harbor 192.168.100.40

ps: 这个是我在21年,还很稚嫩的时候写的笔记,当时是在有道云上面写的,这个是我翻新的,可能有一些错误问题

初始配置

1️⃣ 在各个节点 daemon.json文件中添加

"insecure-registries" : ["192.168.100.40"]

2️⃣ 重启docker

systemctl restart docker

3️⃣ 将compose上传到harbor节点中去,也就是安装compose

[root@harbor ~]# ls
 docker-compose
[root@harbor ~]# mv docker-compose /usr/bin/
[root@harbor ~]# chmod u+x /usr/bin/docker-compose 
[root@harbor ~]# docker-compose version
docker-compose version 1.23.1, build b02f1306
docker-py version: 3.5.0
CPython version: 3.6.7
OpenSSL version: OpenSSL 1.1.0f  25 May 2017

4️⃣ 修改 hosts文件

[root@node2 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.10 master
192.168.100.20 node1
192.168.100.30 node2
192.168.100.40 harbor.tanc.com

配置harbor

1️⃣ 将harbor文件上传到harbor节点并解压

[root@harbor ~]# ls
 harbor-offline-installer-v1.2.0.tg
[root@harbor ~]# tar zxvf harbor-offline-installer-v1.2.0.tg

2️⃣ 修改 harbor.cfg文件

cd harbor
vim harbor.cfg
5 hostname = harbor.tanc.com ##修改域名,这个要和各个节点的hosts文件对应
24 ssl_cert = /data/cert/server.crt ##这俩个式用来存放密钥的目录要自己创建
25 ssl_cert_key = /data/cert/server.key
mkdir /data/cert
cd /data/cert

3️⃣ 创建密钥

[root@harbor cert]# openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
......................................+++
.......+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
[root@harbor cert]# ls
server.key

4️⃣ 创建证书签名请求

[root@harbor cert]# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:  //不输入密码
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN ##国家
State or Province Name (full name) []:HN ##省
Locality Name (eg, city) [Default City]:CS ##长沙
Organization Name (eg, company) [Default Company Ltd]:tanc    ##公司名
Organizational Unit Name (eg, section) []:tanc ##组织名
Common Name (eg, your name or your server's hostname) []:hub.tanc.com ##域名
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@harbor cert]# ls
server.csr  server.key

5️⃣ 备份私钥

cp server.key server.key.org       

6️⃣ 签名证书请求

[root@harbor cert]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=CN/ST=HN/L=CS/O=tanc/OU=tanc/CN=hub.tanc.com
Getting Private key

7️⃣给目录赋予执行权限

[root@harbor ~]# chmod -R 777 /data/cert/

8️⃣ 安装

[root@harbor harbor]# ./install.sh

完成后查看docker 运行

[root@harbor harbor]# docker ps -a
CONTAINER ID   IMAGE                              COMMAND                  CREATED         STATUS         PORTS                                                              NAMES
7d18e9a71407   vmware/nginx-photon:1.11.13        "nginx -g 'daemon of…"   2 minutes ago   Up 2 minutes   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
0ba8f751f00a   vmware/harbor-jobservice:v1.2.0    "/harbor/harbor_jobs…"   2 minutes ago   Up 2 minutes                                                                      harbor-jobservice
10c888f62c84   vmware/harbor-ui:v1.2.0            "/harbor/harbor_ui"      2 minutes ago   Up 2 minutes                                                                      harbor-ui
8212804be91f   vmware/harbor-db:v1.2.0            "docker-entrypoint.s…"   2 minutes ago   Up 2 minutes   3306/tcp                                                           harbor-db
8c7ba002e430   vmware/registry:2.6.2-photon       "/entrypoint.sh serv…"   2 minutes ago   Up 2 minutes   5000/tcp                                                           registry
2f70683e73af   vmware/harbor-adminserver:v1.2.0   "/harbor/harbor_admi…"   2 minutes ago   Up 2 minutes                                                                      harbor-adminserver
f491f9fbb08f   vmware/harbor-log:v1.2.0           "/bin/sh -c 'crond &…"   2 minutes ago   Up 2 minutes   127.0.0.1:1514->514/tcp                                            harbor-log

使用浏览器登录

image-20240430002314237

之后就可以用docker login https://harbor.tanc.com来登录到仓库了