下载离线安装包
https://github.com/goharbor/harbor/releases
开始安装
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
tar -zxvf harbor-offline-installer-v2.1.0.tgz
cd harbor
cp harbor.yml.tmpl harbor.yml
vi harbor.yml
hostname: harbor.yourcompany.com
harbor_admin_password = yourpassword
./install.sh
docker-compose stop
docker-compose up -d
docker-compose down -v
docker ps
cd /var/log/harbor
|
图形界面配置
1
2
3
4
5
6
7
8
9
|
http://10.10.51.77/
admin/yourpassword
operator/yourpassword
yourproject
|
客户端配置
1
2
3
4
5
6
7
8
9
10
11
12
|
vi /etc/docker/daemon.json
{ "insecure-registries":["10.10.51.77:80"] }
systemctl daemon-reload
systemctl restart docker
docker login -u operator -p yourpassword 10.10.51.77:80
docker images tag nginx 10.10.51.77:80/yourproject/nginx
docker push 10.10.51.77:80/yourproject/nginx
|
配置SSL(可选)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
openssl genrsa -out ca.key 2048
openssl req -new -x509 -key ca.key -out ca.crt -days 3650 -subj "/C=CN/ST=HB/L=WH/O=DM/OU=YPT/CN=CA"
openssl x509 -in ca.crt -noout -text
openssl genrsa -out harbor.key 2048
openssl req -new -sha256 -key harbor.key -out harbor.csr -subj "/C=CN/ST=HB/L=WH/O=DM/OU=YPT/CN=yourcompany.com"
cat <<EOF > harbor.cnf
extensions = san
[san]
keyUsage = digitalSignature
extendedKeyUsage = clientAuth,serverAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
subjectAltName = IP:10.10.51.77,DNS:harbor.yourcompany.com
EOF
openssl x509 -req -sha256 -days 3650 -in harbor.csr -out harbor.crt -CA ca.crt -CAkey ca.key -CAcreateserial -extfile harbor.cnf
openssl x509 -in harbor.crt -noout -text
certificate: /root/cert/harbor.crt
private_key: /root/cert/harbor.key
docker-compose down -v
./install.sh
vi /etc/hosts
10.10.51.77 harbor.yourcompany.com
https://harbor.yourcompany.com
cp /root/cert/ca.crt /etc/pki/ca-trust/source/anchors
update-ca-trust extract
systemctl restart docker
|