安装docker

  1. cd /etc/yum.repos.d/  &&  wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

docker官方的内核检查脚本建议(RHEL7/CentOS7: User namespaces disabled; add 'user_namespace.enable=1' to boot command line)

32.私有库harbor安装 - 图1

  1. grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
  3. #然后重启
  4. reboot

docker安装

yum -y install  gcc bc gcc-c++ ncurses ncurses-devel cmake elfutils-libelf-devel openssl-devel flex* bison* autoconf automake zlib* fiex* libxml* ncurses-devel libmcrypt* libtool-ltdl-devel* make cmake  pcre pcre-devel openssl openssl-devel   jemalloc-devel tlc libtool vim unzip wget lrzsz bash-comp* ipvsadm ipset jq sysstat conntrack libseccomp conntrack-tools socat curl wget git conntrack-tools psmisc nfs-utils tree bash-completion conntrack libseccomp net-tools crontabs sysstat iftop nload strace bind-utils tcpdump htop telnet lsof

yum install docker-ce -y

配置docker

cp /usr/share/bash-completion/completions/docker /etc/bash_completion.d/

mkdir -p /etc/docker/

cat > /etc/docker/daemon.json <<EOF
{
    "log-driver": "json-file",
    "exec-opts": ["native.cgroupdriver=systemd"],
    "log-opts": {
    "max-size": "100m",
    "max-file": "3"
    },
    "live-restore": true,
    "max-concurrent-downloads": 10,
    "max-concurrent-uploads": 10,
    "registry-mirrors": ["https://2lefsjdg.mirror.aliyuncs.com"],
    "storage-driver": "overlay2",
    "storage-opts": [
    "overlay2.override_kernel_check=true"
    ]
}
EOF

启动docker

systemctl enable --now docker

安装docker-compose

官方github

https://github.com/docker/compose

下载docker-compose
链接: https://pan.baidu.com/s/1y3jl-nXhFxqA0pqQyL8QuQ 提取码: f6df
image.png
image.png

mv docker-compose-Linux-x86_64  /usr/bin/docker-compose
chmod a+x /usr/bin/docker-compose

image.png

docker-compose  version

image.png

准备harbor安装包

官方github

https://github.com/goharbor/harbor

链接: https://pan.baidu.com/s/1XMLOXOFwqZG9lesfAoGUPw 提取码: 8cff

解压

 tar xvf harbor-offline-installer-v1.10.3.tgz

cd /root/harbor;ls

image.png

修改配置文件harbor.yml

修改域名

hostname: hub.tk8s.com

修改证书目录

....
  certificate: /data/cert/server.crt
  private_key: /data/cert/server.key

image.png

创建目录

echo "192.168.33.50 hub.tk8s.com" >> /etc/hosts

mkdir -p /data/cert

创建证书

cd /data/cert

创建一个私钥

openssl genrsa -des3 -out server.key 2048

image.png
生成证书请求

openssl  req -new -key server.key  -out server.csr

image.png
去掉私钥的密码

cp server.key  server.key.org
openssl rsa -in server.key.org -out server.key

image.png
利用请求签名

openssl x509 -req -days 365 -in server.csr  -signkey server.key  -out server.crt

image.png
授予权限

chmod 777 /data/cert/
chmod a+x /data/cert/*

执行脚本安装harbor

sh /root/harbor/install.sh

image.png

浏览器输入域名访问

前提在hosts文件里设好ip和域名
用户:admin
密码:Harbor12345
image.png

黑屏测试

直接黑屏登陆会失败
image.png

修改/etc/docker/daemon.json,添加参数

"insecure-registries": ["https://hub.tk8s.com","http://hub.tk8s.com"]

image.png
重启docker

systemctl daemon-reload 

systemctl restart docker

重启harbor

cd /root/harbor
docker-compose down
docker-compose up -d

image.png

黑屏登陆成功
image.png

push镜像测试

docker pull busybox:latest
docker tag busybox:latest hub.tk8s.com/library/busybox:latest
docker push hub.tk8s.com/library/busybox:latest

image.png
image.png

pull镜像测试

docker rmi busybox:latest
docker rmi hub.tk8s.com/library/busybox:latest
docker pull hub.tk8s.com/library/busybox:latest

image.png