Rancher 中文文档 - 20 harbor-offline-installer-v2.0.0 部署 - 《Kubernetes》

项目地址
https://github.com/docker/compose
https://github.com/goharbor/harbor

下载
wget https://github.com/docker/compose/releases/download/1.26.0/docker-compose-Linux-x86_64

sudo mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

[rancher@rmaster02 ~]$ docker-compose version 
docker-compose version 1.26.0, build d4451659
docker-py version: 4.2.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019
[rancher@rmaster02 ~]$

[rancher@rmaster02 home]$ ll
total 488972
-rw-r--r--  1 root    root    500705880 Jun  7 08:57 harbor-offline-installer-v2.0.0.tgz
drwx------. 2 login01 login01        62 Jan 11 13:41 login01
drwx------  4 rancher rancher       107 Jun  7 08:53 rancher
[rancher@rmaster02 home]$ sudo tar xf harbor-offline-installer-v2.0.0.tgz 
[rancher@rmaster02 home]$ cd /home/harbor/
[rancher@rmaster02 harbor]$ ll
total 491056
-rw-r--r-- 1 root root      3361 May 11 18:47 common.sh
-rw-r--r-- 1 root root 502808042 May 11 18:48 harbor.v2.0.0.tar.gz
-rw-r--r-- 1 root root      7816 May 11 18:47 harbor.yml.tmpl
-rwxr-xr-x 1 root root      2523 May 11 18:47 install.sh
-rw-r--r-- 1 root root     11347 May 11 18:47 LICENSE
-rwxr-xr-x 1 root root      1856 May 11 18:47 prepare
[rancher@rmaster02 harbor]$

重命名 harbor.yml.tmpl 为 harbor.yml
修改文件内容

hostname: 192.168.11.101
# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80
# https related config
#https:
  # https port for harbor, default is 443
#  port: 443
  # The path of cert and key files for nginx
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path

开始部署
#开启helm仓库功能

./install.sh --with-trivy --with-chartmuseum

[root@harboor harbor]# ./install.sh --with-trivy --with-clair
✖ Clair is deprecated please remove it from installation arguments !!!
./install.sh --with-trivy

[root@rmaster02 ~]# 
[root@rmaster02 ~]# cd /home/harbor/
[root@rmaster02 harbor]# 
[root@rmaster02 harbor]# ll
total 491056
-rw-r--r-- 1 root root      3361 May 11 18:47 common.sh
-rw-r--r-- 1 root root 502808042 May 11 18:48 harbor.v2.0.0.tar.gz
-rw-r--r-- 1 root root      7818 Jun  7 09:03 harbor.yml
-rwxr-xr-x 1 root root      2523 May 11 18:47 install.sh
-rw-r--r-- 1 root root     11347 May 11 18:47 LICENSE
-rwxr-xr-x 1 root root      1856 May 11 18:47 prepare
[root@rmaster02 harbor]# ./install.sh --with-trivy --with-clair
[root@rmaster02 harbor]# docker-compose ps 
      Name                     Command                       State                     Ports          
------------------------------------------------------------------------------------------------------
harbor-core         /harbor/entrypoint.sh            Up (health: starting)                            
harbor-db           /docker-entrypoint.sh            Up (health: starting)   5432/tcp                 
harbor-jobservice   /harbor/entrypoint.sh            Up (health: starting)                            
harbor-log          /bin/sh -c /usr/local/bin/ ...   Up (health: starting)   127.0.0.1:1514->10514/tcp
harbor-portal       nginx -g daemon off;             Up (health: starting)   8080/tcp                 
nginx               nginx -g daemon off;             Up (health: starting)   0.0.0.0:80->8080/tcp     
redis               redis-server /etc/redis.conf     Up (health: starting)   6379/tcp                 
registry            /home/harbor/entrypoint.sh       Up (health: starting)   5000/tcp                 
registryctl         /home/harbor/start.sh            Up (health: starting)                            
[root@rmaster02 harbor]#

Harbor 主机关机重启后容器是无法顺序重启的

[root@harboor harbor]# docker-compose ps 
      Name                    Command                     State                     Ports          
---------------------------------------------------------------------------------------------------
harbor-core         /harbor/entrypoint.sh         Up (health: starting)                            
harbor-db           /docker-entrypoint.sh 96 13   Exit 137                                         
harbor-jobservice   /harbor/entrypoint.sh         Exit 137                                         
harbor-log          /bin/sh -c /usr/local/bin/    Up (healthy)            127.0.0.1:1514->10514/tcp
                    ...                                                                            
harbor-portal       nginx -g daemon off;          Exit 128                                         
nginx               nginx -g daemon off;          Exit 128                                         
redis               redis-server                  Exit 128                                         
                    /etc/redis.conf                                                                
registry            /home/harbor/entrypoint.sh    Exit 137                                         
registryctl         /home/harbor/start.sh         Exit 137                                         
trivy-adapter       /home/scanner/entrypoint.sh   Exit 137                                         
[root@harboor harbor]#

解决方式1 手动全部关闭容器，再手动启动一次

[root@harboor harbor]# docker-compose down -v 
Stopping harbor-core ... done
Stopping harbor-log  ... done
Removing nginx             ... done
Removing harbor-jobservice ... done
Removing harbor-core       ... done
Removing trivy-adapter     ... done
Removing registryctl       ... done
Removing harbor-portal     ... done
Removing harbor-db         ... done
Removing registry          ... done
Removing redis             ... done
Removing harbor-log        ... done
Removing network harbor_harbor
[root@harboor harbor]# docker-compose up -d 
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db     ... done
Creating redis         ... done
Creating harbor-portal ... done
Creating registry      ... done
Creating registryctl   ... done
Creating trivy-adapter     ... done
Creating harbor-core   ... done
Creating harbor-jobservice ... done
Creating nginx             ... done
[root@harboor harbor]# docker-compose ps 
      Name                    Command                     State                     Ports          
---------------------------------------------------------------------------------------------------
harbor-core         /harbor/entrypoint.sh         Up (health: starting)                            
harbor-db           /docker-entrypoint.sh 96 13   Up (health: starting)                            
harbor-jobservice   /harbor/entrypoint.sh         Up (health: starting)                            
harbor-log          /bin/sh -c /usr/local/bin/    Up (health: starting)   127.0.0.1:1514->10514/tcp
                    ...                                                                            
harbor-portal       nginx -g daemon off;          Up (health: starting)                            
nginx               nginx -g daemon off;          Up (health: starting)   0.0.0.0:80->8080/tcp     
redis               redis-server                  Up (health: starting)                            
                    /etc/redis.conf                                                                
registry            /home/harbor/entrypoint.sh    Up (health: starting)                            
registryctl         /home/harbor/start.sh         Up (health: starting)                            
trivy-adapter       /home/scanner/entrypoint.sh   Up (health: starting)                            
[root@harboor harbor]#

解决方式2 编写systemctl服务来管理harbor服务启动

vi /etc/systemd/system/harbor.service
#####################
[Unit]
Description=Harbor
After=docker.service systemd-networkd.service systemd-resolved.service
Requires=docker.service
Documentation=http://github.com/goharbor/harbor
[Service]
Type=simple
Restart=on-failure
RestartSec=5
ExecStart=/usr/local/bin/docker-compose -f /opt/harbor/docker-compose.yml up
ExecStop=/usr/local/bin/docker-compose -f /opt/harbor/docker-compose.yml down
[Install]
WantedBy=multi-user.target
#####################
[root@harboor harbor]# systemctl enable harbor.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/harbor.service to /etc/systemd/system/harbor.service.

上述操作假定你的harbor安装在/opt/harbor下

Harbor v2.2 及更高版本中支持Prometheus监控Harbor
https://blog.51cto.com/lidabai/5177735
启用harbor Prometheus监控配置

# metric:
#   enabled: false
#   port: 9090
#   path: /metrics

导入 grafana面板
https://grafana.com/grafana/dashboards/?search=harbor