搭建自己的harbor仓库并上传和下载镜像

隔壁老王一看

1.1 搭建harbor服务器

1. [root@rocky8 ~]$ cat /data/scripts/install_harbor.sh
2. #!/bin/bash
4. DOCKER_VERSION="20.10.10"
5. UBUNTU_DOCKER_VERSION="5:${DOCKER_VERSION}~3-0~${ID}-${UBUNTU_CODENAME}"
6. DOCKER_COMPOSE_VERSION="2.16.0"
7. DOCKER_COMPOSE_FILE=docker-compose-Linux-x86_64
8. HARBOR_VERSION="2.5.6"
9. HARBOR_BASE="/usr/local/"
10. HARBOR_NAME=harbor.yanlinux.org
11. HARBOR_IP=`hostname -I|awk '{print $1}'`
12. HARBOR_ADMIN_PASSWORD=123456
14. COLOR_SUCCESS="echo -e \\033[1;32m"
15. COLOR_FAILURE="echo -e \\033[1;31m"
16. END="\033[m"
18. . /etc/os-release
20. color () {
21.     RES_COL=60
22.     MOVE_TO_COL="echo -en \\033[${RES_COL}G"
23.     SETCOLOR_SUCCESS="echo -en \\033[1;32m"
24.     SETCOLOR_FAILURE="echo -en \\033[1;31m"
25.     SETCOLOR_WARNING="echo -en \\033[1;33m"
26.     SETCOLOR_NORMAL="echo -en \E[0m"
27.     echo -n "$1" && $MOVE_TO_COL
28.     echo -n "["
29.     if [ $2 = "success" -o $2 = "0" ] ;then
30.         ${SETCOLOR_SUCCESS}
31.         echo -n $"  OK  "
32.     elif [ $2 = "failure" -o $2 = "1"  ] ;then
33.         ${SETCOLOR_FAILURE}
34.         echo -n $"FAILED"
35.     else
36.         ${SETCOLOR_WARNING}
37.         echo -n $"WARNING"
38.     fi
39.     ${SETCOLOR_NORMAL}
40.     echo -n "]"
41.     echo
42. }
44. install_docker() {
45.     if [ $ID = "centos" -o $ID = "rocky" ];then
46.         if [ $VERSION_ID = "7" ];then
47.             cat >  /etc/yum.repos.d/docker.repo  <<EOF
48. [docker]
49. name=docker
50. gpgcheck=0
51. #baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/7/x86_64/stable/
52. baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/7/x86_64/stable/
53. EOF
54.         else     
55.             cat >  /etc/yum.repos.d/docker.repo  <<EOF
56. [docker]
57. name=docker
58. gpgcheck=0
59. #baseurl=https://mirrors.aliyun.com/docker-ce/linux/centos/8/x86_64/stable/
60. baseurl=https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/centos/8/x86_64/stable/
61. EOF
62.         fi
63.         yum clean all
64.         yum makecache
65.         ${COLOR_FAILURE} "Docker有以下版本"${END}
66.         yum list docker-ce --showduplicates
67.         ${COLOR_FAILURE}"5秒后即将安装: docker-"${DOCKER_VERSION}" 版本....."${END}
68.         sleep 5
69.         yum -y install docker-ce-${DOCKER_VERSION} docker-ce-cli-${DOCKER_VERSION} || { color "Base,Extras的yum源失败,请检查yum源配置" 1;exit; }
70.     else
71.             dpkg -s docker-ce &> /dev/null && $COLOR"Docker已安装，退出" 1 && exit
72.         apt update || { color "更新包索引失败" 1 ; exit 1; }
73.         apt  -y install apt-transport-https ca-certificates curl software-properties-common || \
74.             { color "安装相关包失败" 1 ; exit 2;  }
75.         curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
76.         add-apt-repository "deb [arch=amd64] https://mirrors.aliyun.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
77.         apt update
78.         ${COLOR_FAILURE} "Docker有以下版本"${END}
79.         apt-cache madison docker-ce
80.         ${COLOR_FAILURE}"5秒后即将安装: docker-"${UBUNTU_DOCKER_VERSION}" 版本....."${END}
81.         ${COLOR_FAILURE}"如果想安装其它Docker版本，请按ctrl+c键退出，修改版本再执行"${END}
82.         sleep 5
83.         apt -y  install docker-ce=${UBUNTU_DOCKER_VERSION} docker-ce-cli=${UBUNTU_DOCKER_VERSION}
84.     fi
86.     if [ $? -eq 0 ];then
87.         color "安装软件包成功"  0
88.     else
89.         color "安装软件包失败，请检查网络配置" 1
90.         exit
91.     fi
92.     mkdir -p /etc/docker
93.     tee /etc/docker/daemon.json <<EOF
94. {
95.   "registry-mirrors": ["https://5lwrg1ye.mirror.aliyuncs.com"],
96.   "insecure-registries":["harbor.yanlinux.org"]
97. }
98. EOF
99.         systemctl daemon-reload
100.     systemctl enable docker
101.     systemctl restart docker
102.     docker version && color "Docker 安装成功" 0 ||  color "Docker 安装失败" 1
104.     echo 'alias rmi="docker images -qa|xargs docker rmi -f"' >> ~/.bashrc
105.         echo 'alias rmc="docker ps -qa|xargs docker rm -f"' >> ~/.bashrc
106.     echo 'alias dps="docker ps -a"' >> ~/.bashrc
107.     echo 'alias dim="docker images"' >> ~/.bashrc
108. }
110. install_docker_compose() {
111.     ${COLOR_SUCCESS}"开始安装 Docker compose....."${END}
112.     sleep 5
113.     if [ ! -e ${DOCKER_COMPOSE_FILE} ];then
114.         curl -L https://get.daocloud.io/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m) -o /usr/bin/docker-compose
115.     else
116.         mv ${DOCKER_COMPOSE_FILE} /usr/bin/docker-compose
117.     fi
118.     chmod +x /usr/bin/docker-compose
120.     if docker-compose --version ;then
121.         ${COLOR_SUCCESS}"Docker Compose 安装完成"${END}
122.     else
123.         ${COLOR_FAILURE}"Docker compose 安装失败"${END}
124.         exit
125.     fi  
126. }
128. install_harbor() {
129.     ${COLOR_SUCCESS}"开始安装 Harbor....."${END}
130.     sleep 5
131.     #下载文件
132.     if [ ! -e harbor-offline-installer-v${HARBOR_VERSION}.tgz ];then
133.         wget https://github.com/goharbor/harbor/releases/download/v${HARBOR_VERSION}/harbor-offline-installer-v${HARBOR_VERSION}.tgz || ${COLOR_FAILURE} "下载失败！" ${END}
134.     fi
135.     #[ -d ${HARBOR_BASE} ] ||  mkdir ${HARBOR_BASE}
136.     tar xvf harbor-offline-installer-v${HARBOR_VERSION}.tgz  -C ${HARBOR_BASE}
137.     cd ${HARBOR_BASE}/harbor
139.     #编辑配置文件
140.     cp harbor.yml.tmpl harbor.yml
141.     sed -ri "/^hostname/s/reg.mydomain.com/${HARBOR_NAME}/" harbor.yml
142.     sed -ri "/^https/s/(https:)/#\1/" harbor.yml
143.     sed -ri "s/(port: 443)/#\1/" harbor.yml
144.     sed -ri "/certificate:/s/(.*)/#\1/" harbor.yml
145.     sed -ri "/private_key:/s/(.*)/#\1/" harbor.yml
146.     sed -ri "s/Harbor12345/${HARBOR_ADMIN_PASSWORD}/" harbor.yml
147.     sed -i 's#^data_volume: /data#data_volume: /data/harbor#' harbor.yml
149.     ${HARBOR_BASE}/harbor/install.sh && ${COLOR_SUCCESS}"Harbor 安装完成"${END} ||  ${COLOR_FAILURE}"Harbor 安装失败"${END}
151.     cat > /lib/systemd/system/harbor.service << EOF
152. [Unit]
153. Description=Harbor
154. After=docker.service systemd-networkd.service systemd-resolved.service
155. Requires=docker.service
156. Documentation=http://github.com/vmware/harbor
158. [Service]
159. Type=simple
160. Restart=on-failure
161. RestartSec=5
162. ExecStart=/usr/bin/docker-compose -f  ${HARBOR_BASE}/harbor/docker-compose.yml up
163. ExecStop=/usr/bin/docker-compose -f ${HARBOR_BASE}/harbor/docker-compose.yml down
165. [Install]
166. WantedBy=multi-user.target
167. EOF
169.     systemctl daemon-reload
170.     systemctl enable --now harbor &> /dev/null || ${COLOR}"Harbor已配置为开机自动启动"${END}
172.     if [ $?  -eq 0 ];then
173.         echo
174.         color "Harbor安装完成!" 0
175.         echo "-------------------------------------------------------------------"
176.         echo -e "请访问链接: \E[32;1mhttp://${HARBOR_IP}/\E[0m"
177.                 echo -e "用户和密码: \E[32;1madmin/${HARBOR_ADMIN_PASSWORD}\E[0m"
178.     else
179.         color "Harbor安装失败!" 1
180.         exit
181.     fi
182. }
184. docker info &> /dev/null && ${COLOR_FAILURE}"Docker已安装"${END} || install_docker
185. docker-compose --version &> /dev/null && ${COLOR_FAILURE}"Docker Compose已安装"${END} || install_docker_compose
186. install_harbor
188. [root@rocky8 ~]$ sh /data/scripts/install_harbor.sh

复制代码

1.2 在Harbor服务器(10.0.0.18)上配置https

1.2.1 生成Harbor服务器证书

[code]#生成ca的私钥openssl genrsa -out ca.key 4096#生成ca的自签名证书openssl req -x509 -new -nodes -sha512 -days 3650 \-subj "/C=CN/ST=Jiangsu/L=Nanjing/O=example/OU=Personal/CN=yanlinux.org" \-key ca.key \-out ca.crt#生成harbor主机的私钥openssl genrsa -out harbor1.yanlinux.org.key 4096#生成harbor主机的证书申请openssl req -new -sha512 \-subj "/C=CN/ST=Jiangsu/L=Nanjing/O=example/OU=Personal/CN=harbor1.yanlinux.org" \-key harbor1.yanlinux.org.key \-out harbor1.yanlinux.org.csr#创建x509 v3扩展文件（新版新增的要求）cat > v3.txt