|
安装docker,git 1
| yum install docker docker-logrotate git -y
|
安装docker-compose
1
2
3
4
5
| yum install python-virtualenv -y
virtualenv ven_harbor
source ven_harbor/bin/activate
pip install --upgrade pip
pip install docker-compose
|
下载harbor
生成自签名证书
1
2
3
4
5
6
7
8
9
10
11
12
| mkdir ca
cd ca
openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout ca.key \
-x509 -days 365 -out ca.crt
openssl req \
-newkey rsa:4096 -nodes -sha256 -keyout yourdomain.com.key \
-out yourdomain.com.csr
touch /etc/pki/CA/index.txt
echo '01' > /etc/pki/CA/serial
openssl ca -in yourdomain.com.csr -out yourdomain.com.crt -cert ca.crt -keyfile ca.key -outdir .
|
安装harbor 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| cd harbor/config/nginx
cp ~/ca/yourdomain.com.crt cert/
cp ~/ca/yourdomain.com.key cert/
mv nginx.conf nginx.conf.bak
cp nginx.https.conf nginx.conf
sed -i s/harbordomain.com/yourdomain.com/g nginx.conf
sed -i s/harbordomain/yourdomain.com/g nginx.conf
# 编辑 ~/harbor/harbor.cfg
hostname = yourdomain.com
ui_url_protocol = https
harbor_admin_password = Harbor12345
auth_mode = db_auth
db_password = root123
# 安装harbor
./install.sh
|
配置client - 将-insecure-registry从docker配置文件中移除,重启docker
- 复制ca.crt到client
1
2
| mkdir -p /etc/docker/certs.d/yourdomain.com
cp ca.crt /etc/docker/certs.d/yourdomain.com
|
创建项目
将镜像推送到harbor中
1
2
3
| docker login yourdomain.com
docker tag centos:7 yourdomain.com/test/centos:7
docker push yourdomain.com/test/centos:7
|
|
|
|
|
|
|
|