test1 | configuration

模板

———

这里

harbor镜像仓库部署

1. 安装harbor环境

确认docker 和 docker-compose版本号

[root@harbor harbor]# docker version

Client: Docker Engine - Community

 Version:           18.09.7

Server: Docker Engine - Community

  Version:          18.09.7

[root@harbor harbor]# docker-compose --version

docker-compose version 1.24.1, build 4667896

2. 安装harobr镜像仓库

github官网地址 https://github.com/goharbor/harbor/releases

[root@harbor ~]#  wget https://github.com/goharbor/harbor/releases/download/v1.9.3/harbor-offline-installer-v1.9.3.tgz

[root@harbor ~]# tar -zxvf harbor-offline-installer-v1.9.1.tgz

[root@harbor ~]# cd harbor/

[root@harbor harbor]# ls

harbor.v1.9.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare

[root@harbor harbor]# ls keys/   #自己制作证书的位置

ikongjian.key  ikongjian.pem

修改主机名，开启https认证并添加证书

[root@harbor harbor]# vim harbor.yml #修改以下这些地方

hostname: harbor.ikongjian.com

https:

  port: 443

  certificate: /root/harbor/keys/ikongjian.pem

  private_key: /root/harbor/keys/ikongjian.key

[root@harbor harbor]# ./prepare

prepare base dir is set to /root/harbor

Generated configuration file: /config/log/logrotate.conf

Generated configuration file: /config/log/rsyslog_docker.conf

Generated configuration file: /config/nginx/nginx.conf

Generated configuration file: /config/core/env

Generated configuration file: /config/core/app.conf

Generated configuration file: /config/registry/config.yml

Generated configuration file: /config/registryctl/env

Generated configuration file: /config/db/env

Generated configuration file: /config/jobservice/env

Generated configuration file: /config/jobservice/config.yml

loaded secret from file: /secret/keys/secretkey

Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt

Generated configuration file: /compose_location/docker-compose.yml

Clean up the input dir

[root@harbor harbor]# ./install.sh

[Step 0]: checking installation environment ...

Note: docker version: 19.03.2

Note: docker-compose version: 1.24.1

[Step 1]: loading Harbor images ...

cad87ea2da29: Loading layer [==================================================>]  77.02MB/77.02MB

通过界面登陆harbor

https://harbor.ikongjian.com ,开启https后默认只走这个

默认用户名和密码 admin Harbor12345

创建镜像项目kubernetes

路径：项目 -> 新建项目 -> 项目名称 kubernetes -> 确认

测试harbor仓库可用性

[root@ikongjian ~]# docker tag busybox harbor.ikongjian.com/kubernetes/busybox:v0.3

[root@ikongjian ~]# docker push harbor.ikongjian.com/kubernetes/busybox:v0.3

The push refers to repository [harbor.ikongjian.com/kubernetes/busybox]

eac247cb7af5: Layer already exists

v0.3: digest: sha256:24fd20af232ca4ab5efbf1aeae7510252e2b60b15e9a78947467340607cd2ea2 size: 527

报错1：镜像直接上传到harbor正常，但是通过nginx一直显示超时：

[root@ikongjian ~]# docker push harbor.ikongjian.com/kubernetes/busybox:v0.3

The push refers to repository [harbor.ikongjian.com/kubernetes/busybox]

eac247cb7af5: Retrying in 10 seconds

解决：需要修改安装包里面Nginx配置文件，删掉scheme的那几行，在反向代理的配置上如果有写的话

harbor镜像仓库高可用

创建用户

问题：registry https://192.168.70.120 is unhealthy: unhealthy