安装部署docker环境,部署harbor私有仓库:
gcbj1-21.host.com、gcbj1-22.host.com、gcbj1-200.host.com三台机器上都要安装docer引擎;
docker的安装不在这里演示,官网安装:https://docs.docker.com/engine/install/centos/
docker安装完的时候,有一点记得更改即可:
[root@gcbj1-200 ~]# cat /etc/docker/daemon.json { "graph": "/data/docker", "storage-driver": "overlay2", "insecure-registries": ["registry.access.redhat.com","quay.io","harbor.data.net"], "registry-mirrors": ["https://q2gr04ke.mirror.aliyuncs.com"], "bip": "172.16.200.1/24", "exec-opts": ["native.cgroupdriver=systemd"], "live-restore": true }
注意:bip要根据宿主机的ip的变化而定;而后,记得开机自启systemctl enable docker.service
Harbor私有仓库在gcbj1-200上搭建:
下载安装包至/usr/local/src目录下,并解压至/opt目录下
[root@gcbj1-200 docker]# cd /usr/local/src/ [root@gcbj1-200 src]# ls harbor-offline-installer-v1.8.3.tgz [root@gcbj1-200 src]# tar xf harbor-offline-installer-v1.8.3.tgz -C /opt/
创建软链接,方便后期的软件升级,这也是生产上常用的方式
[root@gcbj1-200 src]# cd /opt/ [root@gcbj1-200 opt]# ls certs harbor [root@gcbj1-200 opt]# mv harbor harbor-v1.8.3 [root@gcbj1-200 opt]# ln -s harbor-v1.8.3 harbor
对harbor配置文件进行以下几项简单更改:
[root@gcbj1-200 opt]# cd harbor [root@gcbj1-200 harbor]# vim harbor.yml hostname: harbor.data.net port: 180 harbor_admin_password: Harbor12345 data_volume: /data/harbor
创建数据目录;harbor仓库需要依赖docker-compose
[root@gcbj1-200 harbor]# mkdir /data/harbor [root@gcbj1-200 harbor]# yum install -y docker-compose [root@gcbj1-200 harbor]# ./install.sh [root@gcbj1-200 harbor]# docker-compose ps [root@gcbj1-200 harbor]# docker-compose up –d ###每次重启docker都要执行
harbor启动后的端口是180,所以我们这里要用nginx的80端口反代它
[root@gcbj1-200 harbor]# yum install -y nginx [root@gcbj1-200 harbor]# vim /etc/nginx/conf.d/harbor.data.net.conf server { listen 80; server_name harbor.data.net; client_max_body_size 1000m; location / { proxy_pass http://127.0.0.1:180; } } [root@gcbj1-200 harbor]# nginx -t [root@gcbj1-200 harbor]# systemctl start nginx [root@gcbj1-200 harbor]# systemctl enable nginx
在dns服务器gcbj1-11上进行配置,添加一条A记录
[root@gcbj1-11 ~]# vim /var/named/data.net.zone $ORIGIN data.net. $TTL 600 ; 10 minutes @ IN SOA dns.od.com. dnsadmin.data.net. ( 2019120902 ; serial 10800 ; refresh (3 hours) 900 ; retry (15 minutes) 604800 ; expire (1 week) 86400 ; minimum (1 day) ) NS dns.data.net. $TTL 60 ; 1 minute dns A 192.168.1.11 harbor A 192.168.1.200 #注意另忘记要手动更改serial项; [root@gcbj1-11 ~]# systemctl restart named [root@gcbj1-11 ~]# dig -t A harbor.data.net +short #验证dns解析
至此,我们打开浏览器输入harbor.data.net
用户名是admin,密码是Harbor12345
登录之后,新建一个public公开项目,而后在运维主机gcbj1-200主机上下载一个nginx镜像,重新打个tag,并推送至我们的私有仓库;
[root@gcbj1-200 harbor]# docker pull nginx:1.18 [root@gcbj1-200 harbor]# docker tag nginx:1.18 harbor.data.net/public/nginx:v1.18 [root@gcbj1-200 harbor]# docker login harbor.data.net [root@gcbj1-200 harbor]# docker push harbor.data.net/public/nginx:v1.18