目录
一、Harbor概述
1.Harbor优势
- 基于角色控制
- 基于镜像的复制策略
- 直接LDAP/AD
- 图像删除和垃圾收集
- 图像UI
- 审计
- RESTful API
2.Harbor的核心组件
- Proxy
通过一个前置的反向代理统一接受浏览器、Docker客户端的请求,并将请求转发给后端不同的服务 - Registry
复制储存Docker镜像,并处理docker push/pull命令 - Core services
Harbor的核心功能,包括UI、webhook、token服务
webhook:是一种反向API机制,类似于触发器
token:令牌,提供身份验证服务 - Database
为core services提供数据库服务 - Log collector
负责收集其他组件的log,供日后进行分析
二、部署Harbor
192.168.30.8 docker-compose、harbor
1.安装Harbor
[root@localhost ~]# tar xf harbor-offline-installer-v1.2.2.tgz -C /usr/local/
[root@localhost ~]# vim /usr/local/harbor/harbor.cfg //修改配置文件
hostname = 192.168.30.8
[root@localhost harbor]# sh install.sh
。。。
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db ... done
Creating harbor-adminserver ... done
Creating registry ... done
Creating harbor-ui ... done
Creating harbor-jobservice ... done
Creating nginx ... done
? ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://192.168.30.8.
For more details, please visit https://github.com/vmware/harbor .
[root@localhost harbor]#
2.查看容器
[root@localhost harbor]# docker-compose ps
Name Command State Ports
-------------------------------------------------------------------------------------------------------------------------
harbor-adminserver /harbor/harbor_adminserver Up
harbor-db docker-entrypoint.sh mysqld Up 3306/tcp
harbor-jobservice /harbor/harbor_jobservice Up
harbor-log /bin/sh -c crond && rm -f ... Up 127.0.0.1:1514->514/tcp
harbor-ui /harbor/harbor_ui Up
nginx nginx -g daemon off; Up 0.0.0.0:443->443/tcp,:::443->443/tcp,
0.0.0.0:4443->4443/tcp,:::4443->4443/tcp,
0.0.0.0:80->80/tcp,:::80->80/tcp
registry /entrypoint.sh serve /etc/ ... Up 5000/tcp
[root@localhost harbor]#
3.查看WEB,并创建一个公开项目
4.拉取测试镜像
[root@localhost harbor]# docker pull cirros //官方给的测试镜像
Using default tag: latest
latest: Pulling from library/cirros
d0b405be7a32: Pull complete
bd054094a037: Pull complete
c6a00de1ec8a: Pull complete
Digest: sha256:1e695eb2772a2b511ccab70091962d1efb9501fdca804eb1d52d21c0933e7f47
Status: Downloaded newer image for cirros:latest
docker.io/library/cirros:latest
[root@localhost harbor]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
cirros latest f9cae1daf5f6 6 months ago 12.6MB
vmware/harbor-log v1.2.2 36ef78ae27df 3 years ago 200MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 3 years ago 164MB
vmware/harbor-ui v1.2.2 39efb472c253 3 years ago 178MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 3 years ago 142MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 3 years ago 329MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 3 years ago 144MB
vmware/registry 2.6.2-photon 5d9100e4350e 4 years ago 173MB
vmware/postgresql 9.6.4-photon c562762cbd12 4 years ago 225MB
vmware/clair v2.0.1-photon f04966b4af6c 4 years ago 297MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 4 years ago 324MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 4 years ago 156MB
vmware/notary-photon server-0.5.0 6e2646682e3c 4 years ago 157MB
photon 1.0 e6e4e4a2ba1b 5 years ago 128MB
[root@localhost harbor]#
5.字符界面登录harbor
[root@localhost harbor]# docker login -u admin -p Harbor12345 http://192.168.30.8
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost harbor]#
6.上传镜像
[root@localhost harbor]# docker tag cirros:latest 192.168.30.8/public/cirros:test //打标签
[root@localhost harbor]# docker push 192.168.30.8/public/cirros:test //上传镜像
The push refers to repository [192.168.30.8/public/cirros]
984ad441ec3d: Pushed
f0a496d92efa: Pushed
e52d19c3bee2: Pushed
test: digest: sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22 size: 943
[root@localhost harbor]#
7.查看镜像
8.下载测试
[root@localhost harbor]# docker rmi 192.168.30.8/public/cirros:test //删除原始镜像
Untagged: 192.168.30.8/public/cirros:test
Untagged: 192.168.30.8/public/cirros@sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22
[root@localhost harbor]# docker rmi cirros:latest
Untagged: cirros:latest
Untagged: cirros@sha256:1e695eb2772a2b511ccab70091962d1efb9501fdca804eb1d52d21c0933e7f47
Deleted: sha256:f9cae1daf5f682cb6403a766b3e6afd73a102296910f27ea1ec392b54dc0c188
Deleted: sha256:b6a4b8a7f1df2b043c77d6e745f69bba4a7aacbb0b4838ecde454ed0168a83e5
Deleted: sha256:96b1d95161fdf5dadd619c5f06ae9fa0c80bd501747ddad3da110439df019880
Deleted: sha256:e52d19c3bee2bad632c72694ab1239f360f52e989629969eb7e51b66c32430fa
[root@localhost harbor]# docker images //没有cirros镜像
REPOSITORY TAG IMAGE ID CREATED SIZE
vmware/harbor-log v1.2.2 36ef78ae27df 3 years ago 200MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 3 years ago 164MB
vmware/harbor-ui v1.2.2 39efb472c253 3 years ago 178MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 3 years ago 142MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 3 years ago 329MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 3 years ago 144MB
vmware/registry 2.6.2-photon 5d9100e4350e 4 years ago 173MB
vmware/postgresql 9.6.4-photon c562762cbd12 4 years ago 225MB
vmware/clair v2.0.1-photon f04966b4af6c 4 years ago 297MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 4 years ago 324MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 4 years ago 156MB
vmware/notary-photon server-0.5.0 6e2646682e3c 4 years ago 157MB
photon 1.0 e6e4e4a2ba1b 5 years ago 128MB
[root@localhost harbor]#
[root@localhost harbor]# docker pull 192.168.30.8/public/cirros:test //下载镜像
test: Pulling from public/cirros
d0b405be7a32: Pull complete
bd054094a037: Pull complete
c6a00de1ec8a: Pull complete
Digest: sha256:483f15ac97d03dc3d4dcf79cf71ded2e099cf76c340f3fdd0b3670a40a198a22
Status: Downloaded newer image for 192.168.30.8/public/cirros:test
192.168.30.8/public/cirros:test //是我们创建的镜像仓库地址
[root@localhost harbor]# docker images //cirros成功下载回来
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.30.8/public/cirros test f9cae1daf5f6 6 months ago 12.6MB
vmware/harbor-log v1.2.2 36ef78ae27df 3 years ago 200MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 3 years ago 164MB
vmware/harbor-ui v1.2.2 39efb472c253 3 years ago 178MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 3 years ago 142MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 3 years ago 329MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 3 years ago 144MB
vmware/registry 2.6.2-photon 5d9100e4350e 4 years ago 173MB
vmware/postgresql 9.6.4-photon c562762cbd12 4 years ago 225MB
vmware/clair v2.0.1-photon f04966b4af6c 4 years ago 297MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 4 years ago 324MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 4 years ago 156MB
vmware/notary-photon server-0.5.0 6e2646682e3c 4 years ago 157MB
photon 1.0 e6e4e4a2ba1b 5 years ago 128MB
[root@localhost harbor]#