您当前的位置: 首页 > 学无止境 > 心得笔记 网站首页心得笔记
09-Docker私有registry
发布时间:2020-09-20 19:04:33编辑:雪饮阅读()
命令行的私有registry
想要实现私有registry首先需要安装docker-registry
[root@localhost ~]# yum install docker-registry
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Determining fastest mirrors
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.huaweicloud.com
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
updates/7/x86_64/primary_db | 4.5 MB 00:00:20
Package docker-registry is obsoleted by docker-distribution, trying to install docker-distribution-2.6.2-2.git48294d9.el7.x86_64 instead
Resolving Dependencies
--> Running transaction check
---> Package docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=======================================================================================================================================================
Package Arch Version Repository Size
=======================================================================================================================================================
Installing:
docker-distribution x86_64 2.6.2-2.git48294d9.el7 extras 3.5 M
Transaction Summary
=======================================================================================================================================================
Install 1 Package
Total download size: 3.5 M
Installed size: 12 M
Is this ok [y/d/N]: y
Downloading packages:
docker-distribution-2.6.2-2.git48294d9.el7.x86_64.rpm | 3.5 MB 00:00:10
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1
Verifying : docker-distribution-2.6.2-2.git48294d9.el7.x86_64 1/1
Installed:
docker-distribution.x86_64 0:2.6.2-2.git48294d9.el7
Complete!
-l:显示套件的文件列表;
-q:使用询问模式,当遇到任何问题时,rpm指令会先询问用户;
[root@localhost ~]# rpm -ql docker-distribution
/etc/docker-distribution/registry/config.yml
/usr/bin/registry
/usr/lib/systemd/system/docker-distribution.service
/usr/share/doc/docker-distribution-2.6.2
/usr/share/doc/docker-distribution-2.6.2/AUTHORS
/usr/share/doc/docker-distribution-2.6.2/CONTRIBUTING.md
/usr/share/doc/docker-distribution-2.6.2/LICENSE
/usr/share/doc/docker-distribution-2.6.2/MAINTAINERS
/usr/share/doc/docker-distribution-2.6.2/README.md
/var/lib/registry
然后我们启动docker-distribution
[root@localhost ~]# systemctl start docker-distribution
ss是Socket Statistics的缩写。顾名思义,ss命令可以用来获取socket统计信息,它可以显示和netstat类似的内容。ss的优势在于它能够显示更多更详细的有关TCP和连接状态的信息,而且比netstat更快速更高效。
当服务器的socket连接数量变得非常大时,无论是使用netstat命令还是直接cat /proc/net/tcp,执行速度都会很慢。
ss快的秘诀在于,它利用到了TCP协议栈中tcp_diag。tcp_diag是一个用于分析统计的模块,可以获得Linux 内核中第一手的信息,这就确保了ss的快捷高效。
-t: tcp
-l: listening 【ss -l列出所有打开的网络连接端口】
n: numeric 【不解析服务名称】
我们可以看到docker-registry默认监听的端口是5000
[root@localhost ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:5000 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25
接下来我们回到之前我们制作了好多镜像的那个服务器中为我们上面这个服务器,我们就称为node2吧进行打标(我们上面这个服务器需要有主机名)。
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.108.129 node2.magedu.com
为了简单起见我就同时在node1(就是我们之前制作了很多镜像的这个机器)上同样增加相同的hosts项
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.108.129 node2.magedu.com
那么我们继续在node1中为node2打标签
[root@localhost ~]# docker tag myweb:v0.3-11 node2.magedu.com:5000/myweb:v0.3-11
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
myweb v0.3-11 07c2b67f8735 21 hours ago 16 MB
node2.magedu.com:5000/myweb v0.3-11 07c2b67f8735 21 hours ago 16 MB
myweb v0.3-10 3b3b86ef9fb8 21 hours ago 16 MB
myweb v0.3-9 8758871fea60 21 hours ago 16 MB
<none> <none> bc2cff13828b 21 hours ago 16 MB
为了能让节点1的docker能够push到节点2的docker服务,所以节点1还得增加对于节点2的docker允许(或许这样描述不太简明,但是大概是这个意思)
[root@localhost ~]# cat /etc/docker/daemon.json
{
"registry-mirrors":["https://7bezldxe.mirror.aliyuncs.com","https://iktw4ld3.mirror.aliyuncs.com"],
"bip":"10.0.0.1/16",
"hosts":["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"],
"insecure-registries":["node2.magedu.com:5000"]
}
[root@localhost ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
然后我们用节点1把刚才的打标的镜像push到节点2上
[root@localhost ~]# docker push node2.magedu.com:5000/myweb:v0.3-11
The push refers to a repository [node2.magedu.com:5000/myweb]
Put http://node2.magedu.com:5000/v1/repositories/myweb/: dial tcp 192.168.108.129:5000: connect: no route to host
这里报错了,有可能你节点2的防火墙问题,这里先简单粗暴直接关闭了节点2的防火墙
[root@localhost ~]# systemctl stop firewalld.service
然后节点1重新push即可成功
[root@localhost ~]# docker push node2.magedu.com:5000/myweb:v0.3-11
The push refers to a repository [node2.magedu.com:5000/myweb]
ccd8634ab314: Pushed
7536d1bb8368: Pushed
076c58d2644f: Pushed
b2cbae4b8c15: Pushed
5ac9a5170bf2: Pushed
a464c54f93a9: Pushed
v0.3-11: digest: sha256:e5de1fc9bb21781735fbb72cffb6de29f8c580c4bd413b17e39b0d81911942d4 size: 1568
我们在node2这里需要用到一个tree命令,用来查看目录结构的,所以就要先安装这个tree命令,如果你已经安装过了就忽略这步咯
[root@localhost ~]# yum install tree
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.huaweicloud.com
Resolving Dependencies
--> Running transaction check
---> Package tree.x86_64 0:1.6.0-10.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================
Installing:
tree x86_64 1.6.0-10.el7 base 46 k
Transaction Summary
=============================================================================================================================================
Install 1 Package
Total download size: 46 k
Installed size: 87 k
Is this ok [y/d/N]: y
Downloading packages:
tree-1.6.0-10.el7.x86_64.rpm | 46 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : tree-1.6.0-10.el7.x86_64 1/1
Verifying : tree-1.6.0-10.el7.x86_64 1/1
Installed:
tree.x86_64 0:1.6.0-10.el7
Complete!
然后我们可以在node2中通过tree命令看到我们刚才推到node2中的这个镜像
[root@localhost ~]# tree /var/lib/registry/docker/registry
/var/lib/registry/docker/registry
└── v2
├── blobs
│ └── sha256
│ ├── 07
│ │ └── 07c2b67f8735876d5128e8d5f2c4514f25392dd81dec150075983270a44768ad
│ │ └── data
│ ├── 13
│ │ └── 1345afe26598c38656e616f62d93599ab5efc7848a3360ccaa9cc9ec4fcfd222
│ │ └── data
│ ├── 3d
│ │ ├── 3d0a573c81ed8e5446fb5452e82741fa814846c1118c3da13b90963ad8fcdf52
│ │ │ └── data
│ │ └── 3dc99f571daf389aed6ca12c817635c5ba32eaf47020b5c7a72b494bf3c9b213
│ │ └── data
│ ├── 81
│ │ └── 8129faeb2eb65d1bfb53796a8912ffed02a4561756c6ba69c94411fa1dfbaf1a
│ │ └── data
│ ├── 8e
│ │ └── 8eb669c64db04641929512055f680e177752d7a46bda666bf254640dfdf1f935
│ │ └── data
│ ├── bd
│ │ └── bdf0201b3a056acc4d6062cc88cd8a4ad5979983bfb640f15a145e09ed985f92
│ │ └── data
│ └── e5
│ └── e5de1fc9bb21781735fbb72cffb6de29f8c580c4bd413b17e39b0d81911942d4
│ └── data
└── repositories
└── myweb
├── _layers
│ └── sha256
│ ├── 07c2b67f8735876d5128e8d5f2c4514f25392dd81dec150075983270a44768ad
│ │ └── link
│ ├── 1345afe26598c38656e616f62d93599ab5efc7848a3360ccaa9cc9ec4fcfd222
│ │ └── link
│ ├── 3d0a573c81ed8e5446fb5452e82741fa814846c1118c3da13b90963ad8fcdf52
│ │ └── link
│ ├── 3dc99f571daf389aed6ca12c817635c5ba32eaf47020b5c7a72b494bf3c9b213
│ │ └── link
│ ├── 8129faeb2eb65d1bfb53796a8912ffed02a4561756c6ba69c94411fa1dfbaf1a
│ │ └── link
│ ├── 8eb669c64db04641929512055f680e177752d7a46bda666bf254640dfdf1f935
│ │ └── link
│ └── bdf0201b3a056acc4d6062cc88cd8a4ad5979983bfb640f15a145e09ed985f92
│ └── link
├── _manifests
│ ├── revisions
│ │ └── sha256
│ │ └── e5de1fc9bb21781735fbb72cffb6de29f8c580c4bd413b17e39b0d81911942d4
│ │ └── link
│ └── tags
│ └── v0.3-11
│ ├── current
│ │ └── link
│ └── index
│ └── sha256
│ └── e5de1fc9bb21781735fbb72cffb6de29f8c580c4bd413b17e39b0d81911942d4
│ └── link
└── _uploads
40 directories, 18 files
接下来就是node2需要从刚才这个私有的registry(同时相当于就在node2本地)中拉出来,那么node2的docker服务配置也需要允许下node2自己。。
[root@localhost ~]# cat /etc/docker/daemon.json
{
"insecure-registries":["node2.magedu.com:5000"]
}
[root@localhost ~]# service docker restart
Redirecting to /bin/systemctl restart docker.service
然后节点2就可以从registry中pull下来咯
[root@localhost ~]# docker pull node2.magedu.com:5000/myweb:v0.3-11
Trying to pull repository node2.magedu.com:5000/myweb ...
v0.3-11: Pulling from node2.magedu.com:5000/myweb
bdf0201b3a05: Pull complete
3d0a573c81ed: Pull complete
8129faeb2eb6: Pull complete
3dc99f571daf: Pull complete
8eb669c64db0: Pull complete
1345afe26598: Pull complete
Digest: sha256:e5de1fc9bb21781735fbb72cffb6de29f8c580c4bd413b17e39b0d81911942d4
Status: Downloaded newer image for node2.magedu.com:5000/myweb:v0.3-11
[root@localhost ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
node2.magedu.com:5000/myweb v0.3-11 07c2b67f8735 21 hours ago 16 MB
foe/httpd v0.2 a2dbea494573 2 weeks ago 1.22 MB
foe/httpd v0.1-1 f0f7ae2f4223 2 weeks ago 1.22 MB
带有ui的registry
在node2中我们先安装了wget,然后用wget下载harbor的离线包,harbor就是带有ui的registry
[root@localhost ~]# wget http://harbor.orientsoft.cn/harbor-v1.4.0/harbor-offline-installer-v1.4.0.tgz
--2020-09-20 05:31:43-- http://harbor.orientsoft.cn/harbor-v1.4.0/harbor-offline-installer-v1.4.0.tgz
Resolving harbor.orientsoft.cn (harbor.orientsoft.cn)... 118.123.5.23
Connecting to harbor.orientsoft.cn (harbor.orientsoft.cn)|118.123.5.23|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 812866569 (775M) [application/octet-stream]
Saving to: ‘harbor-offline-installer-v1.4.0.tgz’
100%[============================================================================================================================================>] 812,866,569 904KB/s in 16m 46s
2020-09-20 05:48:28 (789 KB/s) - ‘harbor-offline-installer-v1.4.0.tgz’ saved [812866569/812866569]
然后我们将该包解压下
[root@localhost ~]# tar xf harbor-offline-installer-v1.4.0.tgz -C /usr/local/
然后进入解压后的目录准备安装这个包,在安装之前先把刚才我们的docker-distribution先关闭掉。
[root@localhost ~]# systemctl stop docker-distribution
然后我们配置当前目录的harbor.cfg,其实这里就只配置一个主机名,那么局部配置信息如
[root@localhost harbor]# cat harbor.cfg
## Configuration file of Harbor
#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname = node2.magedu.com
#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = http
#Maximum number of job workers in job service
max_job_workers = 3
#Determine whether or not to generate certificate for the registry's token.
#If the value is on, the prepare script creates new root cert and private key
#for generating token to access the registry. If the value is off the default key/cert will be used.
#This flag also controls the creation of the notary signer's cert.
customize_crt = on
#The path of cert and key files for nginx, they are applied only the protocol is set to https
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
#The path of secretkey storage
secretkey_path = /data
-- INSERT –
接下来我们要为当前目录的./install.sh准备它所依赖的docker-compose而要安装docker-compose我们需要为我们的yum配置epel源,因为docker-compose就正好在这个源里面,然后才能安装docker-compose,所以:
[root@localhost harbor]# yum install -y epel-release
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.huaweicloud.com
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-11 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================================================================================================
Package Arch Version Repository Size
======================================================================================================================================================================================
Installing:
epel-release noarch 7-11 extras 15 k
Transaction Summary
======================================================================================================================================================================================
Install 1 Package
Total download size: 15 k
Installed size: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1
Installed:
epel-release.noarch 0:7-11
Complete!
[root@localhost harbor]# yum install docker-compose
Loaded plugins: fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 5.6 kB 00:00:00
* base: mirrors.huaweicloud.com
* epel: fedora.cs.nctu.edu.tw
* extras: mirrors.huaweicloud.com
* updates: mirrors.ustc.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/2): epel/x86_64/updateinfo | 1.0 MB 00:00:01
(2/2): epel/x86_64/primary_db | 6.9 MB 00:00:02
Resolving Dependencies
--> Running transaction check
---> Package docker-compose.noarch 0:1.18.0-4.el7 will be installed
--> Processing Dependency: python(abi) = 3.6 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-cached_property >= 1.2.0 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-docker >= 2.6.1 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-dockerpty >= 0.4.1 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-docopt >= 0.6.1 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-jsonschema >= 2.5.1 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-pysocks >= 1.5.6 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-requests >= 2.6.1 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-six >= 1.3.0 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-texttable >= 0.9.0 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-websocket-client >= 0.32.0 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-yaml >= 3.10 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: /usr/bin/python3.6 for package: docker-compose-1.18.0-4.el7.noarch
--> Processing Dependency: python36-setuptools for package: docker-compose-1.18.0-4.el7.noarch
--> Running transaction check
---> Package python3.x86_64 0:3.6.8-13.el7 will be installed
--> Processing Dependency: python3-libs(x86-64) = 3.6.8-13.el7 for package: python3-3.6.8-13.el7.x86_64
--> Processing Dependency: python3-pip for package: python3-3.6.8-13.el7.x86_64
--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-13.el7.x86_64
---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed
---> Package python36-PyYAML.x86_64 0:3.13-1.el7 will be installed
---> Package python36-cached_property.noarch 0:1.5.1-2.el7 will be installed
---> Package python36-docker.noarch 0:2.6.1-3.el7 will be installed
--> Processing Dependency: python36-docker-pycreds >= 0.2.1 for package: python36-docker-2.6.1-3.el7.noarch
---> Package python36-dockerpty.noarch 0:0.4.1-18.el7 will be installed
---> Package python36-docopt.noarch 0:0.6.2-8.el7 will be installed
---> Package python36-jsonschema.noarch 0:2.5.1-4.el7 will be installed
---> Package python36-pysocks.noarch 0:1.6.8-7.el7 will be installed
---> Package python36-requests.noarch 0:2.14.2-2.el7 will be installed
--> Processing Dependency: python36-chardet for package: python36-requests-2.14.2-2.el7.noarch
--> Processing Dependency: python36-idna for package: python36-requests-2.14.2-2.el7.noarch
--> Processing Dependency: python36-urllib3 for package: python36-requests-2.14.2-2.el7.noarch
---> Package python36-six.noarch 0:1.14.0-2.el7 will be installed
---> Package python36-texttable.noarch 0:1.6.2-1.el7 will be installed
---> Package python36-websocket-client.noarch 0:0.47.0-2.el7 will be installed
--> Running transaction check
---> Package python3-libs.x86_64 0:3.6.8-13.el7 will be installed
--> Processing Dependency: libtirpc.so.1()(64bit) for package: python3-libs-3.6.8-13.el7.x86_64
---> Package python3-pip.noarch 0:9.0.3-7.el7_7 will be installed
---> Package python36-chardet.noarch 0:3.0.4-1.el7 will be installed
---> Package python36-docker-pycreds.noarch 0:0.2.1-2.el7 will be installed
---> Package python36-idna.noarch 0:2.7-2.el7 will be installed
---> Package python36-urllib3.noarch 0:1.25.6-1.el7 will be installed
--> Running transaction check
---> Package libtirpc.x86_64 0:0.2.4-0.16.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================================================================================================================
Package Arch Version Repository Size
======================================================================================================================================================================================
Installing:
docker-compose noarch 1.18.0-4.el7 epel 222 k
Installing for dependencies:
libtirpc x86_64 0.2.4-0.16.el7 base 89 k
python3 x86_64 3.6.8-13.el7 base 69 k
python3-libs x86_64 3.6.8-13.el7 base 7.0 M
python3-pip noarch 9.0.3-7.el7_7 updates 1.8 M
python3-setuptools noarch 39.2.0-10.el7 base 629 k
python36-PyYAML x86_64 3.13-1.el7 epel 149 k
python36-cached_property noarch 1.5.1-2.el7 epel 18 k
python36-chardet noarch 3.0.4-1.el7 epel 190 k
python36-docker noarch 2.6.1-3.el7 epel 180 k
python36-docker-pycreds noarch 0.2.1-2.el7 epel 15 k
python36-dockerpty noarch 0.4.1-18.el7 epel 30 k
python36-docopt noarch 0.6.2-8.el7 epel 29 k
python36-idna noarch 2.7-2.el7 epel 98 k
python36-jsonschema noarch 2.5.1-4.el7 epel 76 k
python36-pysocks noarch 1.6.8-7.el7 epel 30 k
python36-requests noarch 2.14.2-2.el7 epel 112 k
python36-six noarch 1.14.0-2.el7 epel 34 k
python36-texttable noarch 1.6.2-1.el7 epel 23 k
python36-urllib3 noarch 1.25.6-1.el7 epel 178 k
python36-websocket-client noarch 0.47.0-2.el7 epel 59 k
Transaction Summary
======================================================================================================================================================================================
Install 1 Package (+20 Dependent packages)
Total download size: 11 M
Installed size: 55 M
Is this ok [y/d/N]: y
Downloading packages:
(1/21): python3-3.6.8-13.el7.x86_64.rpm | 69 kB 00:00:00
(2/21): libtirpc-0.2.4-0.16.el7.x86_64.rpm | 89 kB 00:00:00
warning: /var/cache/yum/x86_64/7/epel/packages/docker-compose-1.18.0-4.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY ] 1.5 MB/s | 2.9 MB 00:00:05 ETA
Public key for docker-compose-1.18.0-4.el7.noarch.rpm is not installed
(3/21): docker-compose-1.18.0-4.el7.noarch.rpm | 222 kB 00:00:02
(4/21): python36-PyYAML-3.13-1.el7.x86_64.rpm | 149 kB 00:00:00
(5/21): python36-cached_property-1.5.1-2.el7.noarch.rpm | 18 kB 00:00:00
(6/21): python3-pip-9.0.3-7.el7_7.noarch.rpm | 1.8 MB 00:00:03
(7/21): python3-libs-3.6.8-13.el7.x86_64.rpm | 7.0 MB 00:00:04
(8/21): python3-setuptools-39.2.0-10.el7.noarch.rpm | 629 kB 00:00:03
(9/21): python36-chardet-3.0.4-1.el7.noarch.rpm | 190 kB 00:00:02
(10/21): python36-docker-2.6.1-3.el7.noarch.rpm | 180 kB 00:00:00
(11/21): python36-docker-pycreds-0.2.1-2.el7.noarch.rpm | 15 kB 00:00:00
(12/21): python36-dockerpty-0.4.1-18.el7.noarch.rpm | 30 kB 00:00:00
(13/21): python36-docopt-0.6.2-8.el7.noarch.rpm | 29 kB 00:00:00
(14/21): python36-idna-2.7-2.el7.noarch.rpm | 98 kB 00:00:00
(15/21): python36-jsonschema-2.5.1-4.el7.noarch.rpm | 76 kB 00:00:00
(16/21): python36-pysocks-1.6.8-7.el7.noarch.rpm | 30 kB 00:00:00
(17/21): python36-requests-2.14.2-2.el7.noarch.rpm | 112 kB 00:00:00
(18/21): python36-six-1.14.0-2.el7.noarch.rpm | 34 kB 00:00:00
(19/21): python36-texttable-1.6.2-1.el7.noarch.rpm | 23 kB 00:00:00
(20/21): python36-urllib3-1.25.6-1.el7.noarch.rpm | 178 kB 00:00:00
(21/21): python36-websocket-client-0.47.0-2.el7.noarch.rpm | 59 kB 00:00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.3 MB/s | 11 MB 00:00:08
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Importing GPG key 0x352C64E5:
Userid : "Fedora EPEL (7) <epel@fedoraproject.org>"
Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5
Package : epel-release-7-11.noarch (@extras)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : libtirpc-0.2.4-0.16.el7.x86_64 1/21
Installing : python3-pip-9.0.3-7.el7_7.noarch 2/21
Installing : python3-setuptools-39.2.0-10.el7.noarch 3/21
Installing : python3-3.6.8-13.el7.x86_64 4/21
Installing : python3-libs-3.6.8-13.el7.x86_64 5/21
Installing : python36-six-1.14.0-2.el7.noarch 6/21
Installing : python36-websocket-client-0.47.0-2.el7.noarch 7/21
Installing : python36-pysocks-1.6.8-7.el7.noarch 8/21
Installing : python36-urllib3-1.25.6-1.el7.noarch 9/21
Installing : python36-dockerpty-0.4.1-18.el7.noarch 10/21
Installing : python36-docker-pycreds-0.2.1-2.el7.noarch 11/21
Installing : python36-PyYAML-3.13-1.el7.x86_64 12/21
Installing : python36-texttable-1.6.2-1.el7.noarch 13/21
Installing : python36-idna-2.7-2.el7.noarch 14/21
Installing : python36-jsonschema-2.5.1-4.el7.noarch 15/21
Installing : python36-chardet-3.0.4-1.el7.noarch 16/21
Installing : python36-requests-2.14.2-2.el7.noarch 17/21
Installing : python36-docker-2.6.1-3.el7.noarch 18/21
Installing : python36-docopt-0.6.2-8.el7.noarch 19/21
Installing : python36-cached_property-1.5.1-2.el7.noarch 20/21
Installing : docker-compose-1.18.0-4.el7.noarch 21/21
Verifying : python36-requests-2.14.2-2.el7.noarch 1/21
Verifying : libtirpc-0.2.4-0.16.el7.x86_64 2/21
Verifying : python36-PyYAML-3.13-1.el7.x86_64 3/21
Verifying : python36-texttable-1.6.2-1.el7.noarch 4/21
Verifying : python36-idna-2.7-2.el7.noarch 5/21
Verifying : python36-jsonschema-2.5.1-4.el7.noarch 6/21
Verifying : python36-pysocks-1.6.8-7.el7.noarch 7/21
Verifying : python3-3.6.8-13.el7.x86_64 8/21
Verifying : python36-dockerpty-0.4.1-18.el7.noarch 9/21
Verifying : python36-docker-2.6.1-3.el7.noarch 10/21
Verifying : python36-chardet-3.0.4-1.el7.noarch 11/21
Verifying : python36-six-1.14.0-2.el7.noarch 12/21
Verifying : python3-pip-9.0.3-7.el7_7.noarch 13/21
Verifying : docker-compose-1.18.0-4.el7.noarch 14/21
Verifying : python36-docker-pycreds-0.2.1-2.el7.noarch 15/21
Verifying : python3-setuptools-39.2.0-10.el7.noarch 16/21
Verifying : python36-docopt-0.6.2-8.el7.noarch 17/21
Verifying : python36-cached_property-1.5.1-2.el7.noarch 18/21
Verifying : python3-libs-3.6.8-13.el7.x86_64 19/21
Verifying : python36-urllib3-1.25.6-1.el7.noarch 20/21
Verifying : python36-websocket-client-0.47.0-2.el7.noarch 21/21
Installed:
docker-compose.noarch 0:1.18.0-4.el7
Dependency Installed:
libtirpc.x86_64 0:0.2.4-0.16.el7 python3.x86_64 0:3.6.8-13.el7 python3-libs.x86_64 0:3.6.8-13.el7 python3-pip.noarch 0:9.0.3-7.el7_7
python3-setuptools.noarch 0:39.2.0-10.el7 python36-PyYAML.x86_64 0:3.13-1.el7 python36-cached_property.noarch 0:1.5.1-2.el7 python36-chardet.noarch 0:3.0.4-1.el7
python36-docker.noarch 0:2.6.1-3.el7 python36-docker-pycreds.noarch 0:0.2.1-2.el7 python36-dockerpty.noarch 0:0.4.1-18.el7 python36-docopt.noarch 0:0.6.2-8.el7
python36-idna.noarch 0:2.7-2.el7 python36-jsonschema.noarch 0:2.5.1-4.el7 python36-pysocks.noarch 0:1.6.8-7.el7 python36-requests.noarch 0:2.14.2-2.el7
python36-six.noarch 0:1.14.0-2.el7 python36-texttable.noarch 0:1.6.2-1.el7 python36-urllib3.noarch 0:1.25.6-1.el7 python36-websocket-client.noarch 0:0.47.0-2.el7
Complete!
接下来我们就可以正式安装了
[root@localhost harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 1.13.1
Note: docker-compose version: 1.18.0
[Step 1]: loading Harbor images ...
651f69aef02c: Loading layer [==================================================>] 135.8 MB/135.8 MB
40a1aad64343: Loading layer [==================================================>] 23.24 MB/23.24 MB
3fe2713e4072: Loading layer [==================================================>] 12.16 MB/12.16 MB
ba3a1eb0e375: Loading layer [==================================================>] 17.3 MB/17.3 MB
447427ec5e1a: Loading layer [==================================================>] 15.87 kB/15.87 kB
4ccb4026663c: Loading layer [==================================================>] 3.072 kB/3.072 kB
16faa95946a1: Loading layer [==================================================>] 29.46 MB/29.46 MB
Loaded image: vmware/notary-server-photon:v0.5.1-v1.4.0
fa7ba9fd42c9: Loading layer [==================================================>] 10.95 MB/10.95 MB
4e400f9ae23e: Loading layer [==================================================>] 17.3 MB/17.3 MB
2802fb27c88b: Loading layer [==================================================>] 15.87 kB/15.87 kB
e6367a4e1e1e: Loading layer [==================================================>] 3.072 kB/3.072 kB
8ece8dfcdd98: Loading layer [==================================================>] 28.24 MB/28.24 MB
Loaded image: vmware/notary-signer-photon:v0.5.1-v1.4.0
a7dd1a8afcaf: Loading layer [==================================================>] 396.7 MB/396.7 MB
05adebbe496f: Loading layer [==================================================>] 9.216 kB/9.216 kB
86eb534949fa: Loading layer [==================================================>] 9.216 kB/9.216 kB
d7f127c69380: Loading layer [==================================================>] 7.68 kB/7.68 kB
5ac1c4dc5ee9: Loading layer [==================================================>] 1.536 kB/1.536 kB
d0bec56b5b1a: Loading layer [==================================================>] 9.728 kB/9.728 kB
4bbe83860556: Loading layer [==================================================>] 2.56 kB/2.56 kB
e526f9e6769f: Loading layer [==================================================>] 3.072 kB/3.072 kB
Loaded image: vmware/harbor-db:v1.4.0
1cff102bbda2: Loading layer [==================================================>] 154.1 MB/154.1 MB
04c9f3e07de1: Loading layer [==================================================>] 10.75 MB/10.75 MB
7b6c7bf54f5c: Loading layer [==================================================>] 2.048 kB/2.048 kB
42f8acdb7fe3: Loading layer [==================================================>] 48.13 kB/48.13 kB
5b6299d0a1df: Loading layer [==================================================>] 10.8 MB/10.8 MB
Loaded image: vmware/clair-photon:v2.0.1-v1.4.0
6534131f457c: Loading layer [==================================================>] 94.76 MB/94.76 MB
73f582101e4b: Loading layer [==================================================>] 6.656 kB/6.656 kB
86d847823c48: Loading layer [==================================================>] 6.656 kB/6.656 kB
Loaded image: vmware/postgresql-photon:v1.4.0
5cd250d5a352: Loading layer [==================================================>] 23.24 MB/23.24 MB
ad3fd52b54f3: Loading layer [==================================================>] 14.99 MB/14.99 MB
13b1e24cc368: Loading layer [==================================================>] 14.99 MB/14.99 MB
Loaded image: vmware/harbor-adminserver:v1.4.0
c26c69706710: Loading layer [==================================================>] 23.24 MB/23.24 MB
223f6fe02cc8: Loading layer [==================================================>] 23.45 MB/23.45 MB
1fc843c8698a: Loading layer [==================================================>] 7.168 kB/7.168 kB
e09293610ee7: Loading layer [==================================================>] 10.39 MB/10.39 MB
d59f9780b1d8: Loading layer [==================================================>] 23.44 MB/23.44 MB
Loaded image: vmware/harbor-ui:v1.4.0
dd4753242e59: Loading layer [==================================================>] 73.07 MB/73.07 MB
95aed61ca251: Loading layer [==================================================>] 3.584 kB/3.584 kB
1864f9818562: Loading layer [==================================================>] 3.072 kB/3.072 kB
da2a19f80b81: Loading layer [==================================================>] 4.096 kB/4.096 kB
058531639e75: Loading layer [==================================================>] 3.584 kB/3.584 kB
a84e69fb619b: Loading layer [==================================================>] 10.24 kB/10.24 kB
Loaded image: vmware/harbor-log:v1.4.0
b1056051f246: Loading layer [==================================================>] 23.24 MB/23.24 MB
07678065e08b: Loading layer [==================================================>] 19.19 MB/19.19 MB
a2d9bdb8f5fb: Loading layer [==================================================>] 19.19 MB/19.19 MB
Loaded image: vmware/harbor-jobservice:v1.4.0
7f58ce57cd5e: Loading layer [==================================================>] 4.805 MB/4.805 MB
Loaded image: vmware/nginx-photon:v1.4.0
4c8965978b77: Loading layer [==================================================>] 23.24 MB/23.24 MB
1466c942edde: Loading layer [==================================================>] 2.048 kB/2.048 kB
ac5c17331735: Loading layer [==================================================>] 2.048 kB/2.048 kB
86824c7c466a: Loading layer [==================================================>] 2.048 kB/2.048 kB
fd3bd0e70d67: Loading layer [==================================================>] 22.8 MB/22.8 MB
b02195d77636: Loading layer [==================================================>] 22.8 MB/22.8 MB
Loaded image: vmware/registry-photon:v2.6.2-v1.4.0
Loaded image: vmware/photon:1.0
Loaded image: vmware/mariadb-photon:v1.4.0
454c81edbd3b: Loading layer [==================================================>] 135.2 MB/135.2 MB
e99db1275091: Loading layer [==================================================>] 395.4 MB/395.4 MB
051e4ee23882: Loading layer [==================================================>] 9.216 kB/9.216 kB
6cca4437b6f6: Loading layer [==================================================>] 9.216 kB/9.216 kB
1d48fc08c8bc: Loading layer [==================================================>] 7.68 kB/7.68 kB
0419724fd942: Loading layer [==================================================>] 1.536 kB/1.536 kB
526b2156bd7a: Loading layer [==================================================>] 637.8 MB/637.8 MB
9ebf6900ecbd: Loading layer [==================================================>] 78.34 kB/78.34 kB
Loaded image: vmware/harbor-db-migrator:1.4
[Step 2]: preparing environment ...
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
Creating harbor-log ... done
[Step 3]: checking existing instance of Harbor ...
Creating registry ... done
Creating harbor-ui ... done
Creating harbor-db ... done
Creating nginx ... done
Creating harbor-adminserver ...
Creating registry ...
Creating harbor-db ...
Creating harbor-ui ...
Creating harbor-jobservice ...
Creating nginx ...
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://node2.magedu.com.
For more details, please visit https://github.com/vmware/harbor .
可以看到相关监听的端口了
[root@localhost harbor]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:443 [::]:*
LISTEN 0 128 [::]:4443 [::]:*
[root@localhost harbor]# ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:1514 *:* users:(("docker-proxy-cu",pid=3008,fd=4))
LISTEN 0 128 *:22 *:* users:(("sshd",pid=1026,fd=3))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=1115,fd=13))
LISTEN 0 128 [::]:80 [::]:* users:(("docker-proxy-cu",pid=3451,fd=4))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=1026,fd=4))
LISTEN 0 100 [::1]:25 [::]:* users:(("master",pid=1115,fd=14))
LISTEN 0 128 [::]:443 [::]:* users:(("docker-proxy-cu",pid=3434,fd=4))
LISTEN 0 128 [::]:4443 [::]:* users:(("docker-proxy-cu",pid=3419,fd=4))
然后我们可以在我们物理机中的浏览器访问到node2的registry的项目了,地址当然是node2的ip地址咯,这里的默认用户名和密码就在刚才那个harbor.cfg文件中,默认是admin/Harbor12345
然后我们创建一个用户在后面我们要用magedu/Whistle220807
然后我们再新建一个仓库,这里授权用户名和密码就是刚才我们新建的这个用户,这里就不用https了,很麻烦,所以就去除勾选了。
然后我们分别再建立一个私有项目和一个公有项目
为了后面我们能用上面我们新建的这个magedu用户可以push镜像到上面我们新建的devel项目中,所以我们还需要自己把magedu添加到该项目的成员列表中。
接下来我们则需要重新配置节点1中允许节点2的那个地址的端口,因为现在节点2中带ui的这个registry是默认80端口了,而80端口则可以默认不写,所以配置如:
[root@localhost ~]# cat /etc/docker/daemon.json
{
"registry-mirrors":["https://7bezldxe.mirror.aliyuncs.com","https://iktw4ld3.mirror.aliyuncs.com"],
"bip":"10.0.0.1/16",
"hosts":["tcp://0.0.0.0:2375","unix:///var/run/docker.sock"],
"insecure-registries":["node2.magedu.com"]
}
[root@localhost ~]# systemctl restart docker
那么接下来我们要测试从节点1再次向节点2中push镜像,所以我们再次在节点1中多打几个标。因为我本地目前”可用”的有myweb5,myweb6,myweb9等并且我们这里测试push的目标是上面新建的项目devel那个私有项目,而且这次是默认80端口可以缺省,所以:
[root@localhost ~]# docker tag myweb:v0.3-5 node2.magedu.com/devel/myweb:v0.3-5
[root@localhost ~]# docker tag myweb:v0.3-6 node2.magedu.com/devel/myweb:v0.3-6
[root@localhost ~]# docker tag myweb:v0.3-9 node2.magedu.com/devel/myweb:v0.3-9
由于这个带ui的registry你知道我们刚才也建立了用户,那么自不必说肯定是带鉴权的,所以我们这里对于这个私有的devel进行push则需要先登录,登录地址就是node2刚才我们配置的主机名,登录用户就是上面我们新建立的这个用户
[root@localhost ~]# docker login node2.magedu.com
Username: magedu
Password:
Login Succeeded
然后我们就可以push上去了,这里直接把上面几个打标的全部推上去了
[root@localhost ~]# docker push node2.magedu.com/devel/myweb
The push refers to a repository [node2.magedu.com/devel/myweb]
70c3cd584ecd: Pushed
076c58d2644f: Pushed
b2cbae4b8c15: Pushed
5ac9a5170bf2: Pushed
a464c54f93a9: Pushed
v0.3-5: digest: sha256:be82e58ead4734327609faf6184012fed656832296166086298330336bb9309d size: 1360
df0c04352cb6: Pushed
a1e05f7dec4c: Pushed
076c58d2644f: Layer already exists
b2cbae4b8c15: Layer already exists
5ac9a5170bf2: Layer already exists
a464c54f93a9: Layer already exists
v0.3-6: digest: sha256:6b6c3a4dc506febe8d414bb9acbbede7eb87a8a703acc7a803ac487f485465ba size: 1567
ccd8634ab314: Pushed
7536d1bb8368: Pushed
076c58d2644f: Layer already exists
b2cbae4b8c15: Layer already exists
5ac9a5170bf2: Layer already exists
a464c54f93a9: Layer already exists
v0.3-9: digest: sha256:2654de7254095107b436652055366fa003ebd13b52fbab734ba92bbd02056ce5 size: 1567
然后我们就可以到刚才这个带ui的registry中看到了
这个带ui的registry还附带有暂停和恢复暂停的命令,如暂停该registry
[root@localhost harbor]# docker-compose pause
Pausing harbor-log ... done
Pausing harbor-adminserver ... done
Pausing registry ... done
Pausing harbor-db ... done
Pausing harbor-ui ... done
Pausing harbor-jobservice ... done
Pausing nginx ... done
然后我们在物理机中就无法访问该registry了
那么恢复该registry让其继续运行则:
[root@localhost harbor]# docker-compose unpause
Unpausing nginx ... done
Unpausing harbor-jobservice ... done
Unpausing harbor-ui ... done
Unpausing harbor-db ... done
Unpausing registry ... done
Unpausing harbor-adminserver ... done
Unpausing harbor-log ... done
关键字词:Docker,registry,ui,push,harbor
上一篇:08-Dockerfile详解