Linux operation and maintenance container docker private warehouse harbor production construction

Article Directory

An introduction to harbor warehouse

Introduction

Harbor is a private warehouse of docke. When the location of the warehouse is not specified in docker, the image of pull uses the image of docker's public warehouse. The image produced by a third party.
After deployment, the harbor warehouse can be specified from the harborpull image. You can also use dockfile and dockecompose to write a mirror upload. To the private warehouse to call at any time

Contrast with registry

Harbor can be deployed to multiple containers and can also be deployed on any Linux distribution that supports docke (registry is the core component).
Compared with registry, harbor supports multiple functions, graphical interfaces, multi-user rights management, role rights management, and server side. Requires docker python docker compoes components because the web is written in python, so python components are needed

Core components

1.
Proxy uniformly receives
requests from browsers and Docker clients through a front-end reverse proxy , and forwards the requests to different back-end services.
This is a reverse proxy component.
2. The Registry
is responsible for storing Docker images and
processing docker push/
Pull command to upload and download 3. Core services
Harbor's core functions, including UI, webhook, token service
webhook: some of the service functions of the website
token: token, provide authentication services
4.
Database provides core services with database service
database record mirroring Meta information and user identity information
5. Log collector
is responsible for collecting logs of other components for subsequent analysis,
health checks, etc.

Two deploy harbor warehouse

Environment preparation
Server 2
server side docker-ce docker composa harbro
client side docker-ce

Install docker compoas docker-ce

Both docker bodies must

curl -L https://get.daocloud.io/docker/compose/releases/download/1.29.2/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose 
docker-compose --version   启动会检查docker-ce 和docker是否安装  没安装会包错
Insert picture description here

Install harbor on the server side

tar zxvf harbor-offline-installer-v1.2.2.tgz -C /usr/local/  解压文件
vim /usr/local/harbor/harbor.cfg  修改地址  指向本机
sh /usr/local/harbor/install.sh   用启动脚本启动  
Insert picture description here


Insert picture description here


Insert picture description here
Insert picture description here


Insert picture description here


Insert picture description here

test result

docker ps
docker  image 
cd /usl/local/harbor
docker-compose ls
Insert picture description here


Insert picture description here

Access web interface

要访问需要做ipv4转发 
vim /etc/sysctl.conf
#末行添加
net.ipv4.ip_forward = 1
sysctl -p
Insert picture description here


Insert picture description here


Insert picture description here


Insert picture description here

Add item

Insert picture description here


Insert picture description here

Create user

Insert picture description here
Insert picture description here

Log in and upload the image on the server console

log in

docker login -u admin -p Harbor12345 http://127.0.0.1
Insert picture description here

Upload image

docker pull nginx
docker login -u admin -p Harbor12345 http://127.0.0.1  登录控制台
docker tag nginx:latest 127.0.0.1/nginx/nginx:cat  打标签
docker push 127.0.0.1/nginx/nginx:cat  上传镜像
Insert picture description here


web interface view

Insert picture description here

Other client upload mirror solution

Docker Registry interaction uses HTTPS by default, but the
HTTP service is used by default to build private mirrors , so errors occur when interacting with private mirrors

vim /usr/lib/systemd/system/docker.service
添加  --insecure-registry serverIP
systemctl daemon-reload
systemctl restart docker
Insert picture description here