Harbor
- 1. Harbor简介
-
- 1.1 Harbor的功能
- 1.2 Docker Compose(安排工具)
- 2. Harbor部署
- 3. Harbor常用操作
-
- 3.1 Harbor上传镜像
- 3.2 Harbor下载镜像
- 3.3 Harbor用户管理
- 3.4 Harbor设置启动自启动
- 4. Docker Compose语法
-
- 4.1 docker compose介绍
- 4.2 docker compose 常见的命令和配置
- 4.3 docker-compose.yml 属性
无论是使用Docker-distribution去自建仓库,或者通过官方镜像运行容器建仓库,通过前面的演示,我们可以发现它非常简单,最好直接使用官方的Docker Hub管理镜像很方便,至少是官方的Docker Hub能够通过web界面可以管理镜像web接口执行搜索,还能基于Dockerfile利用Webhooks和Automated Builds用户不需要在本地实自动构建镜像的功能docker build,而是把所有build上下文件作为仓库推送github上,让Docker Hub可以从github上去pull完成自动构建的文件。
但不管是官方的Docker Hub它有多强大,毕竟是在国外,所以速度是最大的瓶颈,我们经常不可能考虑使用官方仓库,但上述两种自建仓库非常简单,管理不便,所以后来出现了 CNCF 组织青睐的项目叫做Harbor。
1. Harbor简介
Harbor是由VMWare在Docker Registry在二次包装的基础上,添加了许多额外的程序,并提供了一个非常漂亮的web界面。
项目Harbor云原生仓库项目是一个开源可靠的仓库项目,用于存储、登录(用户管理)和搜索镜像。 Harbor扩大开源Docker Distribution添加用户通常需要的功能,如安全、认证和管理。 Harbor支持用户管理、访问控制、活动监控、主从复制等高级特征。
1.1 Harbor的功能
- 登录和验证用户
- 安全性和漏洞分析
- 日志审计
- 基于角色的身份验证和访问控制
- 镜像实例的主从复制(高可用性)
- 可扩展API和图形UI
- 支持语言(目前支持英语和汉语)
1.2 Docker Compose(编排工具)
Harbor很难在物理机上部署,以简化Harbor的应用,Harbor官方直接把Harbor它被制成在容器中运行的应用程序,这个容器在Harbor中依赖类似redis、mysql、pgsql等待许多存储系统,所以它需要安排许多容器一起工作VMWare Harbor在部署和使用时,需要借助于Docker单机编排工具(Docker compose)来实现。
Compose用于定义和操作多容器Docker应用程序工具。Compose,您可以使用YAML配置应用程序服务的文件。然后,您可以通过命令在配置中创建和启动所有服务。
Docker compose官方文档: https://github.com/goharbor/harbor
2. Harbor部署
Harbor官方文档:https://github.com/goharbor/harbor
//部署docker [root@localhost ~]# cat /etc/redhat-release CentOS Stream release 8 [root@localhost ~]# cd /etc/yum.repos.d/ [root@localhost yum.repos.d]# ls CentOS-Base.repo epel-next.repo epel-playground.repo epel-testing-modular.repo epel-modular.repo epel-next-testing.repo epel.repo epel-testing.repo [root@localhost yum.repos.d]# curl -o docker-ce.repo https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/docker-ce.repo % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 1919 100 1919 0 0 2508 0 --:--:-- --:--:-- --:--:-- 2508 [root@localhost yum.repos.d]# sed -i 's@https://download.docker.com@https://mirrors.tuna.tsinghua.edu.cn/docker-ce@g' docker-ce.repo [root@localhost yum.repos.d]# ls CentOS-Base.repo epel-modular.repo epel-next-testing.repo epel.repo epel-testing.repo docker-ce.repo epel-next.repo epel-playground.repo epel-testing-modular.repo [root@localhost yum.repos.d]# yum -y install docker-ce //配置加速器 [root@localhost ~]# mkdir -p /etc/docker [root@localhost ~]# cat > /etc/docker/daemon.json <<EOF > {
> "registry-mirrors": ["https://faq69nhk.mirror.aliyuncs.com"] > } > EOF [root@localhost ~]# cat /etc/docker/daemon.json {
"registry-mirrors": ["https://faq69nhk.mirror.aliyuncs.com"] } [root@localhost ~]# [root@localhost ~]# systemctl enable --now docker.service Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service. //查看加速器 [root@localhost ~]# docker info Client: Context: default Debug Mode: false Plugins: app: Docker App (Docker Inc., v0.9.1-beta3) buildx: Docker Buildx (Docker Inc., v0.7.1-docker) scan: Docker Scan (Docker Inc., v0.12.0) Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 0 Server Version: 20.10.12 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc Default Runtime: runc Init Binary: docker-init containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d runc version: v1.0.2-0-g52b36a2 init version: de40ad0 Security Options: seccomp Profile: default Kernel Version: 4.18.0-257.el8.x86_64 Operating System: CentOS Stream 8 OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 3.622GiB Name: localhost.localdomain ID: 5ZQ7:NQQU:I657:PIRH:WW54:3V63:K5ST:IHPN:2U6T:MTXO:AY75:SXVS Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Registry Mirrors: https://faq69nhk.mirror.aliyuncs.com/ //加速器配置成功 Live Restore Enabled: false [root@localhost ~]# //运行此命令以下载Docker Compose的当前稳定版本
[root@localhost ~]# curl -L --fail https://github.com/docker/compose/releases/download/1.29.2/run.sh -o /usr/local/bin/docker-compose
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 643 100 643 0 0 741 0 --:--:-- --:--:-- --:--:-- 740
100 2585 100 2585 0 0 780 0 0:00:03 0:00:03 --:--:-- 0
[root@localhost ~]# ll /usr/local/bin/
总用量 4
-rw-r--r-- 1 root root 2585 12月 16 13:54 docker-compose
[root@localhost ~]# chmod +x /usr/local/bin/docker-compose
[root@localhost ~]# ll /usr/local/bin/
总用量 4
-rwxr-xr-x 1 root root 2585 12月 16 13:54 docker-compose
[root@localhost ~]# which docker-compose
/usr/local/bin/docker-compose
[root@localhost ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
[root@localhost ~]#
[root@localhost ~]# docker-compose --version
docker-compose version 1.29.2, build 5becea4
[root@localhost ~]#
//下载harbor安装包,并解压
[root@localhost ~]# cd /usr/src/
[root@localhost src]# wget https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-offline-installer-v2.3.5.tgz
harbor-offline-installer-v 100%[=======================================>] 577.19M 1.02MB/s 用时 6m 14s
2021-12-16 14:09:02 (1.54 MB/s) - 已保存 “harbor-offline-installer-v2.3.5.tgz” [605228707/605228707])
[root@localhost src]# ls
debug harbor-offline-installer-v2.3.5.tgz kernels
[root@localhost src]# tar xf harbor-offline-installer-v2.3.5.tgz -C /usr/local/
[root@localhost src]# ls /usr/local/
bin etc games harbor include lib lib64 libexec sbin share src
[root@localhost src]#
//修改配置文件
[root@localhost src]# cd /usr/local/harbor/
[root@localhost harbor]# ls
common.sh harbor.v2.3.5.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
[root@localhost harbor]# cp harbor.yml.tmpl harbor.yml
[root@localhost harbor]# ls
common.sh harbor.v2.3.5.tar.gz harbor.yml harbor.yml.tmpl install.sh LICENSE prepare
[root@localhost harbor]# hostnamectl set-hostname registry.example.com
[root@localhost harbor]# bash
[root@registry harbor]# hostname
registry.example.com
//添加域名解析
[root@registry harbor]# vim /etc/hosts
[root@registry harbor]# sed -n '3p' /etc/hosts
192.168.8.120 registry.example.com
[root@registry harbor]# ping registry.example.com
PING registry.example.com (192.168.8.120) 56(84) bytes of data.
64 bytes from registry.example.com (192.168.8.120): icmp_seq=1 ttl=64 time=0.027 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=2 ttl=64 time=0.025 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=3 ttl=64 time=0.026 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=4 ttl=64 time=0.073 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=5 ttl=64 time=0.024 ms
^C
--- registry.example.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4089ms
rtt min/avg/max/mdev = 0.024/0.035/0.073/0.019 ms
[root@registry harbor]#
[root@registry harbor]# vim harbor.yml
//更改主机名
[root@registry harbor]# sed -n '5p' harbor.yml
hostname: registry.example.com
//给https内容加上注释
[root@registry harbor]# sed -n '13,18p' harbor.yml
#https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/path
[root@registry harbor]#
//harbor.yml配置文件详解
[root@localhost harbor]# vim harbor.yml
....... 此处省略多行
5 hostname: registry.example.com
.......此处省略多行
// 这里因为我们没有证书所以把它注释掉,如果你有证书,把证书的位置写上去就可以了
13 #https:
14 # https port for harbor, default is 443
15 # port: 443
16 # The path of cert and key files for nginx
17 # certificate: /your/certificate/path
18 # private_key: /your/private/key/path
........此处省略多行
34 harbor_admin_password: Harbor12345 // 管理员的密码,这个是登录harbor网页的密码
35
36 # Harbor DB configuration
37 database: // 数据库
38 # The password for the root user of Harbor DB. Change this bef ore any production use.
39 password: root123 // 数据库密码
40 # The maximum number of connections in the idle connection poo l. If it <=0, no idle connections are retained.
41 max_idle_conns: 100 // 最大的空闲连接数100个
42 # The maximum number of open connections to the database. If i t <= 0, then there is no limit on the number of open connections .
43 # Note: the default number of connections is 1024 for postgres of harbor.
44 max_open_conns: 900 // 最大的打开连接数是900个
45
46 # The default data volume
47 data_volume: /data // 数据存放位置;如果说是自己搭建仓库的话,就要放到一个共享存储的挂载点上去
........此处省略多行
118 rotate_size: 200M // 日志滚动,当日志超过200M就滚动一次,一个日志文件最多200M
.........此处省略多行
//执行install安装
[root@registry harbor]# ls
common.sh harbor.v2.3.5.tar.gz harbor.yml harbor.yml.tmpl install.sh LICENSE prepare
[root@registry harbor]# ./install.sh
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.12
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.29.2
[Step 2]: loading Harbor images ...
1e3f0dc884e2: Loading layer 39.45MB/39.45MB
8b0c54c9b24d: Loading layer 5.27MB/5.27MB
16fd3250cc89: Loading layer 6.219MB/6.219MB
8305a4ff482f: Loading layer 15.88MB/15.88MB
f56299486b92: Loading layer 29.29MB/29.29MB
e94faa0e0434: Loading layer 22.02kB/22.02kB
3795db0164b1: Loading layer 15.88MB/15.88MB
Loaded image: goharbor/notary-server-photon:v2.3.5
93bb3a91e25c: Loading layer 7.662MB/7.662MB
3691a58d5ac4: Loading layer 4.096kB/4.096kB
58d80447c5c1: Loading layer 3.072kB/3.072kB
a18f17bf310a: Loading layer 31.52MB/31.52MB
b8bde3306c8b: Loading layer 11.39MB/11.39MB
d771094af926: Loading layer 43.7MB/43.7MB
Loaded image: goharbor/trivy-adapter-photon:v2.3.5
9b3feb1ef69e: Loading layer 124MB/124MB
6338ca24efb3: Loading layer 3.584kB/3.584kB
9318b22b0102: Loading layer 3.072kB/3.072kB
0bbac171b9e5: Loading layer 2.56kB/2.56kB
0fa71f4b709a: Loading layer 3.072kB/3.072kB
f23f5c9e1831: Loading layer 3.584kB/3.584kB
b3c7c34389f5: Loading layer 19.97kB/19.97kB
Loaded image: goharbor/harbor-log:v2.3.5
e06e4f72fb8f: Loading layer 5.275MB/5.275MB
d03845f04c74: Loading layer 4.096kB/4.096kB
be0bd2b9db17: Loading layer 19.02MB/19.02MB
fb5e3e9074a1: Loading layer 3.072kB/3.072kB
955a593cbe18: Loading layer 25.43MB/25.43MB
3a7d5203f96b: Loading layer 45.24MB/45.24MB
Loaded image: goharbor/harbor-registryctl:v2.3.5
ca5e367bdef3: Loading layer 119.8MB/119.8MB
22905d9b29e8: Loading layer 3.072kB/3.072kB
9cded220b73f: Loading layer 59.9kB/59.9kB
8dca3b9d4cc2: Loading layer 61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.3.5
03fdbefd0fc5: Loading layer 7.192MB/7.192MB
Loaded image: goharbor/nginx-photon:v2.3.5
8ee92d8c2377: Loading layer 164.1MB/164.1MB
183d91623fe7: Loading layer 57.03MB/57.03MB
a3a8b96ea5f6: Loading layer 2.56kB/2.56kB
50c84fd5845f: Loading layer 1.536kB/1.536kB
39098ca51b6b: Loading layer 12.29kB/12.29kB
f711c7d1f52a: Loading layer 2.885MB/2.885MB
8fc78ea6ff29: Loading layer 297.5kB/297.5kB
Loaded image: goharbor/prepare:v2.3.5
58a093b52ddc: Loading layer 8.422MB/8.422MB
336bb4823fc0: Loading layer 17.71MB/17.71MB
1e5e7842a0f4: Loading layer 4.608kB/4.608kB
34b6b3ff66a1: Loading layer 18.5MB/18.5MB
Loaded image: goharbor/harbor-exporter:v2.3.5
73c08cb7adb5: Loading layer 5.27MB/5.27MB
b574345a6d0e: Loading layer 6.219MB/6.219MB
c0fcff149e22: Loading layer 14.47MB/14.47MB
479d65fd45dc: Loading layer 29.29MB/29.29MB
61641cf74805: Loading layer 22.02kB/22.02kB
185d01678e89: Loading layer 14.47MB/14.47MB
Loaded image: goharbor/notary-signer-photon:v2.3.5
3b8153296956: Loading layer 1.096MB/1.096MB
c2ae7aee974c: Loading layer 5.888MB/5.888MB
d6ba5f1a7ebf: Loading layer 165.9MB/165.9MB
a2edecebbf92: Loading layer 14.61MB/14.61MB
c57207089df5: Loading layer 4.096kB/4.096kB
21a3acfd3874: Loading layer 6.144kB/6.144kB
518da279fb2d: Loading layer 3.072kB/3.072kB
978412ff7494: Loading layer 2.048kB/2.048kB
0f0a6ea6cdae: Loading layer 2.56kB/2.56kB
7424b2959f82: Loading layer 2.56kB/2.56kB
40b751e1a2c8: Loading layer 2.56kB/2.56kB
f2e2f66f9757: Loading layer 8.704kB/8.704kB
Loaded image: goharbor/harbor-db:v2.3.5
49f87ce189a4: Loading layer 5.275MB/5.275MB
a2858c001db5: Loading layer 4.096kB/4.096kB
a628f5f6b82c: Loading layer 3.072kB/3.072kB
72f45d15f130: Loading layer 19.02MB/19.02MB
e78a7cef89dd: Loading layer 19.81MB/19.81MB
Loaded image: goharbor/registry-photon:v2.3.5
84d8cb5ac5cc: Loading layer 7.192MB/7.192MB
bf8ce1a08e2b: Loading layer 11.64MB/11.64MB
6c00288dd4f8: Loading layer 1.688MB/1.688MB
Loaded image: goharbor/harbor-portal:v2.3.5
e3ae08464c70: Loading layer 8.422MB/8.422MB
34c2a596f8dc: Loading layer 3.584kB/3.584kB
4300d7c1cf56: Loading layer 2.56kB/2.56kB
e438ebb2905c: Loading layer 73.36MB/73.36MB
e8e2dec1dcfd: Loading layer 5.632kB/5.632kB
ab9bc328747a: Loading layer 94.72kB/94.72kB
42a10a03fc37: Loading layer 11.78kB/11.78kB
2a24cf397a3b: Loading layer 74.26MB/74.26MB
0a29dd8a6dd7: Loading layer 2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.3.5
2085062444ba: Loading layer 8.421MB/8.421MB
074a141f2eb8: Loading layer 3.584kB/3.584kB
619372fe427d: Loading layer 2.56kB/2.56kB
56f030df4ead: Loading layer 82.48MB/82.48MB
03ae1f3be42b: Loading layer 83.27MB/83.27MB
Loaded image: goharbor/harbor-jobservice:v2.3.5
c27f88854b95: Loading layer 5.275MB/5.275MB
e02d5979c759: Loading layer 67.47MB/67.47MB
b54f9e3cbe4d: Loading layer 3.072kB/3.072kB
126187a08c56: Loading layer 4.096kB/4.096kB
2dc10a66bbb3: Loading layer 68.26MB/68.26MB
Loaded image: goharbor/chartmuseum-photon:v2.3.5
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /usr/local/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating harbor-portal ... done
Creating harbor-db ... done
Creating registry ... done
Creating registryctl ... done
Creating harbor-core ... done
Creating nginx ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----
[root@registry harbor]#
//查看容器,端口
[root@registry harbor]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
df29977158d1 goharbor/harbor-jobservice:v2.3.5 "/harbor/entrypoint.…" 32 seconds ago Up 31 seconds (healthy) harbor-jobservice
e6ff63286f32 goharbor/nginx-photon:v2.3.5 "nginx -g 'daemon of…" 32 seconds ago Up 31 seconds (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
baf0d4497158 goharbor/harbor-core:v2.3.5 "/harbor/entrypoint.…" 33 seconds ago Up 32 seconds (healthy) harbor-core
09b3ea963bbd goharbor/harbor-registryctl:v2.3.5 "/home/harbor/start.…" 43 seconds ago Up 32 seconds (healthy) registryctl
d86da18963ca goharbor/registry-photon:v2.3.5 "/home/harbor/entryp…" 43 seconds ago Up 32 seconds (healthy) registry
a8d799006969 goharbor/harbor-db:v2.3.5 "/docker-entrypoint.…" 43 seconds ago Up 32 seconds (healthy) harbor-db
e2192342dd62 goharbor/harbor-portal:v2.3.5 "nginx -g 'daemon of…" 43 seconds ago Up 39 seconds (healthy) harbor-portal
910c7891e990 goharbor/redis-photon:v2.3.5 "redis-server /etc/r…" 43 seconds ago Up 39 seconds (healthy) redis
96596057a416 goharbor/harbor-log:v2.3.5 "/bin/sh -c /usr/loc…" 45 seconds ago Up 43 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log
[root@registry harbor]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 127.0.0.1:1514 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::]:80 [::]:*
[root@registry harbor]#
3. Harbor常用操作
//需要准备第二台虚拟机,下载docker,配置仓库地址
[root@localhost ~]# vim /etc/docker/daemon.json
[root@localhost ~]# cat /etc/docker/daemon.json
{
"insecure-registries": ["registry.example.com"]
}
[root@localhost ~]# systemctl restart docker
//配置域名解析
[root@localhost ~]# vim /etc/hosts
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.8.120 registry.example.com
[root@localhost ~]# ping registry.example.com
PING registry.example.com (192.168.8.120) 56(84) bytes of data.
64 bytes from registry.example.com (192.168.8.120): icmp_seq=1 ttl=64 time=45.1 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=2 ttl=64 time=0.429 ms
64 bytes from registry.example.com (192.168.8.120): icmp_seq=3 ttl=64 time=1.34 ms
^C
--- registry.example.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 28ms
rtt min/avg/max/mdev = 0.429/15.627/45.113/20.853 ms
3.1 Harbor上传镜像
//登录Harbor仓库
//docker logout退出
[root@localhost ~]# docker login registry.example.com
Username: admin
Password: Harbor12345
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost ~]#
//拉取一个镜像
[root@localhost ~]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
3cb635b06aa2: Pull complete
Digest: sha256:b5cfd4befc119a590ca1a81d6bb0fa1fb19f1fbebd0397f25fae164abe1e8a6a
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
haproxy v1.0 bc383740a37a 3 days ago 85.1MB
busybox latest ffe9d497c324 8 days ago 1.24MB
nginx latest f652ca386ed1 13 days ago 141MB
httpd latest ea28e1b82f31 13 days ago 143MB
alpine latest c059bfaa849c 3 weeks ago 5.59MB
//更改镜像名称
[root@localhost ~]# docker tag busybox:latest registry.example.com/library/busybox:v0.1
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
haproxy v1.0 bc383740a37a 3 days ago 85.1MB
busybox latest ffe9d497c324 8 days ago 1.24MB
registry.example.com/library/busybox v0.1 ffe9d497c324 8 days ago 1.24MB
nginx latest f652ca386ed1 13 days ago 141MB
httpd latest ea28e1b82f31 13 days ago 143MB
alpine latest c059bfaa849c 3 weeks ago 5.59MB
[root@localhost ~]# docker push registry.example.com/library/busybox:v0.1
The push refers to repository [registry.example.com/library/busybox]
64cac9eaf0da: Pushed
v0.1: digest: sha256:50e44504ea4f19f141118a8a8868e6c5bb9856efa33f2183f5ccea7ac62aacc9 size: 527
[root@localhost ~]#
3.2 Harbor下载镜像
//删除镜像
[root@localhost ~]# docker rmi registry.example.com/library/busybox:v0.1
Untagged: registry.example.com/library/busybox:v0.1
Untagged: registry.example.com/library/busybox@sha256:50e44504ea4f19f141118a8a8868e6c5bb9856efa33f2183f5ccea7ac62aacc9
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
haproxy v1.0 bc383740a37a 3 days ago 85.1MB
busybox latest ffe9d497c324 8 days ago 1.24MB
nginx latest f652ca386ed1 13 days ago 141MB
httpd latest ea28e1b82f31 13 days ago 143MB
alpine latest c059bfaa849c 3 weeks ago 5.59MB
//拉取镜像
[root@localhost ~]# docker pull registry.example.com/library/busybox:v0.1
v0.1: Pulling from library/busybox
Digest: sha256:50e44504ea4f19f141118a8a8868e6c5bb9856efa33f2183f5ccea7ac62aacc9
Status: Downloaded newer image for registry.example.com/library/busybox:v0.1
registry.example.com/library/busybox:v0.1
//查看镜像
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
haproxy v1.0 bc383740a37a 3 days ago 85.1MB
busybox latest ffe9d497c324 8 days ago 1.24MB
registry.example.com/library/busybox v0.1 ffe9d497c324 8 days ago 1.24MB
nginx latest f652ca386ed1 13 days ago 141MB
httpd latest ea28e1b82f31 13 days ago 143MB
alpine latest c059bfaa849c 3 weeks ago 5.59MB
[root@localhost ~]#
3.3 Harbor用户管理
创建个新用户 给用 户设置权限 使用tom用户登录 tom用户只有访问的权限
3.4 Harbor设置开机自启
//编写一个开机自启脚本
[root@registry harbor]# vim harbor.sh
[root@registry harbor]# cat harbor.sh
#!/bin/bash
cd /usr/local/harbor
docker-compose start
[root@registry harbor]# chmod +x harbor.sh
[root@registry harbor]#
//将脚本添加到/etc/rc.local 配置文件中
[root@registry harbor]# vim /etc/rc.local
[root@registry harbor]# sed -n '2p' /etc/rc.local
/bin/bash /usr/local/harbor/harbor.sh
[root@registry ~]# chmod +x /etc/rc.local
[root@registry ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
df29977158d1 goharbor/harbor-jobservice:v2.3.5 "/harbor/entrypoint.…" 36 minutes ago Up 36 minutes (healthy) harbor-jobservice
e6ff63286f32 goharbor/nginx-photon:v2.3.5 "nginx -g 'daemon of…" 36 minutes ago Up 36 minutes (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
baf0d4497158 goharbor/harbor-core:v2.3.5 "/harbor/entrypoint.…" 36 minutes ago Up 36 minutes (healthy) harbor-core
09b3ea963bbd goharbor/harbor-registryctl:v2.3.5 "/home/harbor/start.…" 36 minutes ago Up 36 minutes (healthy) registryctl
d86da18963ca goharbor/registry-photon:v2.3.5 "/home/harbor/entryp…" 36 minutes ago Up 36 minutes (healthy) registry
a8d799006969 goharbor/harbor-db:v2.3.5 "/docker-entrypoint.…" 36 minutes ago Up 36 minutes (healthy) harbor-db
e2192342dd62 goharbor/harbor-portal:v2.3.5 "nginx -g 'daemon of…" 36 minutes ago Up 36 minutes (healthy) harbor-portal
910c7891e990 goharbor/redis-photon:v2.3.5 "redis-server /etc/r…" 36 minutes ago Up 36 minutes (healthy) redis
96596057a416 goharbor/harbor-log:v2.3.5 "/bin/sh -c /usr/loc…" 36 minutes ago Up 36 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log
//模拟重启
[root@registry ~]# reboot
//查看容器,端口
[root@registry ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
df29977158d1 goharbor/harbor-jobservice:v2.3.5 "/harbor/entrypoint.…" 40 minutes ago Up 25 seconds (health: starting) harbor-jobservice
e6ff63286f32 goharbor/nginx-photon:v2.3.5 "nginx -g 'daemon of…" 40 minutes ago Up 25 seconds (health: starting) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
baf0d4497158 goharbor/harbor-core:v2.3.5 "/harbor/entrypoint.…" 40 minutes ago Up 25 seconds (health: starting) harbor-core
09b3ea963bbd goharbor/harbor-registryctl:v2.3.5 "/home/harbor/start.…" 40 minutes ago Up 25 seconds (health: starting) registryctl
d86da18963ca goharbor/registry-photon:v2.3.5 "/home/harbor/entryp…" 40 minutes ago Up 25 seconds (health: starting) registry
a8d799006969 goharbor/harbor-db:v2.3.5 "/docker-entrypoint.…" 40 minutes ago Up 25 seconds (health: starting) harbor-db
e2192342dd62 goharbor/harbor-portal:v2.3.5 "nginx -g 'daemon of…" 40 minutes ago Up 25 seconds (health: starting) harbor-portal
910c7891e99