前言:
試了試網上的案例,還是有坑,決定自己記錄一下, 環境,阿里雲輕量服務器,centos7.
步驟一:
安裝docker
[root@localhost]# yum install docker
yum添加源
[ root@localhost]# yum -y install epel-release
安裝python-pip
[root@localhost]# yum -y install python-pip
安裝docker-compose
[root@localhost]# pip install -U docker-compose
[root@localhost ~]# docker-compose -v
docker-compose version 1.21.2, build a133471
************************************************************************
ubantu
安裝docker: https://github.com/liuyi01/kubernetes-starter/blob/master/docs/1-pre.md
sudo aptitude -y install python-pip
sudo pip install docker-compose
sudo docker-compose version
步驟二:
下載harbor
wget https://github.com/vmware/harbor/releases/download/v1.2.2/harbor-offline-installer-v1.2.2
解壓縮後,cd 到其目錄下:
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# ll
total 527672
drwxr-xr-x 4 root root 4096 Oct 10 11:38 common
-rw-r--r-- 1 root root 1163 Oct 20 2017 docker-compose.clair.yml
-rw-r--r-- 1 root root 1988 Oct 20 2017 docker-compose.notary.yml
-rw-r--r-- 1 root root 3220 Oct 10 12:46 docker-compose.yml
-rw-r--r-- 1 root root 4304 Oct 20 2017 harbor_1_1_0_template
-rw-r--r-- 1 root root 4340 Oct 10 12:45 harbor.cfg
-rw-r--r-- 1 root root 539885476 Oct 20 2017 harbor.v1.2.2.tar.gz
-rwxr-xr-x 1 root root 5332 Oct 20 2017 install.sh
-rw-r--r-- 1 root root 371640 Oct 20 2017 LICENSE
-rw-r--r-- 1 root root 482 Oct 20 2017 NOTICE
-rwxr-xr-x 1 root root 17592 Oct 20 2017 prepare
-rwxr-xr-x 1 root root 4550 Oct 20 2017 upgrade
修改harbor.cfg文件,該文件就是Harbor的配置文件。
## Configuration file of Harbor
# hostname設置訪問地址,可以使用ip、域名,不可以設置爲127.0.0.1或localhost,ip:端口
hostname = 172.16.1.146
修改docker-compose.yml配置文件,加入 ports 5000 端口,默認沒有配置該項
registry:
image: vmware/registry-photon:v2.6.2-v1.4.0
container_name: registry
restart: always
volumes:
- /data/registry:/storage:z
- ./common/config/registry/:/etc/registry/:z
networks:
- harbor
ports:
- 5000:5000
使用官方自帶腳本更新參數
$ ./prepare
執行./install.sh 自動進行安裝
$ ./install.sh
安裝完成後訪問172.16.1.146(上面配置hostname) 使用admin Harbor12345 進行登陸管理並創建demo-project公開項目
登陸後如下:
這個jenkins-alpine 是我在harbor web 頁面創建的 私有的 項目。
接下來我們從docker hub拉取一個jenkins 鏡像,tag 後,push 到我們的 Harbor 的 jenkins-alpine 項目中。
上面 jenkins-alpine 讀者自行創建。
docker 命令登陸 我們的harbor .
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# docker login 172.16.22.76:5000
Username:admin
Password:Harbor12345
Error response from daemon: Get https://172.16.22.76/v1/users/: dial tcp 172.16.22.76:443: getsockopt: connection refused
如果發生如上錯誤,是因爲 docker 默認都是https 訪問,而我們的harbor.cfg 配置的是 http 訪問,修改如下:
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# vi /etc/sysconfig/docker
## 追加參數 --insecure-registry 172.16.22.76:5000
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false --insecure-registry 172.16.22.76:5000'
******************************************Ubantu***************************
運行命令:echo '{ "insecure-registries":["xxx.xxx.xxx.xxx:5000"] }' > /etc/docker/daemon.json
其中xxx.xxx.xxx.xxx是你自己的私有庫的IP地址
或者:進入/etc/default目錄,找到docker文件,在其中添加如下代碼:
DOCKER_OPTS="--insecure-registry dl.dockerpool.com:5000(實際第三方鏡像庫的地址)"
之後重啓docker服務:sudo service docker restart
測試:
root@juggprd2:/agui# docker login 9.42.78.24:5000
Username: admin
Password:
Login Succeeded
root@juggprd2:/agui#
說明:我們在 docker-compose.yml 中的 registry 中添加了 5000 的 ports , 所以上面要加上5000端口,切記。
第二點,--insecure-registry 172.16.22.76:5000 如果配置的是 ip ,則 docker login 命令後面也是ip. 要是配置的是域名,則 docker login 命令後 也是域名,即使 域名解析的是該ip , 不同步用,會有新問題。
注意:修改完畢後重新啓動docker
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# systemctl daemon-reload
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# systemctl restart docker.service
繼續:
docker hub 拉取 jenkins 鏡像
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# docker pull jenkins:2.60.3-alpine
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/jenkins 2.60.3-alpine 2ad007d33253 11 months ago 223 MB
vmware/harbor-log v1.2.2 36ef78ae27df 11 months ago 200 MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 11 months ago 164 MB
vmware/harbor-ui v1.2.2 39efb472c253 11 months ago 178 MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 11 months ago 142 MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 11 months ago 329 MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 12 months ago 144 MB
vmware/registry 2.6.2-photon 5d9100e4350e 13 months ago 173 MB
vmware/postgresql 9.6.4-photon c562762cbd12 13 months ago 225 MB
vmware/clair v2.0.1-photon f04966b4af6c 15 months ago 297 MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 18 months ago 324 MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 18 months ago 156 MB
vmware/notary-photon server-0.5.0 6e2646682e3c 18 months ago 157 MB
photon 1.0 e6e4e4a2ba1b 2 years ago 128 MB
生成可push 的 tag, docker.io/jenkins:2.60.3-alpine 這項爲基礎鏡像信息,
172.16.22.76:5000/jenkins-alpine/jenkins-alpine:2.60.3-alpine 這些是 harbor registry 配置的 ip:port, jenkins-alpine 是harbor頁面創建的項目,jenkins-alpine 是名稱任意,:2.60.3-alpine 是版本。
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# docker tag docker.io/jenkins:2.60.3-alpine 172.16.22.76:5000/jenkins-alpine/jenkins-alpine:2.60.3-alpine
push 到harbor 中
[root@iZ2ze71edtwstbwrthlkwgZ harbor]# docker push 172.16.22.76:5000/jenkins-alpine/jenkins-alpine:2.60.3-alpine
The push refers to a repository [172.16.22.76:5000/jenkins-alpine/jenkins-alpine]
82d3c290d5a1: Pushed
8428b41ba542: Pushed
e94f52794a6e: Pushed
156bc83307f6: Pushed
1ba72b01b809: Pushed
17bb45ebda90: Pushed
335dde6843c3: Pushed
4dc3873b8935: Pushed
f9e19b16a208: Pushed
222055844cd6: Pushed
430723a7fa64: Pushed
dc476caae0b5: Pushed
fc49ce05f457: Pushed
e154057080f4: Pushed
2.60.3-alpine: digest: sha256:4122aa3b4bbbde4c657aed20ba060a295c838abe477946712c67c2dcae7df36a size: 3242
[root@iZ2ze71edtwstbwrthlkwgZ harbor]#
[root@iZ2ze71edtwstbwrthlkwgZ harbor]#
如上代表成功
坑一:
docker 重啓後,harbor 的進程 通過 docker ps 查看後,發現 會少一個,建議 從新 cd harbor 目錄下執行 ./install.sh 命令。