docker私有倉庫搭建harbor
1、安裝docker-compose
$ yum -y install epel-release
$ yum -y install python-pip
$ pip install docker-compose
$ docker-compose version
如果出現以下錯誤:
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 5, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 3011, in <module>
parse_requirements(__requires__), Environment()
File "/usr/lib/python2.7/site-packages/pkg_resources.py", line 626, in resolve
raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: backports.ssl-match-hostname>=3.5
解決辦法:
$ pip install backports.ssl_match_hostname --upgrade
#再次確認就OK咯!
$ docker-compose version
docker-compose version 1.9.0, build 2585387
docker-py version: 1.10.6
CPython version: 2.7.5
OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
2、安裝harbor
$ wget https://github.com/vmware/harbor/releases/download/v1.2.0/harbor-offline-installer-v1.2.0.tgz
$ tar xvf harbor-offline-installer-v1.2.0.tgz
$ cd harbor
#將配置檔案harbor.cfg中的hostname修改如下,其它可參照官網修改https://github.com/vmware/harbor/blob/master/docs/installation_guide.md
hostname = 192.168.70.110
#執行安裝(此處執行前需要先安裝好docker,詳細見docker安裝步驟)
$ ./install.sh
......
Creating network "harbor_default" with the default driver
Creating harbor-log
Creating harbor-db
Creating registry
Creating harbor-ui
Creating harbor-jobservice
Creating nginx
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://192.168.70.111.
For more details, please visit https://github.com/vmware/harbor .
You have new mail in /var/spool/mail/root
#這樣就安裝完成了
啟動方式:
cd /harbor
docker-compose up -d
docker-compose up -d ###後臺啟動,如果容器不存在根據映象自動建立
docker-compose down -v ###停止容器並刪除容器
docker-compose start ###啟動容器,容器不存在就無法啟動,不會自動建立映象
docker-compose stop ###停止容器
3、登入系統
user:admin
passwd:Harbor12345 (預設密碼)進入系統後建議立即修改密碼)
4、push 和 pull 映象
crt登入到Harbor
從官網倉庫下載一個centos的映象
docker pull docker.io/centos
centos打一個tag
docker tag docker.io/centos hub.chinadigit.org:5000/library/centos:v1.0
push到harbor中
docker push hub.chinadigit.org:5000/library/centos:v1.0
報錯1:
The push refers to a repository [hub.chinadigit.org:5000/library/centos]
問題:需要指定使用http協議連線harbor
如果安裝的docker是docker engine(在節點伺服器新建檔案並指明harbor伺服器資訊如下):
cat >>/etc/docker/daemon.json<<EOF
{ "insecure-registries":["hub.chinadigit.org:5000"] }
EOF
安裝的docker不是docker engine
在/usr/lib/systemd/system/docker.service修改ExecStart一行如下:
ExecStart=/usr/bin/dockerd --insecure-registry hub.chinadigit.org:5000
$systemctl daemon-reload
$ systemctl restart docker.service
重啟之後問題解決。
報錯2:
docker push映象時報以下錯誤
The push refers to a repository [hub.chinadigit.org:5000/library/centos]
cf516324493c: Preparing
unauthorized: authentication required
解決辦法:登入倉庫私有專案需要先登入再push
$docker login hub.chinadigit.org:5000 -u onlyread -p aaaAAA111 #登入私有倉庫使用docker login IP地址
$docker push hub.chinadigit.org:5000/library/centos:v1.0
退出倉庫登入命令如下:
docker logout hub.chinadigit.org:5000
建立專案、建立使用者已經對專案授權不在贅述,比較簡單