.072 kB/3.072 kB49f7bca05da9: Loading layer 2.56 kB/2.56 kBe86d69bef97e: Loading layer 2.56 kB/2.56 kB81e122d773f5: Loading layer 2.048 kB/2.048 kB5fe5adb8cf31: Loading layer 22.8 MB/22.8 MBd760045419e4: Loading layer 22.8 MB/22.8 MBLoaded image: goharbor/registry-photon:v2.6.2-v1.7.1c0f668a21621: Loading layer 133.2 MB/133.2 MBf8cb0bf39ff2: Loading layer 684 MB/684 MB444ac38a117b: Loading layer 7.68 kB/7.68 kB2e16f24ac8bc: Loading layer 212 kB/212 kBLoaded image: goharbor/harbor-migrator:v1.7.1fa2dcaba747a: Loading layer 8.955 MB/8.955 MBeeaaf4c760eb: Loading layer 15.6 MB/15.6 MB98ffd6175b61: Loading layer 18.94 kB/18.94 kBfc1db6c4f652: Loading layer 15.6 MB/15.6 MBLoaded image: goharbor/harbor-adm×××erver:v1.7.18d55a6a034d6: Loading layer 8.955 MB/8.955 MB01ef68a17913: Loading layer 27.24 MB/27.24 MBf9258cfa4b48: Loading layer 5.632 kB/5.632 kBdcf5c61ede76: Loading layer 27.24 MB/27.24 MBLoaded image: goharbor/harbor-core:v1.7.11f65d10893c9: Loading layer 50.39 MB/50.39 MB358f40be2091: Loading layer 3.584 kB/3.584 kBc7f3ef058d0b: Loading layer 3.072 kB/3.072 kB154caf7c7173: Loading layer 4.096 kB/4.096 kB42c7764aa777: Loading layer 3.584 kB/3.584 kB023f3a96f324: Loading layer 10.24 kB/10.24 kBLoaded image: goharbor/harbor-log:v1.7.1a1b528067504: Loading layer 8.955 MB/8.955 MB2d3d34f3ba5b: Loading layer 21.51 MB/21.51 MBa5da70777097: Loading layer 21.51 MB/21.51 MBLoaded image: goharbor/harbor-jobservice:v1.7.1ab31dfc84e9d: Loading layer 8.954 MB/8.954 MBb130423af762: Loading layer 13.43 MB/13.43 MB357c059d0598: Loading layer 17.3 MB/17.3 MBfabc6edfac55: Loading layer 11.26 kB/11.26 kBcfaa3b5d445a: Loading layer 3.072 kB/3.072 kB12c73a4b2c7a: Loading layer 30.72 MB/30.72 MBLoaded image: goharbor/notary-server-photon:v0.6.1-v1.7.150a6467bd619: Loading layer 113 MB/113 MB6ae61fc91943: Loading layer 11.46 MB/11.46 MB5c840c272f78: Loading layer 2.048 kB/2.048 kB077d16ebcba8: Loading layer 48.13 kB/48.13 kBb822f5ff7858: Loading layer 3.072 kB/3.072 kB4548140152fd: Loading layer 11.51 MB/11.51 MBLoaded image: goharbor/clair-photon:v2.0.7-v1.7.1232024be30e3: Loading layer 3.39 MB/3.39 MBa73624ae3fad: Loading layer 4.721 MB/4.721 MB96b8c5c532c3: Loading layer 3.584 kB/3.584 kBLoaded image: goharbor/harbor-portal:v1.7.1e2fd12afe6e8: Loading layer 63.31 MB/63.31 MBe973513bcb58: Loading layer 40.74 MB/40.74 MB4f45af643b2b: Loading layer 6.656 kB/6.656 kB54a84094f024: Loading layer 2.048 kB/2.048 kB2d78cf8a687b: Loading layer 7.68 kB/7.68 kBe96067b83a72: Loading layer 2.56 kB/2.56 kB38a7d304147f: Loading layer 2.56 kB/2.56 kBa36c0cb6a35a: Loading layer 2.56 kB/2.56 kBLoaded image: goharbor/harbor-db:v1.7.1b0c31ad64c85: Loading layer 65.01 MB/65.01 MB22fbab41769e: Loading layer 3.072 kB/3.072 kB7f28bf5373b2: Loading layer 59.9 kB/59.9 kBabb9969cff2a: Loading layer 61.95 kB/61.95 kBLoaded image: goharbor/redis-photon:v1.7.1933cd9a15fc5: Loading layer 3.39 MB/3.39 MBLoaded image: goharbor/nginx-photon:v1.7.16ee16a137af2: Loading layer 8.955 MB/8.955 MB954443cb7d20: Loading layer 22.8 MB/22.8 MB302a998137db: Loading layer 3.072 kB/3.072 kBe342723aef9b: Loading layer 7.465 MB/7.465 MB4eeb61ed730b: Loading layer 30.26 MB/30.26 MBLoaded image: goharbor/harbor-registryctl:v1.7.15b40d957fafd: Loading layer 12.11 MB/12.11 MB63489681dd6c: Loading layer 17.3 MB/17.3 MB696209dcd336: Loading layer 11.26 kB/11.26 kB8dc53997aa1f: Loading layer 3.072 kB/3.072 kBcb6d560a9958: Loading layer 29.41 MB/29.41 MBLoaded image: goharbor/notary-signer-photon:v0.6.1-v1.7.1dc1e16790c89: Loading layer 8.96 MB/8.96 MB046c7e7a0100: Loading layer 35.08 MB/35.08 MB8c8428e3d6c6: Loading layer 2.048 kB/2.048 kBebb477ee35a2: Loading layer 3.072 kB/3.072 kB19636f39e29d: Loading layer 35.08 MB/35.08 MBLoaded image: goharbor/chartmuseum-photon:v0.7.1-v1.7.1[Step 2]: preparing environment ...Generated and saved secret to file: /data/secretkeyGenerated configuration file: ./common/config/nginx/nginx.confGenerated configuration file: ./common/config/adm×××erver/envGenerated configuration file: ./common/config/core/envGenerated configuration file: ./common/config/registry/config.ymlGenerated configuration file: ./common/config/db/envGenerated configuration file: ./common/config/jobservice/envGenerated configuration file: ./common/config/jobservice/config.ymlGenerated configuration file: ./common/config/log/logrotate.confGenerated configuration file: ./common/config/registryctl/envGenerated configuration file: ./common/config/core/app.confGenerated certificate, key file: ./common/config/core/private_key.pem, cert file : ./common/config/registry/root.crtCreating harbor-log ... donee.[Step 3]: checking existing ×××tance of Harbor ...Creating harbor-db ... doneCreating harbor-core ... done[Step 4]: starting Harbor ...Creating harbor-portal ... doneCreating nginx ... doneCreating registryctl ...Creating registry ...Creating harbor-adm×××erver ...Creating redis ...Creating harbor-db ...Creating harbor-core ...Creating harbor-jobservice ...Creating harbor-portal ...Creating nginx ...✔ ----Harbor has been ×××talled and started successfully.----Now you should be able to visit the admin portal at http://172.18.74.145.For more details, please visit https://github.com/goharbor/harbor .从上面可以看出Harbor是基于多个容器的服务
查看一下镜像,会发现多了好多,这些都是刚才安装Harbor的过程中拉取的镜像
[root@localhost harbor]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEgoharbor/chartmuseum-photon v0.7.1-v1.7.1 f61c186d5b1b 4 months ago 111 MBgoharbor/harbor-migrator v1.7.1 9ec6467899b6 4 months ago 799 MBgoharbor/redis-photon v1.7.1 c7aa92fb1c26 4 months ago 96.3 MBgoharbor/clair-photon v2.0.7-v1.7.1 832461eef7dd 4 months ago 165 MBgoharbor/notary-server-photon v0.6.1-v1.7.1 382cd390eaff 4 months ago 102 MBgoharbor/notary-signer-photon v0.6.1-v1.7.1 76486e1aa1a2 4 months ago 99.6 MBgoharbor/harbor-registryctl v1.7.1 aefea98e6f92 4 months ago 101 MBgoharbor/registry-photon v2.6.2-v1.7.1 13b348ffd0c9 4 months ago 86.4 MBgoharbor/nginx-photon v1.7.1 9b9520572494 4 months ago 35.5 MBgoharbor/harbor-log v1.7.1 0744800d7a4c 4 months ago 81 MBgoharbor/harbor-jobservice v1.7.1 db96ce6ed531 4 months ago 83.8 MBgoharbor/harbor-core v1.7.1 8f253c0f9d50 4 months ago 95.2 MBgoharbor/harbor-portal v1.7.1 b50162ab177a 4 months ago 40.2 MBgoharbor/harbor-adm×××erver v1.7.1 22d66cccedba 4 months ago 72 MBgoharbor/harbor-db v1.7.1 c2a95254c0bf 4 months 至此Harbor的安装就完成了,访问ip直接就可以看到harbor的登陆页面,Harbor的默认登录名是admin,密码是Harbor123456,可以登陆进去修改密码。
三、管理
登陆到harbor
[root@localhost harbor]# docker login 172.18.74.145Username: adminPassword:Login Succeeded拉取alpine镜像
[root@localhost harbor]# docker pull alpine[root@localhost harbor]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZEdocker.io/alpine latest cdf98d1859c1 4 weeks ago 5.53 MB给镜像打标签,注意打标签的格式为 镜像仓库名称/项目名/镜像名:版本号,
[root@localhost harbor]# docker tag docker.io/alpine:latest 172.18.74.145/library/alpine:latest[root@localhost harbor]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE172.18.74.145/library/alpine latest cdf98d1859c1 4 weeks ago 5.53 MBdocker.io/alpine latest cdf98d1859c1 4 weeks ago 5.53 MB将镜像推送至harbor
[root@localhost harbor]# docker push 172.18.74.145/library/alpine:latest
The push refers to a repository [172.18.74.145/library/alpine]
a464c54f93a9: Pushed
latest: digest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 size: 528
查看
在默认的library项目里有我们刚才上传的镜像,下载数为0,我们pull一下看看下载数的变化
[root@localhost harbor]# docker pull 172.18.74.145/library/alpineUsing default tag: latestTrying to pull repository 172.18.74.145/library/alpine ...latest: Pulling from 172.18.74.145/library/alpineDigest: sha256:5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907Status: Image is up to date for 172.18.74.145/library/alpine:latest
下载数+1
停止Harbor
此命令会把所以harbor容器删除,但不会删除镜像
[root@localhost harbor]# docker-compose down -vStopping nginx ... doneStopping harbor-portal ... doneStopping harbor-jobservice ... doneStopping harbor-core ... doneStopping redis ... doneStopping harbor-db ... doneStopping registry ... doneStopping harbor-adm×××erver ... doneStopping registryctl ... doneStopping harbor-log ... doneRemoving nginx ... doneRemoving harbor-portal ... doneRemoving harbor-jobservice ... doneRemoving harbor-core ... doneRemoving redis ... doneRemoving harbor-db ... doneRemoving registry ... doneRemoving harbor-adm×××erver ... doneRemoving registryctl ... doneRemoving harbor-log ... doneRemoving network harbor_harbor可以看到所有的容器都停止并删除了,而镜像还存在。
[root@ocalhost harbor]# docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES[root@localhost harbor]# docker imagesREPOSITORY TAG IMAGE ID CREATED SIZE172.18.74.145/library/alpine latest cdf98d1859c1 4 weeks ago 5.53 MBdocker.io/alpine latest cdf98d1859c1 4 weeks ago 5.53 MBgoharbor/chartmuseum-photon v0.7.1-v1.7.1 f61c186d5b1b 4 months ago 111 MBgoharbor/harbor-migrator v1.7.1 9ec6467899b6 4 months ago 799 MBgoharbor/redis-photon v1.7.1 c7aa92fb1c26 4 months ago 96.3 MBgoharbor/clair-photon v2.0.7-v1.7.1 832461eef7dd 4 months ago 165 MBgoharbor/notary-server-photon v0.6.1-v1.7.1 382cd390eaff 4 months ago 102 MBgoharbor/notary-signer-photon v0.6.1-v1.7.1 76486e1aa1a2 4 months ago 99.6 MBgoharbor/harbor-registryctl v1.7.1 aefea98e6f92 4 months ago 101 MBgoharbor/registry-photon v2.6.2-v1.7.1 13b348ffd0c9 4 months ago 86.4 MBgoharbor/nginx-photon v1.7.1 9b9520572494 4 months ago 35.5 MBgoharbor/harbor-log v1.7.1 0744800d7a4c 4 months ago 81 MBgoharbor/harbor-jobservice v1.7.1 db96ce6ed531 4 months ago 83.8 MBgoharbor/harbor-core v1.7.1 8f253c0f9d50 4 months ago 95.2 MBgoharbor/harbor-portal v1.7.1 b50162ab177a 4 months ago 40.2 MBgoharbor/harbor-adm×××erver v1.7.1 22d66cccedba 4 months ago 72 MBgoharbor/harbor-db v1.7.1 c2a95254c0bf 4 months ago 133 MB自定义配置Harbor监听端口
[root@localhost harbor]# cd /home/harbor[root@localhost harbor]# vim docker-compose.yml proxy: image: goharbor/nginx-photon:v1.7.1 container_name: nginx restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE volumes: - ./common/config/nginx:/etc/nginx:z networks: - harbor dns_search: . ports: - 8888:80 //这里可以把映射到本地的端口改为8888 - 443:443 - 4443:4443 depends_on: - postgresql - registry - core - portal - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "proxy"要更改Harbor的配置,要停止现有的Harbor实例并更新harbor.cfg,使用prepare命令重新加载配置
vim harbor.cfghostname=172.18.74.145:8888./prepare开启Harbor
[root@localhost harbor]# docker-compose up -dCreating harbor-portal ... doneCreating nginx ... doneCreating redis ...Creating harbor-adm×××erver ...Creating registry ...Creating registryctl ...Creating harbor-db ...Creating harbor-core ...Creating harbor-portal ...Creating harbor-jobservice ...Creating nginx ...可以看到harbor容器又都启动了
[root@localhost harbor]# docker psCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESe913e767568e goharbor/nginx-photon:v1.7.1 "nginx -g 'daemon ..." 10 seconds ago Up 7 seconds (health: starting) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx8b1c95d68041 goharbor/harbor-jobservice:v1.7.1 "/harbor/start.sh" 12 seconds ago Up 9 seconds harbor-jobservice39f48c79e914 goharbor/harbor-portal:v1.7.1 "nginx -g 'daemon ..." 12 seconds ago Up 9 seconds (health: starting) 80/tcp harbor-portalc0735c7ecad8 goharbor/harbor-core:v1.7.1 "/harbor/start.sh" 13 seconds ago Up 11 seconds (health: starting) harbor-corefd0830a7e6f9 goharbor/harbor-db:v1.7.1 "/entrypoint.sh po..." 16 seconds ago Up 12 seconds (health: starting) 5432/tcp harbor-dbab7efc2bee1b goharbor/harbor-registryctl:v1.7.1 "/harbor/start.sh" 16 seconds ago Up 12 seconds (health: starting) registryctl01623abd77c2 goharbor/registry-photon:v2.6.2-v1.7.1 "/entrypoint.sh /e..." 16 seconds ago Up 12 seconds (health: starting) 5000/tcp registry9ccbf668088b goharbor/harbor-adm×××erver:v1.7.1 "/harbor/start.sh" 16 seconds ago Up 12 seconds (health: starting) harbor-adm×××erverd35fbc13ca00 goharbor/redis-photon:v1.7.1 "docker-entrypoint..." 16 seconds ago Up 14 seconds 6379/tcp redis1933f2a457c4 goharbor/harbor-log:v1.7.1 "/bin/sh -c /usr/l..." 17 seconds ago Up 15 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log浏览器访问ip:8888
默认情况下,注册表数据保留在主机的/data/目录中,即使Harbor的容器被移除和/或重新创建,此数据仍保持不变。
[root@localhost ~]# cd /data/[root@localhost data]# lsca_download config database job_logs psc redis registry secretkey[root@localhost data]# cd registry/[root@localhost registry]# tree.└── docker └── registry └── v2 ├── blobs │ └── sha256 │ ├── 5c │ │ └── 5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 │ │ └── data │ ├── bd │ │ └── bdf0201b3a056acc4d6062cc88cd8a4ad5979983bfb640f15a145e09ed985f92 │ │ └── data │ └── cd │ └── cdf98d1859c1beb33ec70507249d34bacf888d59c24df3204057f9a6c758dddb │ └── data └── repositories └── library └── alpine ├── _layers │ └── sha256 │ ├── bdf0201b3a056acc4d6062cc88cd8a4ad5979983bfb640f15a145e09ed985f92 │ │ └── link │ └── cdf98d1859c1beb33ec70507249d34bacf888d59c24df3204057f9a6c758dddb │ └── link ├── _manifests │ ├── revisions │ │ └── sha256 │ │ └── 5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 │ │ └── link │ └── tags │ └── latest │ ├── current │ │ └── link │ └── index │ └── sha256 │ └── 5c40b3c27b9f13c873fefb2139765c56ce97fd50230f1f2d5c91e55dec171907 │ └── link └── _uploads29 directories, 8 files此外,Harbor使用rsyslog来收集每个容器中的日志,默认情况下,这些日志文件存储在主机的/var/log/harbor/下
可根据这些日志文件进行故障排除
[root@localhost registry]# cd /var/log/harbor/[root@localhost harbor]# lsadm×××erver.log core.log jobservice.log portal.log postgresql.log proxy.log redis.log registryctl.log registry.log以上就是有关docker harbor的安装及管理的介绍,详细使用情况还得要大家自己使用过才能知道具体要领。如果想了解更多相关内容,欢迎关注行业资讯频道!
镜像
容器
配置
有关
主机
软件
管理
最小
情况
文件
日志
版本
登陆
仓库
命令
地址
多个
密码
数据
标签
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
阿拉德之怒一件活跃服务器搭建
服务器空间比较小
传奇服务器版本
opc服务器开发与应用
前端分布多服务器
北京服务器机柜生产商
网络安全技术最好的学校
t440服务器开机密码忘记了
东城二手服务器回收报价单
git服务器提交文件在哪里
u852配置数据库
肖刚网络安全
服务器机柜企业的耗电比规定
门头沟区综合软件开发口碑推荐
公安网的网络安全概述
php数据库修改数据
滨州游戏软件开发解决方案
手机上的企业级服务器
怎么实时同步两个盘数据库
安全的内网ftp服务器租用
车联网网络安全成果发布会
服务器安装域名
芜湖金融软件开发
网络安全法 英文
网络安全证书有哪几个
位于digest的服务器
五区同开需要多大服务器
网络安全法如何实施
怎么定位数据库写通道是否被占用
软件开发费包括什么内容
