harbor镜像仓库搭建 + 修改端口号
harbor
Harbor 是一个开源的容器镜像仓库,用于存储和管理 Docker 镜像和其他容器镜像。 * 容器镜像仓库、存储和管理 Docker 镜像和其他容器镜像 * 有什么特点:支持多种镜像格式、易于使用、安全性和访问控制
项目地址:https://gitcode.com/gh_mirrors/ha/harbor
免费下载资源
·
最重要:要先安装docker
### 1.安装一些必要的系统工具:
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
#添加软件源信息:
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#更新 yum 缓存:
sudo yum makecache fast
#安装 Docker-ce:(企业版 社区版)
sudo yum -y install docker-ce
#启动 Docker 后台服务
sudo systemctl start docker
### 2.安装docker-compose
# yum install python-pip
# pip install docker-compose
测试:
# docker-compose --version
1.登录harbor官网下载安装包 https://goharbor.io/
解压安装包
tar -xf harbor-offline-installer-v1.7.7-rc1.tgz
2. harbor配置https
按照官网一步步生成证书
#生成私钥key
openssl genrsa -out ca.key 4096
#生成ca证书
openssl req -x509 -new -nodes -sha512 -days 3650 \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=harbor.xxx.com" \
-key ca.key \
-out ca.crt
#生成服务端证书
openssl genrsa -out harbor.xxx.com.key 4096
#服务端csr
openssl req -sha512 -new \
-subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=harbor.haifanyimei.com" \
-key harbor.xxx.com.key \
-out harbor.xxx.com.csr
# x509 v3 extension
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=harbor.xxx.com
DNS.2=harbor.xxx
EOF
# 用v3.ext生成证书
openssl x509 -req -sha512 -days 3650 \
-extfile v3.ext \
-CA ca.crt -CAkey ca.key -CAcreateserial \
-in harbor.xxx.com.csr \
-out harbor.xxx.com.crt
#转化证书格式
openssl x509 -inform PEM -in harbor.xxx.com.crt -out harbor.xxx.com.cert
#服务端证书放harbor认证目录下
cp harbor.xxx.com.crt harbor.xxx.com.key /data/cert/
修改harbor.cfg的配置文件
#hostname填写生成证书的时候配置的域名
hostname = harbor.xxx.com
#修改成生成的证书
ssl_cert = /opt/cert/harbor.xxx.com.crt
ssl_cert_key = /opt/cert/harbor.xxx.com.key
因为我们要修改端口号,修改docker-compose.yml文件
docker配置证书
# 在docker证书文件夹路径下新建文件夹(域名:端口号)
# 默认端口号不用写,因为修改了端口号,所以加上(冒号 + 端口号)
mkdir harbor.xxx.com:543
把以下3个文件拷贝过来:
ca.crt harbor.xxx.com.cert harbor.xxx.com.key
安装
#运行prepare脚本,生成配置文件
./rpepare.sh
#运行安装脚本
./install.sh
登录harbor (用户名:admin, 密码:Harbor12345)
GitHub 加速计划 / ha / harbor
23.24 K
4.67 K
下载
Harbor 是一个开源的容器镜像仓库,用于存储和管理 Docker 镜像和其他容器镜像。 * 容器镜像仓库、存储和管理 Docker 镜像和其他容器镜像 * 有什么特点:支持多种镜像格式、易于使用、安全性和访问控制
最近提交(Master分支:1 个月前 )
c5d26723
chore(deps): bump github.com/go-openapi/runtime in /src
Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.26.2 to 0.28.0.
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](https://github.com/go-openapi/runtime/compare/v0.26.2...v0.28.0)
---
updated-dependencies:
- dependency-name: github.com/go-openapi/runtime
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: miner <yminer@vmware.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: miner <yminer@vmware.com> 14 天前
76624373
chore(deps): bump github.com/coreos/go-oidc/v3 in /src
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.10.0...v3.11.0)
---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shengwen YU <yshengwen@vmware.com>
Co-authored-by: miner <yminer@vmware.com> 14 天前
更多推荐
已为社区贡献2条内容
所有评论(0)