Harbor仓库

Harbor 是一个用于存储和分发 Docker 镜像的企业级 Registry 服务器，由 vmware 开源，其通过添加一些企业必需的功能特性，例如安全、标识和管理等，扩展了开源 Docker Distribution。作为一个企业级私有 Registry 服务器，Harbor 提供了更好的性能和安全。提升用户使用Registry 构建和运行环境传输镜像的效率。Harbor 支持安装在多个Registry 节点的镜像资源复制，镜像全部保存在私有 Registry 中，确保数据和知识产权在公司内部网络中管控，另外，Harbor 也提供了高级的安全特性，诸如用户管理，访问控制和活动审计等。

vmware 官方开源服务列表地址：https://vmware.github.io/harbor/cn/

harbor 官方 github 地址：https://github.com/vmware/harbor

harbor 官方网址：https://goharbor.io/

环境：

1.安装docker

2.开启IP路由转发
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1

2.安装docker-compose
chmod +x docker-compose-Linux-x86_64

cp docker-compose-Linux-x86_64 /usr/bin/docker-compose

docker-compose version

3.安装harbor仓库
tar xf harbor-offline-installer-v2.2.1.tgz

cd /usr/local/work/harbor

cp harbor.yml.tmpl harbor.yml

vim harbor.yml
hostname: 192.168.11.11    #修改为ip或域名
#不用443可以注释掉#13行-18行
harbor_admin_password = ASDFasdf123     #修改harbor密码
data_volume:/usr/local/work/harbor/images   #镜像存放位置

4.启动harbor
./install.sh 
[root@docker harbor]# docker ps -a
CONTAINER ID   IMAGE                                COMMAND                   CREATED         STATUS                   PORTS                                       NAMES
49bc05e66b3c   goharbor/nginx-photon:v2.3.1         "nginx -g 'daemon of…"   2 minutes ago   Up 2 minutes (healthy)   0.0.0.0:8080->8080/tcp, :::8080->8080/tcp   nginx
8f531548b433   goharbor/harbor-jobservice:v2.3.1    "/harbor/entrypoint.…"   2 minutes ago   Up 2 minutes (healthy)                                               harbor-jobservice
b79f5f4e0138   goharbor/harbor-core:v2.3.1          "/harbor/entrypoint.…"   2 minutes ago   Up 2 minutes (healthy)                                               harbor-core
8c67e6c78669   goharbor/redis-photon:v2.3.1         "redis-server /etc/r…"   2 minutes ago   Up 2 minutes (healthy)                                               redis
42629ecaf97c   goharbor/harbor-db:v2.3.1            "/docker-entrypoint.…"   2 minutes ago   Up 2 minutes (healthy)                                               harbor-db
679f7730a5b6   goharbor/harbor-registryctl:v2.3.1   "/home/harbor/start.…"   2 minutes ago   Up 2 minutes (healthy)                                               registryctl
d38cf582f289   goharbor/registry-photon:v2.3.1      "/home/harbor/entryp…"   2 minutes ago   Up 2 minutes (healthy)                                               registry
223c5aa44102   goharbor/harbor-portal:v2.3.1        "nginx -g 'daemon of…"   2 minutes ago   Up 2 minutes (healthy)                                               harbor-portal
2dd716197a56   goharbor/harbor-log:v2.3.1           "/bin/sh -c /usr/loc…"   2 minutes ago   Up 2 minutes (healthy)   127.0.0.1:1514->10514/tcp                   harbor-log

#启动
docker-compose up -d
#停止
docker-compose stop
#重启
docker-compose restart

vim /etc/docker/daemon.json
{
        "registry-mirrors": ["https://2fweidtv.mirror.aliyuncs.com"],
        "insecure-registries": ["192.168.11.11"]
}

systemctl daemon-reload
systemctl restart docker

#登录harbor 192.168.11.11:8080

#上传镜像

#命令行登录harbor
docker login 192.168.11.11
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

#为镜像打标签
docker tag mysql:5.7 192.168.11.11/work/mysql:5.7

#上传镜像到harbor仓库中
docker push 192.168.11.11/work/mysql:5.7