胡文成的个人博客

安装Harbor

2024-07-29

一、部署 Harbor
Step1:配置harbor.yml
1
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml

配置 hostname

1
2
3
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: harbor.home.cloud

配置HTTPS证书路径

1
2
3
4
5
6
7
8
9
10
# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /data/cert/harbor.home.cloud.cert
  private_key: /data/cert/harbor.home.cloud.key
  # enable strong ssl ciphers (default: false)
  # strong_ssl_ciphers: false
  strong_ssl_ciphers: true

更改Harbor管理员登录密码

1
2
3
4
# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

启用缓存

1
2
3
4
5
6
7
8
9
10
11
12
13
14
# Cache layer configurations
# If this feature enabled, harbor will cache the resource
# `project/project_metadata/repository/artifact/manifest` in the redis
# which can especially help to improve the performance of high concurrent
# manifest pulling.
# NOTICE
# If you are deploying Harbor in HA mode, make sure that all the harbor
# instances have the same behaviour, all with caching enabled or disabled,
# otherwise it can lead to potential data inconsistency.
cache:
  # not enabled by default
  enabled: true
  # keep cache for one day by default
  expire_hours: 24
Step2:执行prepare脚本来启用 HTTPS

由于Harbor使用nginx作为所有服务的反向代理,因此需要执行prepare脚本来配置nginx启用HTTPS

执行脚本后,会生成一个docker-compose.yml文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
[root@harbor harbor]# ./prepare 
prepare base dir is set to /root/ws/harbor
Unable to find image 'goharbor/prepare:v2.10.3' locally
v2.10.3: Pulling from goharbor/prepare
b73a46d4c129: Pull complete 
323d83daad8d: Pull complete 
78eb1c0ec3ea: Pull complete 
66ca917b2c07: Pull complete 
1969d9c1fa20: Pull complete 
07f9b7d32b20: Pull complete 
fe91053a07b6: Pull complete 
1d2ef9b2f7ca: Pull complete 
37af4a8f2d2d: Pull complete 
05f0d4345fbf: Pull complete 
Digest: sha256:fb37565d2bf0e7a3e5ae518a870ef7d0f50753ff2ca539660341d3f89b139ee1
Status: Downloaded newer image for goharbor/prepare:v2.10.3
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Step3:修改docker-compose.yml

将下面注释掉

1
#version: '2.3'

将所有版本号替换成$HARBOR_IMAGE_VERSION

1
:%s/v2.10.3/$HARBOR_IMAGE_VERSION/g

在harbor目录下创建.env文件

1
# echo "HARBOR_IMAGE_VERSION=v2.10.3"
Step4:使用docker-compose命令启动
1
# docker compose up -d
Step5:查看容器是否健康
1
2
3
4
5
6
7
8
9
[root@harbor ~]# docker ps
CONTAINER ID   IMAGE                                COMMAND                   CREATED       STATUS                    PORTS                                                                            NAMES
18cb1c58a5f5   goharbor/harbor-jobservice:v2.10.3   "/harbor/entrypoint.…"   7 hours ago   Up 30 seconds (healthy)                                                                                    harbor-jobservice
65e8aa0c7e12   goharbor/nginx-photon:v2.10.3        "nginx -g 'daemon of…"   8 hours ago   Up 36 seconds (healthy)   0.0.0.0:80->8080/tcp, :::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp   nginx
be5490ec7e5b   goharbor/harbor-core:v2.10.3         "/harbor/entrypoint.…"   8 hours ago   Up 36 seconds (healthy)                                                                                    harbor-core
3942887eabd2   goharbor/harbor-db:v2.10.3           "/docker-entrypoint.…"   8 hours ago   Up 36 seconds (healthy)                                                                                    harbor-db
a9c62289ac25   goharbor/redis-photon:v2.10.3        "redis-server /etc/r…"   8 hours ago   Up 35 seconds (healthy)                                                                                    redis
c30d79b7fe58   goharbor/harbor-portal:v2.10.3       "nginx -g 'daemon of…"   8 hours ago   Up 35 seconds (healthy)                                                                                    harbor-portal
e446ee566680   goharbor/harbor-log:v2.10.3          "/bin/sh -c /usr/loc…"   8 hours ago   Up 36 seconds (healthy)   127.0.0.1:1514->10514/tcp                                                        harbor-log

二、前台使用浏览器登录

需要先在主机 hosts 文件中配置域名映射

1
192.168.xx.xx harbor.home.cloud

然后浏览器使用,adminharbor.yml中配置的harbor_admin_password登录密码登录

image-20240727163744063
Tags: harbor

扫描二维码,分享此文章