首页 > 其他分享 >docker的私有仓库harbor

docker的私有仓库harbor

时间:2024-02-16 11:11:17浏览次数:39  
标签:ssl harbor com 私有 docker root bogon yunjisuan

[root@localhost ~]# mkdir -p /data/ssl

 

[root@localhost ~]# cd /data/ssl/

 

[root@localhost ssl]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt

Generating a 4096 bit RSA private key

.................++

.................++

writing new private key to 'ca.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing                

Locality Name (eg, city) [Default City]:Beijing  

Organization Name (eg, company) [Default Company Ltd]:yunjisuan

Organizational Unit Name (eg, section) []:yunjisuan

Common Name (eg, your name or your server's hostname) []:www.yunjisuan.com

Email Address []:

 

[root@localhost ssl]# openssl req -newkey rsa:4096 -nodes -sha256 -keyout www.yunjisuan.com.key -out www.yunjisuan.com.csr

Generating a 4096 bit RSA private key

......................................................................................................................................................................++

.........................................................................................................................................................................................................................................++

writing new private key to 'www.yunjisuan.com.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Beijing     

Locality Name (eg, city) [Default City]:Beijing

Organization Name (eg, company) [Default Company Ltd]:yunjisuan

Organizational Unit Name (eg, section) []:yunjisuan

Common Name (eg, your name or your server's hostname) []:www.yunjisuan.com

Email Address []:

 

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

 

[root@localhost ssl]# ls

ca.crt  ca.key  www.yunjisuan.com.csr  www.yunjisuan.com.key

 

 

[root@bogon ssl]# openssl x509 -req -days 365 -in www.yunjisuan.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out www.yunjisuan.com.crt

Signature ok

subject=/C=CN/ST=Beijing/L=Beijing/O=yunjisuan/OU=yunjisuan/CN=www.yunjisuan.com

Getting CA Private Key

 

[root@bogon ssl]# ls

ca.crt  ca.key  ca.srl  www.yunjisuan.com.crt  www.yunjisuan.com.csr  www.yunjisuan.com.key

 

[root@bogon ssl]# cp www.yunjisuan.com.crt /etc/pki/ca-trust/source/anchors/   #签发证书

 

[root@bogon ssl]# update-ca-trust enable

[root@bogon ssl]# update-ca-trust extract  #让证书立即生效

 

[root@bogon ssl]# sestatus

SELinux status:                 disabled   #查看se的状态

 

[root@bogon ssl]# systemctl stop firewalld #关闭防火墙

 

[root@bogon ssl]# yum -y install yum-utils device-mapper-persistent-data lvm2 #安装依赖包

 

[root@bogon ssl]# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  1919  100  1919    0     0   2141      0 --:--:-- --:--:-- --:--:--  2139

 

[root@bogon ssl]# yum -y install docker-ce

 

[root@bogon ssl]# systemctl start docker

[root@bogon ssl]# systemctl status docker

● docker.service - Docker Application Container Engine

   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)

   Active: active (running) since 二 2024-01-23 19:36:45 CST; 9s ago

     Docs: https://docs.docker.com

 Main PID: 75367 (dockerd)

    Tasks: 8

   Memory: 29.0M

   CGroup: /system.slice/docker.service

           └─75367 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

 

1月 23 19:36:44 bogon systemd[1]: Starting Docker Application Container Engine...

1月 23 19:36:44 bogon dockerd[75367]: time="2024-01-23T19:36:44.876530652+08:00" level=info msg="Starting up"

1月 23 19:36:44 bogon dockerd[75367]: time="2024-01-23T19:36:44.994809327+08:00" level=info msg="Loading containers: start."

1月 23 19:36:45 bogon dockerd[75367]: time="2024-01-23T19:36:45.795362083+08:00" level=info msg="Loading containers: done."

1月 23 19:36:45 bogon dockerd[75367]: time="2024-01-23T19:36:45.827181646+08:00" level=info msg="Docker daemon" commit=61...=25.0.0

1月 23 19:36:45 bogon dockerd[75367]: time="2024-01-23T19:36:45.827463867+08:00" level=info msg="Daemon has completed ini...zation"

1月 23 19:36:45 bogon dockerd[75367]: time="2024-01-23T19:36:45.887077116+08:00" level=info msg="API listen on /run/docker.sock"

1月 23 19:36:45 bogon systemd[1]: Started Docker Application Container Engine.

Hint: Some lines were ellipsized, use -l to show in full.

 

 

[root@bogon ssl]# systemctl enable docker

Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.

 

[root@bogon ssl]# docker version

Client: Docker Engine - Community

 Version:           25.0.0

 API version:       1.44

 Go version:        go1.21.6

 Git commit:        e758fe5

 Built:             Thu Jan 18 17:13:17 2024

 OS/Arch:           linux/amd64

 Context:           default

 

Server: Docker Engine - Community

 Engine:

  Version:          25.0.0

  API version:      1.44 (minimum version 1.24)

  Go version:       go1.21.6

  Git commit:       615dfdf

  Built:            Thu Jan 18 17:12:10 2024

  OS/Arch:          linux/amd64

  Experimental:     false

 containerd:

  Version:          1.6.27

  GitCommit:        a1496014c916f9e62104b33d1bb5bd03b0858e59

 runc:

  Version:          1.1.11

  GitCommit:        v1.1.11-0-g4bccb38

 docker-init:

  Version:          0.19.0

  GitCommit:        de40ad0

 

[root@bogon ssl]# mkdir -p /etc/ssl/harbor  #创建证书目录并复制

 

[root@bogon ssl]# cp www.yunjisuan.com.crt www.yunjisuan.com.key /etc/ssl/harbor/

[root@Harbor install]# wget http://harbor.orientsoft.cn/harbor-v1.5.0/harbor-off1ine-installer-v1.5.0.te2

[root@bogon ssl]# mkdir -p /data/install

[root@192 ~]# tar xf harbor-offline-installer-v1.5.0.tgz -C /data/install/
[root@192 ~]# cd /data/install/harbor/
[root@192 harbor]# vim harbor.cfg

[ root@Harbor ~]# curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose    #安装docker-compose命令

[root@192 bin]# chmod +x docker-compose

[root@192 bin]# mv docker-compose /usr/bin/

[root@192 bin]# which docker-compose
/usr/bin/docker-compose
[root@192 bin]# docker-compose --version
docker-compose version 1.21.2, build a133471
[root@192 harbor]# ./install.sh --with-notary --with-clair

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at https://www.yunjisuan.com.
For more details, please visit https://github.com/vmware/harbor .  #显示这个即可
#用户名:admin 密码:Harbor12345

#改好以后点击保存

[root@192 ~]# docker login 192.168.200.217   #这里报错是正常的,的用域名访问
Username: admin
Password:
Error response from daemon: Get https://192.168.200.217/v1/users/: x509: cannot validate certificate for 192.168.200.217 because it doesn't contain any IP SANs

[root@192 ~]# echo '192.168.200.217 www.yunjisuan.com'>>/etc/hosts

[root@192 ~]# docker login -uadmin -pHarbor12345 www.yunjisuan.com
Login Succeeded

[root@192 ~]# docker images #查看镜像
REPOSITORY                    TAG                 IMAGE ID            CREATED             SIZE
vmware/redis-photon           v1.5.0              7c03076402d9        5 years ago         207 MB
vmware/clair-photon           v2.0.1-v1.5.0       7ae4e0670a3f        5 years ago         301 MB
vmware/notary-server-photon   v0.5.1-v1.5.0       0b2b23300552        5 years ago         211 MB
vmware/notary-signer-photon   v0.5.1-v1.5.0       67c41b4a1283        5 years ago         209 MB
vmware/registry-photon        v2.6.2-v1.5.0       3059f44f4b9a        5 years ago         198 MB
vmware/nginx-photon           v1.5.0              e100456182fc        5 years ago         135 MB
vmware/harbor-log             v1.5.0              62bb6b8350d9        5 years ago         200 MB
vmware/harbor-jobservice      v1.5.0              aca9fd2e867f        5 years ago         194 MB
vmware/harbor-ui              v1.5.0              1055166068d0        5 years ago         212 MB
vmware/harbor-adminserver     v1.5.0              019bc4544829        5 years ago         183 MB
vmware/harbor-db              v1.5.0              82354dcf564f        5 years ago         526 MB
vmware/mariadb-photon         v1.5.0              403e7e656499        5 years ago         526 MB
vmware/postgresql-photon      v1.5.0              35c891dea9cf        5 years ago         221 MB
vmware/harbor-migrator        v1.5.0              466c57ab0dc3        5 years ago         1.16 GB
vmware/photon                 1.0                 4b481ecbef2a        5 years ago         130 MB

 

 





 

标签:ssl,harbor,com,私有,docker,root,bogon,yunjisuan
From: https://www.cnblogs.com/caizongzi/p/17983307

相关文章

  • CentOS7 离线安装 Docker
    对于一些安全性要求比较高的项目,服务器一般都是内网,无法联网。如果直接在物理机或虚拟机上部署项目,一方面比较麻烦,另外风险也比较高,如果出现了一些问题,最坏的情况就是重置操作系统,然后重新部署,耗时费力。还是采用docker部署会比较方便,我们可以在外部可以联网的机器上把项目部署......
  • docker 中安装apt-get install vim 失败,且apt-get update 报404
    在docker中安装vim时,安装失败。在更新apt-get时,报错如下:root@a8a94b78ebf0:/#apt-getupdateIgn:1http://deb.debian.org/debianstretchInReleaseIgn:2http://deb.debian.org/debianstretch-up......
  • 使用 docker-compose 部署 Gitlab
    现在基本上每个公司,只要有代码开发工作,都会搭建Gitlab代码托管服务器,很少有公司再使用SVN等其它代码托管服务器了。本篇博客介绍如何快速搭建Gitlab服务器,有关Gitlab的使用方法,限于篇幅,这里就不介绍了。作为一名开发人员,搭建完成后,自己最好要仔细研究一下各项功能的用法......
  • docker环境部署
    1.下载docker点击查看代码#1.阿里云镜像资源(先执行这个下载加速)yum-config-manager--add-rephttps://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo#2.安装dockeryuminstall-ydocker-ce2.启动Docker服务安装完成后,使用下面的命令来启动docker服务,并......
  • 使用 docker-compose 部署 nacos(单机和集群)
    之前已经编写过有关nacos的单机部署和集群部署,是直接在CentOS7上直接部署的,之前的博客链接如下:单机版nacos部署:https://www.cnblogs.com/studyjobs/p/17380184.html集群版nacos部署:https://www.cnblogs.com/studyjobs/p/17383397.html为了进一步简化部署,本篇博客介绍如......
  • Docker小知识备忘录
    本文整理了一些Docker基础知识和常用命令,方便朋友们查阅。同时也感谢Docker这个划时代的产品,它解决了环境一致性的问题,让交付和迁移更轻松。1、Docker与虚拟化1.1、虚拟化技术虚拟化技术分为两大类,全虚拟化和半虚拟化。全虚拟化比如之前我们使用的虚拟机就是全虚拟化,这种......
  • Docker入门学习
    Docker学习笔记目录Docker学习笔记1.快速入门1.1部署MySQL1.2命令解读2.Docker基础2.1常见命令2.2数据卷2.2.1什么是数据卷?2.2.2挂载本地目录或文件(推荐)2.3自定义镜像2.3.1镜像的结构2.3.2Dockerfile2.3.3构建镜像2.4网络3.项目部署3.1手动部署3.1.1部署后端项目3.1.2部署前端项......
  • Mac电脑安装RedisCluster集群(非Docker模式)
    第1步,新建redis.confredis.conf内容如下:port7021cluster-enabledyes              //启用集群模式cluster-config-filenodes.conf     //集群的配置文件cluster-node-timeout5000appendonlyyesdaemonizeyesbind0.0.0.0   ......
  • Docker的错误和解决_2
    windows11下启动docker运行镜像ok,  但是浏览器访问时80端口的访问失败  其他端口ok,可能是我本地iis占了 ......
  • Asp-Net-Core学习笔记:部署,早知道,还是docker,以及一点碎碎念
    前言AspNetCore技术栈在我们团队里的使用也有一段时间了,之前的部署方式一直是本地编译之后上传可执行文件到服务器,使用supervisor来管理进程这种很原始的方式。参考之前的文章:对于小项目来说尚可,够用,但是存在几个问题:每次更新花费的时间太长了,无论是Framework-Dependent还是S......