k8s-2harbor 镜像仓库

https://github.com/easzlab/kubeasz/blob/master/docs/guide/harbor.md

安装步骤

在 ansible 控制端下载最新的 docker-compose 二进制文件，改名后把它放到项目 /etc/ansible/bin 目录（已包含）
https://github.com/docker/compose/releases
在 ansible 控制端下载最新的 harbor 离线安装包，把它放到项目 /etc/ansible/down 目录
https://github.com/goharbor/harbor/releases
https://storage.googleapis.com/harbor-releases/release-1.9.0/harbor-offline-installer-v1.9.1.tgz
在 ansible 控制端编辑 /etc/ansible/hosts 文件，可以参考 example 目录下的模板，修改部分举例如下

# 参数 NEW_INSTALL=(yes/no)：yes表示新建 harbor，并配置k8s节点的docker可以使用harbor仓库
# no 表示仅配置k8s节点的docker使用已有的harbor仓库
# 如果不需要设置域名访问 harbor，可以配置参数 HARBOR_DOMAIN=""
[harbor]
192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=yes

在 ansible 控制端执行 ansible-playbook /etc/ansible/11.harbor.yml，完成 harbor 安装和 docker 客户端配置

使用ansible报错

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: If you are using a module and expect the file to exist on the remote, see the remote_src option
fatal: [192.168.10.108]: FAILED! => {"changed": false, "msg": "Could not find or access '/etc/ansible/down/harbor-offline-installer-v1.7.4.tgz' on the Ansible Controller.\nIf you are using a module and expect the file to exist on the remote, see the remote_src option"}

wget https://storage.googleapis.com/harbor-releases/release-1.7.0/harbor-offline-installer-v1.7.4.tgz

安装验证

在 harbor 节点使用 docker ps -a 查看 harbor 容器组件运行情况

[root@harbor ~]# docker ps -a
CONTAINER ID        IMAGE                                    COMMAND                  CREATED             STATUS                   PORTS                                                              NAMES
8aa012e8b2f5        goharbor/nginx-photon:v1.7.4             "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes (healthy)   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp   nginx
4f9299966702        goharbor/harbor-portal:v1.7.4            "nginx -g 'daemon of…"   2 minutes ago       Up 2 minutes (healthy)   80/tcp                                                             harbor-portal
000f15ded9eb        goharbor/harbor-jobservice:v1.7.4        "/harbor/start.sh"       2 minutes ago       Up 2 minutes                                                                                harbor-jobservice
76858936072e        goharbor/clair-photon:v2.0.7-v1.7.4      "/docker-entrypoint.…"   2 minutes ago       Up 2 minutes (healthy)   6060-6061/tcp                                                      clair
16863f24c8a7        goharbor/harbor-core:v1.7.4              "/harbor/start.sh"       2 minutes ago       Up 2 minutes (healthy)                                                                      harbor-core
c3351703b94a        goharbor/harbor-adminserver:v1.7.4       "/harbor/start.sh"       2 minutes ago       Up 2 minutes (healthy)                                                                      harbor-adminserver
2d0d77226412        goharbor/redis-photon:v1.7.4             "docker-entrypoint.s…"   2 minutes ago       Up 2 minutes             6379/tcp                                                           redis
4710afaebae0        goharbor/harbor-registryctl:v1.7.4       "/harbor/start.sh"       2 minutes ago       Up 2 minutes (healthy)                                                                      registryctl
fb137b7d47cf        goharbor/harbor-db:v1.7.4                "/entrypoint.sh post…"   2 minutes ago       Up 2 minutes (healthy)   5432/tcp                                                           harbor-db
cf35f24f1487        goharbor/registry-photon:v2.6.2-v1.7.4   "/entrypoint.sh /etc…"   2 minutes ago       Up 2 minutes (healthy)   5000/tcp                                                           registry
52c43113d0d8        goharbor/harbor-log:v1.7.4               "/bin/sh -c /usr/loc…"   2 minutes ago       Up 2 minutes (healthy)   127.0.0.1:1514->10514/tcp

浏览器访问 harbor 节点的 IP 地址 https://$NodeIP，使用账号 admin 和密码 Harbor12345 (harbor.cfg 配置文件中的默认) 登陆系统

新建一个项目

补充

https://github.com/easzlab/kubeasz/blob/master/docs/guide/harbor.md