Shulou(Shulou.com)06/02 Report--

This article is to share with you about the installation and use of Harbor 2.0.0, the editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.

Background: with the continuous progress of work, there are more and more images and more and more machines are deployed. Each deployment requires a build image, which is very time-consuming, especially when sending build images with pip3 install pandas on raspberries, which often takes an hour (although apt install python3-pandas is fast, the current version only supports 0.25.3 pip3 install pandas 1.0.0 +, which is not supported, such as pandas.json_normalize). As a result, images are uploaded to image repositories, which are divided into public repositories and private repositories. Due to privacy, only private repositories can be considered. The current deployment method of repositories:

Deployment:

Server host:

> docker pull registry:2

> docker run-d-p 5000 docker run-- restart always-- name registry registry:2

Customer Host:

# in order to make http available, add a trust ip

> > sudo vim / etc/docker/daemon.json

{"insecure-registries": ["Server host ip:5000"]}

> service docker restart

Upload

> docker tag ubuntu:latest server host ip/test/ubuntu:20.04

> docker push server host ip/test/ubuntu:20.04

As you can see, it is very simple, but also very crude, and there are problems:

Lack of permission control. In theory, as long as you know ip, port, project name and warehouse name, you can get it.

No graphical interface, tedious management

In order to solve the above problems, Harbor, an open source container image management tool from VMware, seems to have been developed by the Chinese team, so it natively supports Chinese, needless to say, and is installed and deployed as follows:

Installation environment:

CentOS 7.8.2003

Docker 19.03.11

Docker compose 1.26.0

Installation process reference: https://juejin.im/post/5d9c2f25f265da5bbb1e3de5

There are some modifications.

Prepare:

# install the latest version of docker

Reference: https://docs.docker.com/engine/install/centos/

# modify docker configuration

> > sed-I'/ ExecStart=\ / usr\ / bin\ / dockerd/i\ ExecStartPost=\ / sbin/iptables-I FORWARD-s 0.0.0.0\ / 0-d 0.0.0.0\ / 0-j ACCEPT' / usr/lib/systemd/system/docker.service

> sed-I'/ dockerd/s/$/\ -\-storage\-driver\ = overlay2-- insecure-registry server ip/g' / usr/lib/systemd/system/docker.service

# time synchronization

> yum-y install ntp

> systemctl enable ntpd

> systemctl start ntpd

> ntpdate-u cn.pool.ntp.org

> hwclock-- systohc

> timedatectl set-timezone Asia/Shanghai

# close swap Partition

> > vim / etc/fstab

# comment out the SWAP partition item

# / dev/mapper/centos00-swap swap swap defaults 00

# turn off the firewall

> systemctl stop firewalld

> systemctl disable firewalld

> setenforce 0

> > sed-I'/ SELINUX/s/enforcing/disabled/' / etc/selinux/config

# upgrade the kernel

> rpm-- import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

> > rpm-Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm

> yum-- enablerepo=elrepo-kernel install kernel-ml-yearly &

> > sed-I s/saved/0/g / etc/default/grub&&

> grub2-mkconfig-o / boot/grub2/grub.cfg & & reboot

# install docker-compose

> curl-L https://github.com/docker/compose/releases/download/1.26.0/docker-compose-`uname-s`-`uname-m`-o / usr/local/bin/docker-compose

> > chmod + x / usr/local/bin/docker-compose

> docker-compose-- version

Docker-compose version 1.26.0, build d4451659

# installation

# download the online installation package

> wget https://storage.googleapis.com/harbor-releases/harbor-online-installer-v2.0.0.tgz

> tar xf harbor-online-installer-v2.0.0.tgz

> cd harbor

Installation:

# Editing configuration file

> vim harbor.yml.tmpl

# modify hostname

Hostname: server ip

# comment out https to turn off https support

# https related config

# https:

# # https port for harbor, default is 443

# port: 443

# # The path of cert and key files for nginx

# certificate: / your/certificate/path

# private_key: / your/private/key/path

# the default administrator account password can also be changed

# installation

> mv harbor.yml.tmpl harbor.yml

>. / install.sh

.

Creating harbor-log... Done

Creating harbor-db... Done

Creating registryctl... Done

Creating harbor-portal... Done

Creating registry... Done

Creating redis... Done

Creating harbor-core... Done

Creating nginx... Done

Creating harbor-jobservice... Done

✔-Harbor has been installed and started successfully.

> docker ps

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

D894c16c987f goharbor/harbor-jobservice:v2.0.0 "/ harbor/entrypoint." 2 hours ago Up 2 hours (healthy) harbor-jobservice

A3378467ff00 goharbor/nginx-photon:v2.0.0 "nginx- g'daemon of..." 2 hours ago Up 2 hours (healthy) 0.0.0.0 hours ago Up 80-> 8080/tcp nginx

318b4ad0d0bb goharbor/harbor-core:v2.0.0 "/ harbor/entrypoint." 2 hours ago Up 2 hours (healthy) harbor-core

9348e1566bd0 goharbor/redis-photon:v2.0.0 "redis-server / etc/r..." 2 hours ago Up 2 hours (healthy) 6379/tcp redis

Cc69fe7876b9 goharbor/registry-photon:v2.0.0 "/ home/harbor/entryp..." 2 hours ago Up 2 hours (healthy) 5000/tcp registry

Dc213cb7c5e8 goharbor/harbor-portal:v2.0.0 "nginx-g'daemon of..." 2 hours ago Up 2 hours (healthy) 8080/tcp harbor-portal

E69e2ee6d791 goharbor/harbor-registryctl:v2.0.0 "/ home/harbor/start." 2 hours ago Up 2 hours (healthy) registryctl

8bfcbe9f3d1c goharbor/harbor-db:v2.0.0 "/ docker-entrypoint." 2 hours ago Up 2 hours (healthy) 5432/tcp harbor-db

59e32a7ecb2a goharbor/harbor-log:v2.0.0 "/ bin/sh-c / usr/loc..." 2 hours ago Up 2 hours (healthy) 127.0.0.1 healthy 1514-> 10514/tcp harbor-log

Use:

Enter the management interface: http:// Server ip

Upload image:

Create a project:

If you do not create a project, you will get the error 'unauthorized: project not found, name: test: project not found, name: test'

Login:

# Login

> docker login Server ip

Username:

Password:

Authenticating with existing credentials...

Login Succeeded

# Logout

> docker logout Server ip

# push after logging out

> docker push 10.8.15.49/test/python:1.0

The push refers to repository [10.8.15.49/test/python]

9867e295092a: Preparing

4a2b3a37baa3: Preparing

64f465a5c456: Preparing

912ca77102af: Preparing

5900cd753a41: Preparing

Afae6f50abb9: Waiting

136a15f81f25: Waiting

185574602537: Waiting

24efcd549ab5: Waiting

Unauthorized: unauthorized to access repository: test/python, action: push: unauthorized to access repository: test/python, action: push

Set the label:

> docker tag image name: tag signature server ip/ project name / image name: tag signature

Upload:

> docker push server ip/ project name / image name: tag signature

Updated on 2020-06-11

Operation and maintenance of Harbor system

Execute under the docker-compose.yml directory

Stopping Harbor:

# docker-compose stop

Stopping harbor-jobservice... Done

Stopping nginx... Done

Stopping harbor-core... Done

Stopping redis... Done

Stopping registry... Done

Stopping harbor-portal... Done

Stopping registryctl... Done

Stopping harbor-db... Done

Stopping harbor-log... Done

Restarting Harbor after stopping:

# docker-compose start

Starting log... Done

Starting registry... Done

Starting registryctl... Done

Starting postgresql... Done

Starting portal... Done

Starting redis... Done

Starting core... Done

Starting jobservice... Done

Starting proxy... Done

To change Harbor's configuration, first stop existing Harbor instance and update harbor.cfg.

Then run prepare script to populate the configuration. Finally re-create and start Harbor's instance:

# docker-compose down

# vim harbor.cfg

#. / prepare

# docker-compose up-d

Removing Harbor's containers while keeping the image data and Harbor's database files on the file system:

# docker-compose down

Removing Harbor's database and image data (for a clean re-installation):

# rm-r / data/database

# rm-r / data/registry

Modify listening port (default listening port 80)

Configuring Harbor listening on a customized port.

By default, Harbor listens on port 80 (HTTP) and 443( HTTPS, if configured) for both admin portal and docker commands, you can configure it with a customized one.

For HTTP protocol

Modify docker-compose.yml,Replace the first "80" to a customized port, e.g. 8888 to a customized port 80.

# vim docker-compose.yml

Proxy:

Image: library/nginx:1.11.5

Restart: always

Volumes:

-. / config/nginx:/etc/nginx

Ports:

-8888Suzhou 80

-443PUR 443

Depends_on:

-mysql

-registry

-ui

-log

Logging:

Driver: "syslog"

Options:

Syslog-address: "tcp://127.0.0.1:1514"

Tag: "proxy"

Modify harbor.cfg, add the port to the parameter "hostname".

# vim harbor.cfg

Hostname = 10.90.5.105pur8888

Re-deploy Harbor refering to previous section.

# docker-compose down

#. / prepare

# docker-compose up-d

The above is the installation and use of Harbor 2.0.0. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.