In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-03-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Harbor
A brief introduction to Harbor
Harbor is vmware's open source enterprise registry, which allows you to quickly build your own private registry,harbor extension docker's registry, so that harbor supports:
Role-based access control of 1pyrrine RBAC
2, policy-based mirror replication
3Perfect LDAPmax AD support
4. Image deletion and garbage cleanup
5Jing Novell image signature
6, user interface
7, audit
8,RESTful api
Second, Harbor module
Harbor mainly has six modules. By default, each harbor component is encapsulated into a docker container, so you can deploy harbor through compose, which is run in 8 containers and can be viewed through docker-compose ps.
Harbor-adminserver:harbor system management interface, which can modify system configuration and obtain system information.
Harbor-db: stores metadata, users, rules, replication policies, and other information about the project
Harbor-jobservice:harbor is mainly used for synchronization of image repositories.
Harbor-log: collect log information for other harbor. Rsyslogd
Harbor-ui: a user interface module for managing registry. Mainly the interface between the front-end page and the back-end CURD
A reverse proxy component of nginx:harbor that proxies services such as registry, ui, token, etc. This agent forwards various requests from harbor web and docker client to the back-end service. It's a nginx. Nginx is responsible for traffic forwarding and security verification. All external traffic is forwarded from nginx. It distributes traffic to ui at the back end and docker registry that is mirrored in docker storage.
Registry: a service that stores docker images and provides pull/push services. Harbor needs to control the access of image. Every time client performs pull or push, registry needs client to go to the token service to obtain an available token.
Redis: storing cache information
III. Installation
1. Environmental preparation.
Operating system: Centos 7.2
IP:192.168.1.22
Docker 17.03.2-ce
Docker-compose installation
Curl-L https://github.com/docker/compose/releases/download/1.23.0-rc3/docker-compose-`uname-s`-`uname-m`-o / usr/local/bin/docker-composechmod + x / usr/local/bin/docker-compose
Harbor-offline-installer-v1.5.1.tgz offline package download
Wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.1.tgz
2, extract and modify the configuration file
Cp harbor-offline-installer-v1.5.1.tgz / data/; tar zxvf harbor-offline-installer-v1.5.1.tgz
Vim / data/harbor/harbor.cfg
Hostname = 192.168.1.22#ssl_cert = / data/cert/server.crt#ssl_cert_key = / data/cert/server.keyui_url_protocol = http / / Protocol max_job_workers = 50 / / maximum concurrent request customize_crt = on / / whether to use custom certificate harbor_admin_password = Harbor12345 / / administrator password db_password = root123 / / mysql password If you do not modify it, a mysql container will be started by default and the password is root123.
3, install
/ bin/sh install.sh
View harbor image
Docker images
Docker-compose View
Docker-compose ps
Fourth, log in to harbor & & Image upload and download
Default password: admin/Harbor12345
The password can be changed in the harbor.cfg configuration file
Management interface:
Upload image
Modify docker startup configuration file docker.service
Add-- insecure-registry=192.168.1.22ExecStart=/usr/bin/dockerd-- storage-driver=overlay2-- insecure-registry=192.168.1.22 after ExecStart
An error will be reported if it is not configured:
Restart docker
Systemctl daemon-reload systemctl restart docker.service
Log in to harbor with CLI
Docker login 192.168.1.22
Image tagging
Docker push 192.168.1.22/szs/mysql_db:latest
Background view
download
Environment: 192.168.1.20
System: Centos 7.2
Install docker
Modify the configuration file: docker.service
ExecStart=/usr/bin/dockerd-storage-driver=overlay2-insecure-registry=192.168.1.22
Restart
Systemctl daemon-reload systemctl restart docker.service
Connect to the image repository
Docker login 192.168.1.22
Because there is authentication, otherwise an error will be reported
Docker pull 192.168.1.22/szs/mysql_db
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.