摘要平时经常用Docker来部署各种环境,发现从DockerHub上下载镜像有时候比较慢 。第三方的镜像还可以使用一些国内的镜像仓库来加速,如果我们自己构建的镜像那就不行了 。这时候搭建一个私有的镜像仓库很有必要,最近发现Harbor这个企业级镜像仓库,非常好用且功能强大,推荐给大家!
Harbor简介Harbor是一款开源的Docker镜像仓库服务,在Github上目前有13.4k+Star 。提供了基于角色的镜像访问机制,可以保护你的镜像安全 。
安装
【10分钟自建企业级Docker镜像仓库!这个开源项目太顶了】学习开源项目的第一步,一般都是把它运行起来,我们先来把Harbor运行起来吧!
- 下载Harbor安装包,这里下载的是v1.10.6离线版本,下载地址:https://github.com/goharbor/harbor/releases
文章插图
- 下载完成后上传到linux服务器,使用如下命令解压;
tar xvf harbor-offline-installer-v1.10.6.tgz复制代码
- 解压完成后,所有文件内容如下;
[root@linux-local harbor]# lltotal 700260drwxr-xr-x. 3 root root20 Dec2 11:18 common-rw-r--r--. 1 root root3398 Nov 17 11:58 common.sh-rw-r--r--. 1 root root5348 Dec2 14:41 docker-compose.yml-rw-r--r--. 1 root root 717021676 Nov 17 11:59 harbor.v1.10.6.tar.gz-rw-r--r--. 1 root root5882 Dec2 11:21 harbor.yml-rwxr-xr-x. 1 root root2284 Nov 17 11:58 install.sh-rw-r--r--. 1 root root11347 Nov 17 11:58 LICENSE-rwxr-xr-x. 1 root root1749 Nov 17 11:58 prepare复制代码
- 修改Harbor的配置文件harbor.yml,修改hostname,并注释掉https配置,相关属性说明参考注释即可;
# 指定Harbor的管理界面及镜像仓库访问地址hostname: 192.168.3.101# http相关配置http:# http端口,如果配置了https,默认使用httpsport: 80# https相关配置#https:## https端口#port: 443## 指定Habor中Nginx的https的证书和私钥地址#certificate: /your/certificate/path#private_key: /your/private/key/path# Harbor默认管理员账号admin的密码harbor_admin_password: Harbor12345# Harbor内置PostgreSQL数据库配置database:# root用户密码password: root123# 最大空闲连接数,小于等于0表示无空闲连接max_idle_conns: 50# 最大连接数,小于等于0表示无限制max_open_conns: 100# 默认数据目录data_volume: /data# Clair configurationclair:# The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.updaters_interval: 12jobservice:# Maximum number of job workers in job servicemax_job_workers: 10notification:# Maximum retry count for webhook jobwebhook_job_max_retry: 10chart:# Change the value of absolute_url to enabled can enable absolute url in chartabsolute_url: disabled# 日志配置log:# 日志级别配置: debug, info, warning, error, fatallevel: info# 日志本地存储策略local:# 日志文件滚动数量,超过该数量会删除日志文件rotate_count: 50# 日志滚动大小,超过该大小会生成新的日志文件rotate_size: 200M# 日志存储路径location: /var/log/harbor# This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!_version: 1.10.0# Configure proxies to be used by Clair, the replication jobservice, and Harbor. Leave blank if no proxies are required.proxy:http_proxy:https_proxy:# no_proxy endpoints will Appended to 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-serverno_proxy:components:- core- jobservice- clair复制代码
- 使用install.sh脚本安装Harbor:
./install.sh复制代码
- Harbor启动成功后会输出如下信息,这里需要注意的是Harbor会启动Nginx、Redis之类的容器,以前创建过的需要先删除掉,看到started successfully就表示启动成功了;
[Step 0]: checking if docker is installed ...Note: docker version: 19.03.5[Step 1]: checking docker-compose is installed ...Note: docker-compose version: 1.24.0[Step 2]: loading Harbor images ...Loaded image: goharbor/harbor-migrator:v1.10.6Loaded image: goharbor/harbor-core:v1.10.6Loaded image: goharbor/harbor-db:v1.10.6Loaded image: goharbor/harbor-registryctl:v1.10.6Loaded image: goharbor/nginx-photon:v1.10.6Loaded image: goharbor/clair-photon:v1.10.6Loaded image: goharbor/clair-adapter-photon:v1.10.6Loaded image: goharbor/harbor-portal:v1.10.6Loaded image: goharbor/harbor-log:v1.10.6Loaded image: goharbor/registry-photon:v1.10.6Loaded image: goharbor/notary-signer-photon:v1.10.6Loaded image: goharbor/harbor-jobservice:v1.10.6Loaded image: goharbor/redis-photon:v1.10.6Loaded image: goharbor/prepare:v1.10.6Loaded image: goharbor/notary-server-photon:v1.10.6Loaded image: goharbor/chartmuseum-photon:v1.10.6[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...prepare base dir is set to /mydata/harbor/harborWARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to httpsClearing the configuration file: /config/log/logrotate.confClearing the configuration file: /config/log/rsyslog_docker.confClearing the configuration file: /config/nginx/nginx.confClearing the configuration file: /config/core/envClearing the configuration file: /config/core/app.confClearing the configuration file: /config/registry/config.ymlClearing the configuration file: /config/registry/root.crtClearing the configuration file: /config/registryctl/envClearing the configuration file: /config/registryctl/config.ymlClearing the configuration file: /config/db/envClearing the configuration file: /config/jobservice/envClearing the configuration file: /config/jobservice/config.ymlGenerated configuration file: /config/log/logrotate.confGenerated configuration file: /config/log/rsyslog_docker.confGenerated configuration file: /config/nginx/nginx.confGenerated configuration file: /config/core/envGenerated configuration file: /config/core/app.confGenerated configuration file: /config/registry/config.ymlGenerated configuration file: /config/registryctl/envGenerated configuration file: /config/db/envGenerated configuration file: /config/jobservice/envGenerated configuration file: /config/jobservice/config.ymlloaded secret from file: /secret/keys/secretkeyGenerated configuration file: /compose_location/docker-compose.ymlClean up the input dirNote: stopping existing Harbor instance ...Stopping harbor-jobservice ... doneStopping harbor-core... doneStopping redis... doneStopping registryctl... doneStopping registry... doneStopping harbor-db... doneStopping harbor-portal... doneStopping harbor-log... doneRemoving harbor-jobservice ... doneRemoving harbor-core... doneRemoving redis... doneRemoving registryctl... doneRemoving registry... doneRemoving harbor-db... doneRemoving harbor-portal... doneRemoving harbor-log... doneRemoving network harbor_harbor[Step 5]: starting Harbor ...Creating network "harbor_harbor" with the default driverCreating harbor-log ... doneCreating harbor-portal ... doneCreating registry... doneCreating harbor-db... doneCreating registryctl... doneCreating redis... doneCreating harbor-core... doneCreating harbor-jobservice ... doneCreating nginx... done? ----Harbor has been installed and started successfully.----复制代码
推荐阅读
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- 老电脑开机10分钟?5M小软件一出手,流氓软件藏不住
- 未受信任的企业级开发者怎么解决?
- 虾爬子蒸多长时间?
- 10分钟快速入门海量数据搜索引擎Elasticsearch
- 耳机|只要199!一加耳机双发:充电10分钟 听歌20小时
- Python自建免费HTTP服务器,无公网IP也能远程访问
- 云数据库 VS 自建数据库,到底该如何抉择?
- 搭建企业级私有仓库harbor-V2.0并上传镜像
- 黑瓷茶具仅出自建窑吗,什么是黑瓷茶具
- 黑瓷茶具历史发展,黑瓷茶具仅出自建窑吗