Harbor的介紹不多說
本次記錄harbor創(chuàng)建laravel項目實現(xiàn)鏡像管理過程
一惜论、Harbor的安裝與配置
Harbor的github主頁上已經(jīng)講得很詳細了捧弃。
1赠叼、Harbor的運行環(huán)境(我是在VM環(huán)境中搭建的運行環(huán)境):
-centos-7.2
-docker-engine-17.07.5
-docker-compose-1.15.0
-harbor-1.2.0
2、下載所需軟件包
-下載docker-compose:
curl -L https://github.com/docker/compose/releases/download/1.9.0/docker-compose-'uname -'uname -m' > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
-下載harbor
wget https://github.com/vmware/harbor/releases/download/0.5.0/harbor-offline-installer-0.5.0.tgz
我下載的是offline離線包违霞,這樣在后續(xù)的部署及安裝都會比較快嘴办,總共有300M左右的大小买鸽!
也可以通過主機下載好離線包傳輸?shù)教摂M機中户辞。
-解壓配置Harbor
## Configuration file of Harbor
# hostname設(shè)置訪問地址,可以使用ip癞谒、域名底燎,不可以設(shè)置為127.0.0.1或localhost
hostname = 192.168.1.113
# 訪問協(xié)議,默認是http弹砚,也可以設(shè)置https双仍,如果設(shè)置https,則nginx ssl需要設(shè)置on
ui_url_protocol = http
# mysql數(shù)據(jù)庫root用戶默認密碼root123桌吃,實際使用時修改下
db_password = root123
max_job_workers = 3
customize_crt = on
ssl_cert = /data/cert/server.crt
ssl_cert_key = /data/cert/server.key
secretkey_path = /data
admiral_url = NA
# 郵件設(shè)置朱沃,發(fā)送重置密碼郵件時使用
email_identity =
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
email_ssl = false
# 啟動Harbor后,管理員UI登錄的密碼,默認是Harbor12345
harbor_admin_password = Harbor12345
# 認證方式逗物,這里支持多種認證方式搬卒,如LADP、本次存儲翎卓、數(shù)據(jù)庫認證契邀。默認是db_auth,mysql數(shù)據(jù)庫認證
auth_mode = db_auth
# LDAP認證時配置項
#ldap_url = ldaps://ldap.mydomain.com
#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com
#ldap_search_pwd = password
#ldap_basedn = ou=people,dc=mydomain,dc=com
#ldap_filter = (objectClass=person)
#ldap_uid = uid
#ldap_scope = 3
#ldap_timeout = 5
# 是否開啟自注冊
self_registration = on
# Token有效時間失暴,默認30分鐘
token_expiration = 30
# 用戶創(chuàng)建項目權(quán)限控制坯门,默認是everyone(所有人),也可以設(shè)置為adminonly(只能管理員)
project_creation_restriction = everyone
verify_remote_cert = on
這里只是簡單的測試逗扒,所以只編輯這一行古戴,其他的默認不做修改;當然也可以根據(jù)你自己的實際情況做修改矩肩!
3现恼、配置docker
#因為docker默認使用的是https連接,而harbor默認使用http連接黍檩,所以需要修改docker配置標志insecure registry不安全倉庫的主機叉袍!
#當然,harbor也可以設(shè)置為https建炫,這個后續(xù)文章中再列出操作方法吧畦韭!
#vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry=192.168.6.113
#只加上--insecure-registry這個參數(shù)即可。
#重啟docker:
#systemctl daemon-reload
#systemctl restart docker.service
4肛跌、執(zhí)行安裝腳本
#會拉取好幾個鏡像下來艺配,及檢查環(huán)境:
#./instsll.sh
Note: docker version: 1.12.5
Note: docker-compose version: 1.9.0
[Step 0]: checking installation environment ...
....
[Step 1]: loading Harbor images ...
....
[Step 2]: preparing environment ...
....
[Step 3]: checking existing instance of Harbor ...
....
[Step 4]: starting Harbor ...
....
? ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://192.168.6.113.
For more details, please visit https://github.com/vmware/harbor .
到這里harbor就安裝完畢
安裝完成后會生成如下6個容器
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e6f0baa7ddb7 nginx:1.11.5 "nginx -g 'daemon off" 6 minutes ago Up 6 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx
1b383261d0c7 vmware/harbor-jobservice:0.5.0 "/harbor/harbor_jobse" 6 minutes ago Up 6 minutes harbor-jobservice
86f1d905ec78 vmware/harbor-db:0.5.0 "docker-entrypoint.sh" 6 minutes ago Up 6 minutes 3306/tcp harbor-db
9cbab69f20b6 library/registry:2.5.0 "/entrypoint.sh serve" 6 minutes ago Up 6 minutes 5000/tcp registry
9c5693a53f4e vmware/harbor-ui:0.5.0 "/harbor/harbor_ui" 6 minutes ago Up 6 minutes harbor-ui
8bef4c4c47f0 vmware/harbor-log:0.5.0 "/bin/sh -c 'crond &&" 6 minutes ago Up 6 minutes 0.0.0.0:1514->514/tcp harbor-log
Harbor容器的stop與start:
進入Harbor目錄執(zhí)行如下命令即可:
docker-compose start/stop
開啟之后就可以通過瀏覽器訪問了:我這里輸入192.168.6.113就可以訪問harbor的管理主頁。
image.png
Harbor安裝成功
二衍慎、Docker中Laravel環(huán)境配置
考慮到項目中以后會有更多擴展转唉,不采用Fat Container方式而采用直接從Docker Hub繼承官方鏡像,通過指定唯一一個容器啟動的指令構(gòu)建鏡像
