部署Harbor镜像仓库

86

安装docker-compose

# curl -SL https://github.com/docker/compose/releases/download/v2.16.0/docker-compose-linux-x86_64 -o /bin/docker-compose  
chmod +x /bin/docker-compose
docker-compose --version

开始部署Harbor

自制https证书

openssl genrsa -out ca.key 4096

openssl req -x509 -new -nodes -sha512 -days 3650  -subj "/CN=harborobd.com"  -key ca.key  -out ca.crt

openssl genrsa -out server.key 4096

openssl req  -new -sha512  -subj "/CN=harborobd.com"  -key server.key  -out server.csr

 cat > v3.ext <<-EOF
  authorityKeyIdentifier=keyid,issuer
  basicConstraints=CA:FALSE
  keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
  extendedKeyUsage = serverAuth 
  subjectAltName = @alt_names
  [alt_names]
  DNS.1=harborobd.com
  EOF

openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt

openssl x509 -inform PEM -in server.crt -out server.cert

解压已经下载好的Harbor包

tar xf harbor-offline-installer-v2.8.2.tgz -C /opt/

cp harbor.yml.tmpl  harbor.yml

配置文件 harbor.yml

  • 需要改的配置文件

配置域名
	hostname: harborobd.com

启动https 配置证书地址
	certificate: /opt/harbor/cert/server.crt
	private_key: /opt/harbor/cert/server.key

数据存储目录
	data_volume: /data

Harbor默认密码
	harbor_admin_password: Harbor12345

开始安装

./install 安装

访问

  • 因为自己配置的https证书 需要配置本地解析才能访问

/etc/hosts
	192.168.2.201 harborobd.com
把证书复制到docker目录下面
[root@habor]# tree /etc/docker/
/etc/docker/
├── certs.d
│   └── harborobd.com
│       ├── ca.crt
│       ├── server.cert
│       └── server.key
└── daemon.json

docker login harborobd.com
输入账号密码就可以了

docker push xxx/xxx/xxx:v1
  • 网页访问