Harbor is designed for storing container images and is generally deployed in an intranet environment to provide image services for containers running within the intranet.
Harbor is open source and can be found on GitHub at: https://github.com/goharbor/harbor
Step 1: Testing Environment
For testing purposes, set up a new virtual machine with CentOS 7.9 and make some modifications to the test environment:
- Disable the firewall, install iptables, and temporarily disable it:
systemctl stop firewalld
systemctl disable firewalld
yum install iptables-services -y
systemctl stop iptables
systemctl disable iptables
iptables -F
- Disable SELinux:
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
- Synchronize system time:
ntpdata cn.pool.ntp.org
crontab -e
Insert the following entry to synchronize every hour:
* */1 * * * /usr/sbin/ntpdate cn.pool.ntp.org
- Install common components:
yum install -y yum-utils device-mapper-persistent-data lvm2 wget net-tools nfs-utils lrzsz gcc gcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntp libaio-devel vim ncurses-devel autoconf automake zlib-devel python-devel epel-release openssh-server socat ipvsadm conntrack
- Set up the repository:
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- Enable system forwarding:
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
Step 2: Install Docker and Download Docker Compose
- Install the latest version of Docker:
yum install -y docker-ce
- Enable Docker:
systemctl enable docker --now
- Download Docker Compose:
wget https://github.com/docker/compose/releases/download/v2.23.1/docker-compose-linux-x86_64
mv docker-compose-linux-x86_64 /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
Step 3: Create Certificates
During the certificate creation process, ensure consistency in country code and city code. The hostname must match the local machine.
mkdir /data/ssl -p
cd /data/ssl/
openssl genrsa -out ca.key 3072
openssl req -new -x509 -days 3650 -key ca.key -out ca.pem
openssl genrsa -out harbor.key 3072
openssl req -new -key harbor.key -out harbor.csr
openssl x509 -req -in harbor.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out harbor.pem -days 3650
Step 4: Download and Install Harbor
- Create a directory:
mkdir /data/install
cd /data/install
- Download and extract files:
wget https://github.com/goharbor/harbor/releases/download/v2.3.0-rc3/harbor-offline-installer-v2.3.0-rc3.tgz
tar zxvf harbor-offline-installer-v2.3.0-rc3.tgz -C /data/install
- Modify the configuration file:
cp /data/install/harbor/harbor.yml.tmpl /data/install/harbor/harbor.yml
vim /data/install/harbor/harbor.yml
Modify the hostname, certificate, and private_key to actual values:
hostname: harbor # Adjust as needed
certificate: /data/ssl/harbor.pem
private_key: /data/ssl/harbor.key
- Install Harbor:
/data/install/harbor/install.sh
Step 5: Web User Management on the Client
Access the IP or domain of this host to open the login page. Initial admin account information:
Username: admin
Password: Harbor12345
Step 6: Configure Docker on the Client
- Modify /etc/docker/daemon.json:
vim /etc/docker/daemon.json
Add the following field in the client machine's /etc/docker/daemon.json:
"insecure-registries": "192.168.xxx.xxx", "hostname"
- Restart the Docker service:
systemctl daemon-reload
systemctl restart docker
Step 7: Testing
- Upload Test: Tag the image on the local machine in the format: ip/project_name/image_name
docker tag tomcat:latest 192.168.xxx.xxx/test/tomcat:v1
docker push 192.168.xxx.xxx/test/tomcat:v1
- Download Test:
docker pull 192.168.xxx.xxx/test/tomcat:v1
Top comments (0)