Podman 安装 harbor-编程知识

Podman 安装 harbor

news/2025/1/3 2:40:33/文章来源:https://www.cnblogs.com/zggzcgy/p/18639254

看了官方文档，harbor无法直接支持Podman，于是尝试手工部署，理论上无容器环境也可以部署，只需要将其中的关系和相关配置文件梳理清楚。手工过程确实很繁琐，没那个耐心还是用官方推荐的方式进行吧。

初始化

安装podman

我部署的操作系统是用的Debian，差异的地方我认为就仅安装podman的方式不同

apt install podman

创建网络

# 创建一个容器网络
podman network create --subnet 10.8.0.0/16 harbor# 若不想创建网络，可以使用默认podman网络，但需要将dns解析打开
# 默认网络当前版本没有开启dns解析，要不然容器之间没法通过主机名进行互访。
# 修改配置文件后需要将网络接口删除或重启主机才能生效。
sed '/dns_enabled/s/false/true/' -i /etc/containers/networks/podman.json

获取harbor资源

这里演示的是离线版本，如果服务器可以访问网络可跳过此步骤

# 下载官方发布的离线版本
wget https://github.com/goharbor/harbor/releases/download/v2.12.1-rc2/harbor-offline-installer-v2.12.1-rc2.tgz# 解压文件
tar zxf harbor-offline-installer-v2.12.1-rc2.tgz# 镜像导入到Podman
cd harbor
podman load -i harbor-offline-installer-v2.12.1.tgz# 检查是否成功
podman images
#>
REPOSITORY                                                             TAG             IMAGE ID           CREATED        SIZE
localhost/goharbor/harbor-exporter            v2.12.1     41d5aefe8846  1 hours ago  133 MB
localhost/goharbor/redis-photon                  v2.12.1     457a2577be56  1 hours ago  190 MB
localhost/goharbor/trivy-adapter-photon  v2.12.1     a54102844638  1 hours ago  355 MB
localhost/goharbor/harbor-registryctl      v2.12.1     64d95156960d  1 hours ago  166 MB
localhost/goharbor/registry-photon            v2.12.1     cf003d3f3fd2  1 hours ago  92.1 MB
localhost/goharbor/nginx-photon                  v2.12.1     d217054fe55b  1 hours ago  178 MB
localhost/goharbor/harbor-log                      v2.12.1     c21feee6bf65  1 hours ago  188 MB
localhost/goharbor/harbor-jobservice       v2.12.1     9b04f819cefc  1 hours ago  179 MB
localhost/goharbor/harbor-core                   v2.12.1     cc5987a3d926  1 hours ago  201 MB
localhost/goharbor/harbor-portal               v2.12.1     8067171d0ca3  1 hours ago  187 MB
localhost/goharbor/harbor-db                       v2.12.1     43d273c7031f  1 hours ago  299 MB
localhost/goharbor/prepare                           v2.12.1     9251998ce48d  1 hours ago  223 MB

部署各个组件

个别组件相互依赖，需要按照顺序进行部署，否则组件无法启动

部署redis

redis用户缓存用户令牌和其他信息，不依赖其他组件，可以先行部署

启动redis

# 启动容器
podman run --name redis --restart=always --detach \--network=podman \--cap-add=chown \--cap-add=setuid \--cap-add=setgid \--cap-drop=all \--volume=redis:/var/lib/redis:z \goharbor/redis-photon:v2.12.1

部署postgresql

pg数据库存储harbor配置和用户等信息，不依赖其他组件，可以先进行部署

创建密码

# 创建secrt
printf 'root123' | podman secret create db-secret -

启动pg

# 启动容器
podman run --name postgresql --restart=always --detach \--network=podman \--cap-add=chown \--cap-add=setuid \--cap-add=setgid \--cap-add=dac_override \--cap-drop=all \--shm-size=1gb \--secret=db-secret,type=env,target=POSTGRES_PASSWORD \--volume=postgresql:/var/lib/postgresql/data:z \goharbor/harbor-db:v2.12.1

部署registry

registry主要存放docker镜像，需要依赖redis才能启动

创建配置文件

# 创建配置文件存放目录harbor
install -d -o root -g root /etc/harbor# 创建空文件
touch /etc/harbor/registry.yml

将下面内容保存到/etc/harbor/registry.yml文件中

version: 0.1
log:level: info fields:service: registry
storage:cache:layerinfo: redisfilesystem:# 数据存储目录rootdirectory: /storagemaintenance:uploadpurging:enabled: trueage: 168hinterval: 24hdryrun: falsedelete:enabled: true
redis:# Redis服务器地址和端口，这里使用容器名addr: redis:6379readtimeout: 10swritetimeout: 10sdialtimeout: 10spassword:db: 1pool:maxidle: 100maxactive: 500idletimeout: 60s
http:addr: :5000secret: placeholderdebug:addr: localhost:5001
auth:htpasswd:realm: harbor-registry-basic-realm# 认证账号和密码，这里从 podman 的 secret获取path: /run/secrets/passwd
validation:disabled: true
compatibility:schema1:enabled: true

创建密码

这里创建用户名为harbor_registry_user密码为3wPdmfYhiKzodsFwSMaOiFinZKTtj7Iu的密文

# 创建secret
printf "harbor_registry_user:$2y$05$LX.g96mzhV5VMT7Zngx8oe9oItdURVN7wcFDj3xn2snqF4KKMNH5a" \| podman secret create registry-auth -

启动registry

# 启动容器
podman run --name=registry --restart=always --detach \--network=podman \--cap-add=chown \--cap-add=setuid \--cap-add=setgid \--cap-drop=all \--secret=registry-auth,target=/run/secrets/passwd \--volume=registry:/storage:z \--volume=/etc/harbor/registry.yml:/etc/registry/config.yml:ro \--volume=/etc/ssl/certs/ca-certificates.crt:/etc/registry/root.crt:ro \goharbor/registry-photon:v2.12.1

部署portal

创建配置文件

# 创建空文件
touch /etc/harbor/portal.conf
``将下面内容保存到`/etc/harbor/portal.conf`文件中```bash
worker_processes auto;
pid /tmp/nginx.pid;events {worker_connections  1024;
}http {client_body_temp_path /tmp/client_body_temp;proxy_temp_path /tmp/proxy_temp;fastcgi_temp_path /tmp/fastcgi_temp;uwsgi_temp_path /tmp/uwsgi_temp;scgi_temp_path /tmp/scgi_temp;server {listen 8080;server_name  localhost;root   /usr/share/nginx/html;index  index.html index.htm;include /etc/nginx/mime.types;gzip on;gzip_min_length 1000;gzip_proxied expired no-cache no-store private auth;gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;location /devcenter-api-2.0 {try_files $uri $uri/ /swagger-ui-index.html;}location / {try_files $uri $uri/ /index.html;}location = /index.html {add_header Cache-Control "no-store, no-cache, must-revalidate";}}
}

运行portal

portal主要为容器间访问提供统一入口

# 启动容器
podman run --name=portal --restart=always --detach \--network=podman \--cap-add=setuid \--cap-add=setgid \--cap-add=net_bind_service \--cap-drop=all \--volume=/etc/harbor/portal.conf:/etc/nginx/nginx.conf:ro \goharbor/harbor-portal:v2.12.1

部署registryctl

registryctl提供对仓库的管理功能，如删除和打标签等。

创建配置文件

# 创建空文件
touch /etc/harbor/registryctl.yml

将下面内容保存到/etc/harbor/registryctl.yml文件中

---
protocol: "http"
port: 8080
log_level: info
registry_config: "/etc/registry/registry.yml"

创建密码

# 创建secret
printf "3wPdmfYhiKzodsFwSMaOiFinZKTtj7Iu" | podman secret create registry-passwd -

启动registryctl

# 启动容器
podman run --name=registryctl --restart=always --detach \--network=podman \--cap-add=setuid \--cap-add=setgid \--cap-drop=all \--secret=harbor-secret,type=env,target=CORE_SECRET \--secret=jobservice-secret,type=env,target=JOBSERVICE_SECRET \--volume=registry:/storage:z \--volume=/etc/harbor/registry.yml:/etc/registry/config.yml:ro \--volume=/etc/harbor/registryctl.yml:/etc/registryctl/config.yml:ro \--volume=/etc/ssl/certs/ca-certificates.crt:/etc/registry/root.crt:ro \goharbor/harbor-registryctl:v2.12.1

部署harbor

harbor主要是管理和管理各个组件的枢纽。

创建配置文件

# 创建空文件
touch /etc/harbor/harbor.conf

将下面内容保存到/etc/harbor/harbor.conf文件中

appname = Harbor
runmode = prod
enablegzip = true[prod]
httpport = 8080

创建密码

# 创建secrt
# harbor密码
printf 'NWnE5xqgDJrvQF7k' | podman secret create harbor-secret -# jobservice密码
printf '7ZA7muK2d4xcD7nO' | podman secret create jobservice-secret -

启动harhar

# 启动容器
podman run --name=harbor --restart=always --detach \--network=podman \--cap-add=setuid \--cap-add=setgid \--cap-drop=all \--env="CONFIG_PATH=/etc/harbor/app.conf" \--env=UAA_CA_ROOT=/etc/harbor/certificates/root.crt \--env=_REDIS_URL_CORE=redis://redis:6379?idle_timeout_seconds=30 \--env=_REDIS_URL_REG=redis://redis:6379/1?idle_timeout_seconds=30 \--env=SYNC_QUOTA=true \--env=LOG_LEVEL=info \--env=EXT_ENDPOINT=https://harbor.home.lan \--env=DATABASE_TYPE=postgresql \--env=POSTGRESQL_HOST=postgresql \--env=POSTGRESQL_PORT=5432 \--env=POSTGRESQL_USERNAME=postgres \--env=POSTGRESQL_DATABASE=registry \--env=POSTGRESQL_SSLMODE=disable \--env=POSTGRESQL_MAX_IDLE_CONNS=100 \--env=POSTGRESQL_MAX_OPEN_CONNS=900 \--env=POSTGRESQL_CONN_MAX_LIFETIME=5m \--env=POSTGRESQL_CONN_MAX_IDLE_TIME=0 \--env=REGISTRY_URL=http://registry:5000 \--secret=jobservice-secret,type=env,target=JOBSERVICE_SECRET \--env=PORTAL_URL=http://portal:8080 \--env=TOKEN_SERVICE_URL=http://harbor:8080/service/token \--env=HARBOR_ADMIN_PASSWORD=Harbor12345 \--env=MAX_JOB_WORKERS=10 \--env=WITH_TRIVY=True \--env=CORE_URL=http://harbor:8080 \--env=CORE_LOCAL_URL=http://127.0.0.1:8080 \--env=JOBSERVICE_URL=http://jobservice:8080 \--env=TRIVY_ADAPTER_URL=http://trivy:8080 \--env=REGISTRY_STORAGE_PROVIDER_NAME=filesystem \--env=READ_ONLY=false \--env=RELOAD_KEY= \--env=REGISTRY_CONTROLLER_URL=http://registryctl:8080 \--env=REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user\--env=CSRF_KEY=uKpy1a5ueQksB6PCF0Y9jzhggIm5BqbA \--env=ROBOT_SCANNER_NAME_PREFIX=O1tyYzRA \--env=PERMITTED_REGISTRY_TYPES_FOR_PROXY_CACHE="docker-hub,harbor,azure-acr,ali-acr,aws-ecr,google-gcr,quay,dock|jobservice/
er-registry,github-ghcr,jfrog-artifactory" \--env=HTTP_PROXY= \--env=HTTPS_PROXY= \--env=PORT=8080  \--env=QUOTA_UPDATE_PROVIDER=db \--secret=harbor-secret,type=env,target=CORE_SECRET \--secret=db-secret,type=env,target=POSTGRESQL_PASSWORD \--secret=jobservice-secret,type=env,target=JOBSERVICE_SECRET \--secret=registry-passwd,type=env,target=REGISTRY_CREDENTIAL_PASSWORD \--volume=harbor:/data:Z \--volume=/etc/harbor/harbor.conf:/etc/core/app.conf:ro \--volume=/etc/ssl/certs/ca-certificates.crt:/etc/core/certificates/root.crt:ro \--volume=/usr/share/zoneinfo/Asia/Shanghai:/etc/localtime:ro \goharbor/harbor-core:v2.12.1

若不需要TRIVY安全扫描需要将True改为False

--env=WITH_TRIVY=: True --> False

部署jobservice

jobservice 主要提供任务执行管理，如镜像同步任务、空间清理任务等支持。

创建配置文件

# 创建空文件
touch /etc/harbor/jobservice.yml

将下面内容保存到/etc/harbor/jobservice.yml文件中

---
#Protocol used to serve
protocol: "http"#Server listening port
port: 8080#Worker pool
worker_pool:#Worker concurrencyworkers: 10backend: "redis"#Additional config if use 'redis' backendredis_pool:#redis://[arbitrary_username:password@]ipaddress:port/database_indexredis_url: redis://redis:6379/2?idle_timeout_seconds=30namespace: "harbor_job_service_namespace"idle_timeout_second: 3600
#Loggers for the running job
job_loggers:# The jobLoggers backend name, only support "STD_OUTPUT", "FILE" and/or "DB"- name: "STD_OUTPUT"level: "INFO" # INFO/DEBUG/WARNING/ERROR/FATAL- name: "FILE"level: "INFO"settings: # Customized settings of loggerbase_dir: "/var/log/jobs"sweeper:duration: 1 #dayssettings: # Customized settings of sweeperwork_dir: "/var/log/jobs"#Loggers for the job service
loggers:- name: "STD_OUTPUT" # Same with abovelevel: "INFO"reaper:# the max time to wait for a task to finish, if unfinished after max_update_hours, the task will be mark as error, but the task will continue to run, default value is 24,max_update_hours: 24# the max time for execution in running state without new task createdmax_dangling_hours: 168# the max size of job log returned by API, default is 10M
max_retrieve_size_mb: 10

启动jobservice

# 启动容器
podman run --name=jobservice --restart=always --detach \--network=podman \--cap-add=setuid \--cap-add=setgid \--cap-add=chown \--cap-drop=all \--env=REGISTRY_URL=http://registry:5000 \--env=CORE_URL=http://harbor:8080 \--env=REGISTRY_CONTROLLER_URL=http://registryctl:8080 \--env=JOBSERVICE_WEBHOOK_JOB_MAX_RETRY=3 \--env=JOBSERVICE_WEBHOOK_JOB_HTTP_CLIENT_TIMEOUT=3 \--env=REGISTRY_CREDENTIAL_USERNAME=harbor_registry_user \--secret=harbor-secret,type=env,target=CORE_SECRET \--secret=jobservice-secret,type=env,target=JOBSERVICE_SECRET \--secret=registry-passwd,type=env,target=REGISTRY_CREDENTIAL_PASSWORD \--volume=/etc/harbor/jobservice.yml:/etc/jobservice/config.yml \--volume=jobservice:/var/log/jobs:z \--volume=/etc/ssl/certs/ca-certificates.crt:/harbor_cust_cert/root.crt:ro \goharbor/harbor-jobservice:v2.12.1

部署nginx

nginx主要对外提供统一访问的反向代理。

创建配置文件

# 创建空文件
touch /etc/harbor/nginx.conf# 为Nginx做自签名证书，如果自己有证书的直接替换文件既可
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout /etc/harbor/cert/server.key -out /etc/harbor/cert/server.crt

将下面内容保存到/etc/harbor/nginx.conf文件中

worker_processes auto;
pid /tmp/nginx.pid;events {worker_connections 3096;use epoll;multi_accept on;
}http {client_body_temp_path /tmp/client_body_temp;proxy_temp_path /tmp/proxy_temp;fastcgi_temp_path /tmp/fastcgi_temp;uwsgi_temp_path /tmp/uwsgi_temp;scgi_temp_path /tmp/scgi_temp;tcp_nodelay on;include /etc/nginx/conf.d/*.upstream.conf;# this is necessary for us to be able to disable request buffering in all casesproxy_http_version 1.1;upstream harbor {server harbor:8080;}upstream portal {server portal:8080;}log_format timed_combined '$remote_addr - ''"$request" $status $body_bytes_sent ''"$http_referer" "$http_user_agent" ''$request_time $upstream_response_time $pipe';access_log /dev/stdout timed_combined;map $http_x_forwarded_proto $x_forwarded_proto {default $http_x_forwarded_proto;""      $scheme;}include /etc/nginx/conf.d/*.server.conf;server {listen 8443 ssl;
#    server_name harbordomain.com;server_tokens off;# SSLssl_certificate /etc/cert/server.crt;ssl_certificate_key /etc/cert/server.key;# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.htmlssl_protocols TLSv1.2 TLSv1.3;ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';ssl_prefer_server_ciphers on;ssl_session_cache shared:SSL:10m;# disable any limits to avoid HTTP 413 for large image uploadsclient_max_body_size 0;# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)chunked_transfer_encoding on;# Add extra headersadd_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";add_header X-Frame-Options DENY;add_header Content-Security-Policy "frame-ancestors 'none'";# customized location config file can place to /etc/nginx dir with prefix harbor.https. and suffix .confinclude /etc/nginx/conf.d/harbor.https.*.conf;location / {proxy_pass http://portal/;proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $x_forwarded_proto;proxy_cookie_path / "/; HttpOnly; Secure";proxy_buffering off;proxy_request_buffering off;}location /c/ {proxy_pass http://harbor/c/;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $x_forwarded_proto;proxy_cookie_path / "/; Secure";proxy_buffering off;proxy_request_buffering off;}location /api/ {proxy_pass http://harbor/api/;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $x_forwarded_proto;proxy_cookie_path / "/; Secure";proxy_buffering off;proxy_request_buffering off;}location /v1/ {return 404;}location /v2/ {proxy_pass http://harbor/v2/;proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $x_forwarded_proto;proxy_buffering off;proxy_request_buffering off;proxy_send_timeout 900;proxy_read_timeout 900;}location /service/ {proxy_pass http://harbor/service/;proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $x_forwarded_proto;proxy_cookie_path / "/; Secure";proxy_buffering off;proxy_request_buffering off;}location /service/notifications {return 404;}}server {listen 8080;#server_name harbordomain.com;return 308 https://$host:443$request_uri;}
}

启动nginx

# 启动容器
podman run --name=nginx --restart=always --detach \--network=podman \--cap-add=setuid \--cap-add=setgid \--cap-add=chown \--cap-add=net_bind_service \--cap-drop=all \--volume=/etc/harbor/jobservice.yml:/etc/jobservice/config.yml \--volume=/etc/harbor/nginx.conf:/etc/nginx/nginx.conf:ro \--volume=/etc/harbor/cert:/etc/cert:ro \--publish=80:8080/tcp \--publish=443:8443/tcp \goharbor/nginx-photon:v2.12.1

部署trivy

trivy主要是做镜像安全扫描的

启动trivy

# 启动容器
podman run --name=trivy --restart=always --detach \--network=podman \--cap-drop=all \--env=REGISTRY_URL=http://registry:5000 \--env=SCANNER_LOG_LEVEL=info \--env=SCANNER_REDIS_URL=redis://redis:6379/5?idle_timeout_seconds=30 \--env=SCANNER_STORE_REDIS_URL=redis://redis:6379/5?idle_timeout_seconds=30 \--env=SCANNER_STORE_REDIS_NAMESPACE=harbor.scanner.trivy:store \--env=SCANNER_STORE_REDIS_NAMESPACE=harbor.scanner.trivy:store \--env=SCANNER_JOB_QUEUE_REDIS_URL=redis://redis:6379/5?idle_timeout_seconds=30 \--env=SCANNER_JOB_QUEUE_REDIS_NAMESPACE=harbor.scanner.trivy:job-queue \--env=SCANNER_TRIVY_CACHE_DIR=/home/scanner/.cache/trivy \--env=SCANNER_TRIVY_REPORTS_DIR=/home/scanner/.cache/reports \--env=SCANNER_TRIVY_VULN_TYPE=os,library \--env=SCANNER_TRIVY_SEVERITY=UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL \--env=SCANNER_TRIVY_IGNORE_UNFIXED=False \--env=SCANNER_TRIVY_SKIP_UPDATE=False \--env=SCANNER_TRIVY_SKIP_JAVA_DB_UPDATE=False \--env=SCANNER_TRIVY_OFFLINE_SCAN=False \--env=SCANNER_TRIVY_SECURITY_CHECKS=vuln \--env=SCANNER_TRIVY_GITHUB_TOKEN= \--env=SCANNER_TRIVY_INSECURE=False \--env=SCANNER_TRIVY_TIMEOUT=5m0s \goharbor/trivy-adapter-photon:v2.12.1

检查

检查配置文件数量

find /etc/harbor/ | sort
#>
/etc/harbor/
/etc/harbor/cert
/etc/harbor/cert/server.crt
/etc/harbor/cert/server.key
/etc/harbor/harbor.conf
/etc/harbor/jobservice.yml
/etc/harbor/nginx.conf
/etc/harbor/portal.conf
/etc/harbor/registry.yml
/etc/harbor/registryctl.yml

检查secret数量

podman secret ls
#>
ID                                                 NAME                            DRIVER      CREATED        UPDATED
4b6b7a7389b944e14183e3f15  harbor-secret          file          3 hours ago  3 hours ago
53a5324e536df904f4937bc7e  registry-passwd      file          3 hours ago  3 hours ago
8d51148dd09167d01c05efbb1  db-secret                  file          3 hours ago  3 hours ago
02d967fca4901534dfd4d7602  registry-auth          file          3 hours ago  3 hours ago
2b797e30d891f3e4faa9eb4ea  jobservice-secret  file          3 hours ago  3 hours ago

检查卷数量

podman volume ls
#>
DRIVER      VOLUME NAME
local       redis
local       postgresql
local       registry
local       harbor
local       jobservice
local       fcb0cf615f4f418e6940575b7f2ff4134fa16f022e5796d13665941935ed28cc
local       8873dd561ad8a729ed41ffa142935faabee2bd7f7ac7008b00e64b9cb52d4c6b
local       afa887b699a4a4544e264aaa3aaef741c59030802396501b6e9e9b8cc7a9988c
local       141c9d2ddd2f51458e260553099b7c557ef375170d83e3dcf29c9f8619a02864
local       18b0b3f8d0664a53f649072c063c582c44e33bc76455124084dca80a75cbe5e8
local       7cabf92013a6d373e5fce5e04e1c1a64f7552b84ce8f1be4a9cc4596338b1e5b
local       906e32a9ed2cdc35c029d9719fda7b92bbed1f9c81049dded7455f0a48e35e4f

检查容器运行数量

podman ps
#>
CONTAINER ID   IMAGE                                                                                         COMMAND                            CREATED           STATUS                               PORTS                                                                               NAMES
cf90d9f591e7  localhost/goharbor/redis-photon:v2.12.1                    redis-server /etc...  8 minutes ago  Up  8 minutes (healthy)                                                                                          redis
6e21f92af144  localhost/goharbor/harbor-db:v2.12.1                                                                    8 minutes ago  Up 8 minutes (healthy)                                                                                          postgresql
822f1651fe33  localhost/goharbor/registry-photon:v2.12.1                                                        8 minutes ago  Up 7 minutes (healthy)                                                                                          registry
8e294920c5d8  localhost/goharbor/harbor-portal:v2.12.1                  nginx -g daemon o...     7 minutes ago  Up 7 minutes (healthy)                                                                                          portal
d4a8efa87fee  localhost/goharbor/harbor-jobservice:v2.12.1                                                    7 minutes ago  Up 7 minutes (healthy)                                                                                          jobservice
8ca7b98b4db0  localhost/goharbor/harbor-registryctl:v2.12.1                                                  7 minutes ago  Up 7 minutes (healthy)                                                                                          registryctl
bd7f6ad9ba06  localhost/goharbor/harbor-core:v2.12.1                                                                7 minutes ago  Up 7 minutes (healthy)                                                                                          harbor
d49c1ba26e4e  localhost/goharbor/nginx-photon:v2.12.1                    nginx -g daemon o...    7 minutes ago   Up 7 minutes (healthy)  0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp  nginx
2fc8d84a450f  localhost/goharbor/trivy-adapter-photon:v2.12.1                                             7 minutes ago   Up 7 minutes (healthy)                                                                                          trivy

访问测试

curl 127.0.0.1
#>
<html>
<head><title>308 Permanent Redirect</title></head>
<body>
<center><h1>308 Permanent Redirect</h1></center>
<hr><center>nginx/1.26.2</center>
</body>
</html>

这里因为启用了ssl，而我们默认访问http，所以被nginx重定向到https。

本文来自互联网用户投稿，该文观点仅代表作者本人，不代表本站立场。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如若转载，请注明出处：http://www.hqwc.cn/news/861991.html

如若内容造成侵权/违法违规/事实不符，请联系编程知识网进行投诉反馈email:809451989@qq.com，一经查实，立即删除！

Linux 统计活跃线程和线程数

使用Linux命令ps -eT动态查看进程中，以指定字符串打头的活跃线程和线程数。摘要：使用Linux命令ps -eT动态查看进程中，以指定字符串打头的活跃线程和线程数。动态查看进程的线程数及活跃线程数实现方案在Linux系统中，可以使用以下命令来动态查看进程中名字包含“keyword”…

smallpt: Global Illumination in 99 lines of C++ 首先在win平台需要添加函数erand48，修改为main函数，其中的samps是每个像素的采样率，越大越慢修改后 #include <math.h> // smallpt, a Path Tracer by Kevin Beason, 2008 #include <stdlib.h> // Make : g+…

对Sentinel的链路分析与客户端服务端交互理解

Sentinel介绍略 https://sentinelguard.io/zh-cn/ https://github.com/alibaba/Sentinel https://sentinelguard.io/zh-cn/docs/quick-start.html https://github.com/alibaba/Sentinel/wiki/Sentinel-核心类解析 Sentinel定义的术语 Entry: 表示对某个资源的访问请求，通过 S…

手写 k近邻与全连接神经网络算法

KNN(K-近邻算法) K-近邻算法的介绍参考： https://blog.csdn.net/weixin_39910711/article/details/114440816 手写knn算法，实现mnist的图片数字识别 # 手动实现knn import io from struct import pack,unpack import random from PIL import Image import time import nump…

jmeter参数化取数机制

场景：参数化文件中只有3个账户并发数设置的是4 执行一次，如何取值当参数化文件中所有值全部取完后，又会从头开始取值（如图所示，只有三个账户，并发数为4，第1个线程取值和第4个线程取值相同）如果是一个线程，循环（迭代）4次，取值同上面一致

github上传提示sec_e_untrusted_root解决方法

甲子光年智库发布《中国 AI 算力行业发展报告》

12月30日，甲子光年智库正式发布《中国AI算力行业发展报告》。中昊芯英受邀参与了该报告的编写工作，并为报告的编写贡献了专业的见解和实践经验。12 月 30 日，备受业界关注的《中国 AI 算力行业发展报告》（以下简称「报告」）由甲子光年智库正式发布。该报告为行业内外提供了…

盘点！2024年航空航天大事件

2024年，航空航天领域再次迎来了丰硕成果。这一年，不仅见证了中国航空航天技术的飞速发展，也目睹了其他国家在航空航天探索中的持续突破。从嫦娥六号完成世界首次月球背面自动采样返回，到SpaceX星舰实现“筷子夹火箭”奇景，航空航天领域呈现出前所未有的活力和创造力。低…

谷歌浏览器json插件

1.下载插件 https://www.baidufe.com/fehelper/index/index.html 2.添加插件浏览里里打开路径：chrome://extensions/3.将下载好的插件托拽到浏览器里即可 4.效果

lovelymem梭哈solar内存取证---Alex4nd3r

内存取证1 请找到rdp连接的跳板地址flag{192.168.60.220}内存取证2 请找到攻击者下载黑客工具的IP地址控制台信息flag{155.94.204.67}内存取证3 攻击者获取的“FusionManager节点操作系统帐户（业务帐户）”的密码是什么flag{GalaxManager_2012}内存取证4 请找到攻击者创建的用…

hot100-一刷-13堆(共3道题)

215. 数组中的第K个最大元素题目链接题目描述代码实现分析：后面可以看下官方题解的，手动写排序或者大顶堆。代码： class Solution {public int findKthLargest(int[] nums, int k) {PriorityQueue<Integer> pq = new PriorityQueue<>((n1, n2) -> n1 - n2…

hot100-一刷-14贪心(共4道题)

121. 买卖股票的最佳时机题目链接题目描述代码实现分析：我们需要知道第 i 天之前，股票价格的最小值是什么，再讨论从股票最小值买入，第i天卖出获得的利润，取最大值。代码： class Solution {public int maxProfit(int[] prices) {int minPrice = prices[0];int ans = …