安装Harbor
更改主机名
# vim /etc/hostname
# cd /usr/local/src/
# yum install lrzsz
上传harbor安装压缩包
/usr/local/src# ls
harbor-offline-installer-v1.7.5.tgz
解压
# tar -xvf harbor-offline-installer-v1.7.5.tgz
创建证书目录
# cd harbor/
root@iZ8vb4v74i80396clnpsenZ:/usr/local/src/harbor# mkdir certs
创建证书
# cd certs/
创建私钥
# openssl genrsa -out harbor-ca.key
创建自签证书
# openssl req -x509 -new -nodes -key /usr/local/src/harbor/certs/harbor-ca.key -subj "/CN=
harbor.edward.net" -days 365 -out /usr/local/src/harbor/certs/harborca.crt
# ls
harborca.crt harbor-ca.key
编辑配置文件
# vim /usr/local/src/harbor/harbor.cfg
hostname = harbor.edward.net
#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = https
#The path of cert and key files for nginx, they are applied only the protocol is set to https
ssl_cert =/usr/local/src/harbor/certs/harborca.crt
ssl_cert_key =/usr/local/src/harbor/certs/harbor-ca.key
email_server = smtp.163.com
email_server_port = 25
email_username = hanyang_mailbox@163.com
email_password = "hy3120911"
email_from = hanyang <hanyang_mailbox@163.com>
email_ssl = false
email_insecure = false
#Change the admin password from UI after launching Harbor.
harbor_admin_password = 123456
利用阿里云镜像,外网环境安装docker
# curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
安装docker compose
# apt-get install docker-compose
安装haobor
# cd /usr/local/src/harbor
# systemctl daemon-reload
# systemctl restart docker
# ./install.sh
K8S与Harbor集成
添加A记录
访问一下harbor地址,并登录,查看证书
在harbor中新建公开项目baseimages
在master上添加A记录
# vim /etc/hosts
在master1上创建路径
将harbor上创建的证书拷贝至master1
# scp /usr/local/src/harbor/certs/harborca.crt 192.168.101.100:/etc/docker/certs.d/
harbor.edward.net/
将master1的docker服务重启
# systemctl restart docker
master1登录harbor
Username: admin
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
此时,master1可向harbor上传下载镜像了
测试master1向harbor上传镜像是否成功
# docker pull alpine
Using default tag: latest
latest: Pulling from library/alpine
c9b1b535fdd9: Pull complete
Digest: sha256:ab00606a42621fb68f2ed6ad3c88be54397f981a7b70a79db3d1172b11c4367d
Status: Downloaded newer image for alpine:latest
docker.io/library/alpine:latest
root@master1:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest e7d92cdc71fe 2 weeks ago 5.59MB
root@master1:~# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
alpine latest e7d92cdc71fe 2 weeks ago 5.59MB
harbor.edward.net/baseimages/alpine latest e7d92cdc71fe 2 weeks ago 5.59MB
The push refers to repository [harbor.edward.net/baseimages/alpine]
5216338b40a7: Pushed
latest: digest: sha256:ddba4d27a7ffc3f86dd6c2f92041af252a1f23a8e742c90e6e1297bfa1bc0c45 size: 528
测试成功!
安装Harbor并与K8S集成
原文:https://www.cnblogs.com/edward-han/p/13861960.html