Harbor介绍

Harbor 是为企业用户设计的开源镜像仓库项目，包括了权限管理(RBAC)、LDAP、审计、安全漏洞扫描、镜像验真、管理界面、自我注册、HA等企业必需的功能，同时针对中国用户的特点，设计镜像复制和中文支持等功能。

官网：https://goharbor.io/

Harbor安装部署

# 1.harbor安装的环境要求
# 安装Harbor必须有docker环境和docker-compose环境
yum install -y docker-ce
yum install -y docker-compose# 2.解压harbor安装包
[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.10.0/harbor-offline-installer-v2.10.0.tgz
[root@docker ~]# tar xf harbor-offline-installer-v2.10.0.tgz[root@docker ~]cd harbor
[root@docker ~/harbor]# ll
total 605144
-rw-r--r-- 1 root root 619632806 Sep  4  2019 harbor.v1.9.0.tar.gz
-rw-r--r-- 1 root root      5805 Sep  4  2019 harbor.yml.tmpl
-rwxr-xr-x 1 root root      5088 Sep  4  2019 install.sh
-rw-r--r-- 1 root root     11347 Sep  4  2019 LICENSE
-rwxr-xr-x 1 root root      1748 Sep  4  2019 prepare# 3.复制配置模版并修改harbor配置
[root@docker ~/harbor]# cp -a harbor.yml.tmpl harbor.yml
[root@docker ~/harbor]# vim harbor.yml
hostname: hub.if010.com
harbor_admin_password: Harbor12345# 4.执行安装脚本
[root@docker ~/harbor]# sh install.sh
[Step 1]: loading Harbor images ...
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?# 5.启动docker
[root@docker ~/harbor]# systemctl start docker
[root@docker ~/harbor]# sh install.sh
[Step 0]: checking installation environment ...
Note: docker version: 24.0.7
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
...
...
[Step 2]: preparing environment ...
...
...
Creating redis ... done
Creating harbor-core ... done
Creating network "harbor_harbor" with the default driver
Creating nginx ... done
Creating harbor-db ...
Creating registryctl ...
Creating harbor-portal ...
Creating redis ...
Creating registry ...
Creating harbor-core ...
Creating nginx ...
Creating harbor-jobservice ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://10.0.0.200.
For more details, please visit https://github.com/goharbor/harbor .

浏览器访问 https://hub.if010.com

默认用户名：admin
密码：Harbor12345

// 看下，拉了一堆镜像
[root@docker ~]# docker images 
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
goharbor/harbor-exporter        v2.10.0   1d3fdd3d102d   2 months ago   106MB
goharbor/redis-photon           v2.10.0   5083850c5206   2 months ago   165MB
goharbor/trivy-adapter-photon   v2.10.0   5873942a56be   2 months ago   478MB
goharbor/harbor-registryctl     v2.10.0   7a3b7d7d972c   2 months ago   149MB
goharbor/registry-photon        v2.10.0   9baecb934ded   2 months ago   83.4MB
goharbor/nginx-photon           v2.10.0   d1010aed334c   2 months ago   154MB
goharbor/harbor-log             v2.10.0   518f000ddf00   2 months ago   164MB
goharbor/harbor-jobservice      v2.10.0   4960b98063d3   2 months ago   140MB
goharbor/harbor-core            v2.10.0   00c9a2f5729c   2 months ago   168MB
goharbor/harbor-portal          v2.10.0   f3d83a4e7733   2 months ago   163MB
goharbor/harbor-db              v2.10.0   8215768668f6   2 months ago   269MB
goharbor/prepare                v2.10.0   2ac2fd8f7595   2 months ago   208MB

Harbor的使用

harbor新建项目

新建一个if010项目，在里面可以看到相关推送镜像的命令。

harbor上传镜像

将本地镜像上传至harbor的if010项目仓库中

# 1.修改镜像名称
# 查看镜像
[root@docker ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
nginx                           latest    e4720093a3c1   9 days ago     187MB
# 给镜像改名（会生成一个新的镜像，与原镜像同一个ID）
[root@docker ~]# docker tag nginx:latest hub.if010.com/if010/nginx:latest
[root@docker ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED        SIZE
nginx                           latest    e4720093a3c1   9 days ago     187MB
hub.if010.com/if010/nginx       latest    e4720093a3c1   9 days ago     187MB###命名规则###
照着上面截图命名即可：
harbor服务器地址/项目名称/镜像名称:标签
hub.if010.com/if010/nginx:latest# 2.修改docker配置文件，信任harbor仓库地址
# 如果证书是真实有效的话可以不进行该项配置
[root@docker /etc/docker]# vim daemon.json
{"bip": "192.168.10.1/24","registry-mirrors": ["https://pgz00k39.mirror.aliyuncs.com"],"insecure-registries": ["https://hub.if010.com"]
}
[root@docker01 ~]# systemctl restart docker# 3.登录harbor
[root@docker ~]# docker login hub.if010.com
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded# 4.推送镜像
[root@docker ~]# docker push hub.if010.com/if010/nginx:latest
Using default tag: latest
The push refers to repository [hub.if010.com/if010/nginx:latest]
61a7fb4dabcd: Pushed 
bcc6856722b7: Pushed 
188d128a188c: Pushed 
7d52a4114c36: Pushed 
3137f8f0c641: Pushed 
84619992a45b: Pushed 
ceb365432eec: Pushed 
latest: digest: sha256:678226242061e7dd8c007c32a060b7695318f4571096cbeff81f84e50787f581 size: 1778

刷新查看：