私有docker register (Harbor)
Centos 建立私有docker hub
·
环境准备
- Centos 7 mini
- docker
- docker-compose
安装docker
阿里云加速安装
curl -sSL http://acs-public-mirror.oss-cn-hangzhou.aliyuncs.com/docker-engine/internet | sh -
systemctl enable docker
systemctl start docker
安装docker-compose
curl -L “https://github.com/docker/compose/releases/download/1.9.0/docker-compose- (uname−s)− (uname -m)” -o /usr/local/bin/docker-compose
搭建Harbor
下载代码
git clone https://github.com/vmware/harbor
修改配置
cd harbor/make/
vim harbor.cfg
配置样例如下 :
## Configuration file of Harbor
#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
# 指定 hostname,一般为IP,或者域名,用于登录 Web UI 界面
hostname = 10.211.55.17
#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
# URL 访问方式,SSL 需要配置 nginx
ui_url_protocol = http
#Email account settings for sending out password resetting emails.
# 邮件相关信息配置,如忘记密码发送邮件
email_server = smtp.xxxxxx.com
email_server_port = 465
email_username = reg@mritd.me
email_password = xxxxxx
email_from = docker <reg@mritd.me>
email_ssl = true
##The password of Harbor admin, change this before any production use.
# 默认的 Harbor 的管理员密码,管理员用户名默认 admin
harbor_admin_password = Harbor12345
##By default the auth mode is db_auth, i.e. the credentials are stored in a local database.
#Set it to ldap_auth if you want to verify a user's credentials against an LDAP server.
# 指定 Harbor 的权限验证方式,Harbor 支持本地的 mysql 数据存储密码,同时也支持 LDAP
auth_mode = db_auth
#The url for an ldap endpoint.
# 如果采用了 LDAP,此处填写 LDAP 地址
ldap_url = ldaps://ldap.mydomain.com
#The basedn template to look up a user in LDAP and verify the user's password.
# LADP 验证密码的方式(我特么没用过这么高级的玩意)
ldap_basedn = uid=%s,ou=people,dc=mydomain,dc=com
#The password for the root user of mysql db, change this before any production use.
# mysql 数据库 root 账户密码
db_password = root123
#Turn on or off the self-registration feature
# 是否允许开放注册
self_registration = on
#Turn on or off the customize your certicate
# 允许自签名证书
customize_crt = on
#fill in your certicate message
# 自签名证书信息
crt_country = CN
crt_state = State
crt_location = CN
crt_organization = mritd
crt_organizationalunit = mritd
crt_commonname = mritd.me
crt_email = reg.mritd.me
#####
生成相关配置
cd harbor/make/
./prepare
编译 image 并启动
cd harbor/make/
docker-compose up -d
创建私有项目
- 主页 (默认的访问地址即为 harbor.cfg 中 hostname 地址)
- 登录 (Harbor 默认管理员用户为 admin ,密码在 harbor.cfg 中设置过,默认的是 Harbor12345)
- 创建私有项目
Harbor 有一个项目的概念,项目名可以理解为 Docker Hub 的用户名,其下可以后很多 images,Harbor 的项目必须登录后方可 push,公有项目和私有项目的区别是对其他用户是否可见
push 镜像
- 设置 http 仓库地址
根据 https://docs.docker.com/engine/admin/systemd/
给docker增加 –insecure-registry 10.211.55.17参数
- 登录私有库
docker login 192.168.82.200:8080- 对需要push的镜像打tag (,名称一定要标准( registryAddress[:端口]/项目/imageName[:tag] ))
docker tag nginx:1.11.5 192.168.82.200:8080/tonychen/nginx:1.11.5- push
docker push 192.168.82.200:8080/tonychen/nginx:1.11.5
更多推荐
已为社区贡献1条内容
所有评论(0)