CentOS 7 安装harbor1.5.0
2019独角兽企业重金招聘Python工程师标准>>>
1、系统环境
系统化境:CentOS Linux release 7.5.1804 (Core)
Python version:>=2.7
Docker version:>=1.10
Docker Compose version:>=1.6.0
Openssl:直接yum安装最新版本即可(# yum -y install openssl openssl-devel)
2、安装依赖包
1、CentOS 7 自带Python版本2.7,不必更新Python
2、安装Docker(根据自己实际需求,下列安装方式二选一即可)1) 安装Docker ce (官方链接:https://docs.docker.com/install/linux/docker-ce/centos/)卸载原来的Docker(如果以前没安装过,略过此步骤即可)$ sudo yum remove docker \docker-client \docker-client-latest \docker-common \docker-latest \docker-latest-logrotate \docker-logrotate \docker-selinux \docker-engine-selinux \docker-engine devicemapper存储驱动依赖于yum-utils,device-mapper-persistent-dat a,lvm2$ sudo yum install -y yum-utils \device-mapper-persistent-data \lvm2添加Docker官方yum源 $ sudo yum-config-manager \--add-repo \https://download.docker.com/linux/centos/docker-ce.repo安装Docker ce $ sudo yum install docker-ce2) 安装Docker engine添加yum源# cat <<EOF>/root/docker.repo \> name=Docker> baseurl=https://yum.dockerproject.org/repo/main/centos/7/> enabled=1> gpgcheck=0> EOF安装Docker engine# yum -y install docker-engine-1.13.1
3、安装Docker Compose
下载Docker Compose二进制可执行文件# curl -L https://github.com/docker/compose/releases/download/1.21.1/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose添加可执行权限# chmod +x /usr/local/bin/docker-compose
4、下载Harbor离线安装文件
# wget https://storage.googleapis.com/harbor-releases/release-1.5.0/harbor-offline-installer-v1.5.0.tgz# tar zxf harbor-offline-installer-v1.5.0.tgz -C /opt
5、生成访问harbor时的密钥证书
# mkdir /opt/harbor/cert /opt/harbor/data# cd /opt/harbor/cert生成私钥
# openssl genrsa -out private_key.pem 4096
Generating RSA private key, 4096 bit long modulus
.......++
............++
e is 65537 (0x10001)生成证书
# openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN (国家)
State or Province Name (full name) []:Beijing (州或省名称)
Locality Name (eg, city) [Default City]:Beijing (城市)
Organization Name (eg, company) [Default Company Ltd]:harbor (机构名称)
Organizational Unit Name (eg, section) []:harbor (组织单位名称)
Common Name (eg, your name or your server's hostname) []:req.yourdomain.com (访问时用的域名)
Email Address []:yourmail@yourdomain.com (邮箱)# cp /opt/harbor/cert/private_key.pem /opt/harbor/common/config/ui/private_key.pem
# cp /opt/harbor/cert/root.crt /opt/harbor/common/config/registry/root.crt
6、配置https
# cd /opt/harbor/cert1)
# openssl req -newkey rsa:4096 -nodes -sha256 -keyout ca.key -x509 -days 365 -out ca.crt
Generating a 4096 bit RSA private key
...........................................................................................++
...................................++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN (国家)
State or Province Name (full name) []:Beijing (州或省名称)
Locality Name (eg, city) [Default City]:Beijing (城市)
Organization Name (eg, company) [Default Company Ltd]:harbor (机构名称)
Organizational Unit Name (eg, section) []:harbor (组织单位名称)
Common Name (eg, your name or your server's hostname) []:req.yourdomain.com (访问时用的域名)
Email Address []:yourmail@yourdomain.com (邮箱)# ll
total 20
-rw-r--r--. 1 root root 2082 May 11 15:30 ca.crt
-rw-r--r--. 1 root root 3272 May 11 15:30 ca.key2)
# openssl req -newkey rsa:4096 -nodes -sha256 -keyout req.yourdomain.com.key -out req.yourdomain.com.csr
Generating a 4096 bit RSA private key
......++
.......................................................................................................................................................................................... ......................++
writing new private key to 'req.yourdomain.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN (国家)
State or Province Name (full name) []:Beijing (州或省名称)
Locality Name (eg, city) [Default City]:Beijing (城市)
Organization Name (eg, company) [Default Company Ltd]:harbor (机构名称)
Organizational Unit Name (eg, section) []:harbor (组织单位名称)
Common Name (eg, your name or your server's hostname) []:req.yourdomain.com (访问时用的域名)
Email Address []:yourmail@yourdomain.com (邮箱)Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:******
An optional company name []:req.yourdomain.com3)
# openssl x509 -req -days 365 -in req.yourdomain.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out req.yourdomain.com.crt
Signature ok
subject=/C=JP/ST=JP/L=JP/O=JP/OU=JP/CN=req.yourdomain.com/emailAddress=keqiang@yourdomain.com
Getting CA Private Key4)
# echo subjectAltName = IP:54.200.9.23 > extfile.cnf# openssl genrsa -out private_key.pem 4096
Generating RSA private key, 4096 bit long modulus
.......++
............++
e is 65537 (0x10001)# openssl req -new -x509 -key private_key.pem -out root.crt -days 3650
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN (国家)
State or Province Name (full name) []:Beijing (州或省名称)
Locality Name (eg, city) [Default City]:Beijing (城市)
Organization Name (eg, company) [Default Company Ltd]:harbor (机构名称)
Organizational Unit Name (eg, section) []:harbor (组织单位名称)
Common Name (eg, your name or your server's hostname) []:req.yourdomain.com (访问时用的域名)
Email Address []:yourmail@yourdomain.com (邮箱)
7、修改harbor配置文件
# vim /opt/harbor/harbor.cfghostname = req.yourdomain.comui_url_protocol = httpsssl_cert = /opt/harbor/cert/req.yourdomain.com.crtssl_cert_key = /opt/harbor/cert/req.yourdomain.com.keysecretkey_path = /opt/harbor/data
8、修改docker-compose.yml
自己安装的时候手贱,直接修改了harbor.cfg中的secretkey_path参数,导致/data/secretkey一直挂载不上,adminserver容器起不来,如果不修改这个参数,应该也不用修改docker-compose.yml文件vim /opt/harbor/docker-compose.ymlservices:adminserver:volumes- /opt/harbor/common/config:/etc/adminserver/config/:z
- /opt/harbor/data/secretkey:/etc/adminserver/key:z
- /opt/harbor/data/:/data/:z
9、启动harbor
# cd /opt/harbor# ./prepare
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/cert/req.yourdomain.com.crt
Clearing the configuration file: ./common/config/nginx/cert/req.yourdomain.com.key
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/log/logrotate.conf
loaded secret from file: /opt/harbor/data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.# ./install.sh [Step 0]: checking installation environment ...Note: docker version: 18.05.0Note: docker-compose version: 1.21.1[Step 1]: loading Harbor images ...
Loaded image: vmware/clair-photon:v2.0.1-v1.5.0
Loaded image: vmware/postgresql-photon:v1.5.0
Loaded image: vmware/harbor-adminserver:v1.5.0
Loaded image: vmware/registry-photon:v2.6.2-v1.5.0
Loaded image: vmware/photon:1.0
Loaded image: vmware/harbor-migrator:v1.5.0
Loaded image: vmware/harbor-ui:v1.5.0
Loaded image: vmware/redis-photon:v1.5.0
Loaded image: vmware/nginx-photon:v1.5.0
Loaded image: vmware/mariadb-photon:v1.5.0
Loaded image: vmware/notary-signer-photon:v0.5.1-v1.5.0
Loaded image: vmware/harbor-log:v1.5.0
Loaded image: vmware/harbor-db:v1.5.0
Loaded image: vmware/harbor-jobservice:v1.5.0
Loaded image: vmware/notary-server-photon:v0.5.1-v1.5.0[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/cert/req.yourdomain.com.crt
Clearing the configuration file: ./common/config/nginx/cert/req.yourdomain.com.key
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/log/logrotate.conf
loaded secret from file: /opt/harbor/data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.[Step 3]: checking existing instance of Harbor ...Note: stopping existing Harbor instance ...
Removing harbor-jobservice ... done
Removing nginx ... done
Removing harbor-ui ... done
Removing harbor-adminserver ... done
Removing harbor-db ... done
Removing registry ... done
Removing redis ... done
Removing harbor-log ... done
Removing network harbor_harbor[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating harbor-db ... done
Creating registry ... done
Creating harbor-adminserver ... done
Creating harbor-ui ... done
Creating nginx ... done
Creating harbor-jobservice ... done✔ ----Harbor has been installed and started successfully.----Now you should be able to visit the admin portal at https://harbor.qmerry.com.
For more details, please visit https://github.com/vmware/harbor .到这里基本就安装成功了!# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
857d2e3c5e91 vmware/harbor-jobservice:v1.5.0 "/harbor/start.sh" 4 minutes ago Up 4 minutes harbor-jobservice
93b02ce9ef3b vmware/nginx-photon:v1.5.0 "nginx -g 'daemon of…" 4 minutes ago Up 4 minutes (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx
c6299d3aa34a vmware/harbor-ui:v1.5.0 "/harbor/start.sh" 4 minutes ago Up 4 minutes (healthy) harbor-ui
5a897145ce25 vmware/harbor-adminserver:v1.5.0 "/harbor/start.sh" 4 minutes ago Up 4 minutes (healthy) harbor-adminserver
bd07edaf4935 vmware/registry-photon:v2.6.2-v1.5.0 "/entrypoint.sh serv…" 4 minutes ago Up 4 minutes (healthy) 5000/tcp registry
6faf515da058 vmware/harbor-db:v1.5.0 "/usr/local/bin/dock…" 4 minutes ago Up 4 minutes (healthy) 3306/tcp harbor-db
cdde2dc4346b vmware/redis-photon:v1.5.0 "docker-entrypoint.s…" 4 minutes ago Up 4 minutes 6379/tcp redis
721ad4e4c0bd vmware/harbor-log:v1.5.0 "/bin/sh -c /usr/loc…" 4 minutes ago Up 4 minutes (healthy) 127.0.0.1:1514->10514/tcp harbor-log
10、验证
打开浏览器访问:https://yourdomain.com# [ ! -d /etc/docker/certs.d/reg.yourdomain.com ] && mkdir -p /etc/docker/certs.d/reg.yourdomain.com# cp /opt/harbor/cert/ca.crt /etc/docker/certs.d/reg.yourdomain.com# docker login reg.yourdomain.com
Username: admin
Password: (默认密码为:Harbor12345,可在harbor.cfg文件中修改)
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded
以上全部参考官方文档一步步安装整理的:
Docker:https://docs.docker.com/install/linux/docker-ce/centos/#install-using-the-repository
Harbor:https://github.com/vmware/harbor/blob/master/docs/installation_guide.md
转载于:https://my.oschina.net/xiaominmin/blog/2052549
CentOS 7 安装harbor1.5.0相关推荐
- CentOS 7安装Hadoop 3.0.0
最近在学习大数据,需要安装Hadoop,自己弄了好久,最后终于弄好了.网上也有很多文章关于安装Hadoop的,但总会遇到一些问题,所以把在CentOS 7安装Hadoop 3.0.0的整个过程记录下来 ...
- centos 7 安装mysql 8.0 详细教程
centos 7 安装mysql 8.0 详细教程 1. 查看系统版本 2. 新建文件夹mysql 3. 下载Mysql8数据库 4. 解压文件 5. 迁移文件夹到mysql文件夹下 6. 在mysq ...
- centos 7 安装 mantisbt-2.12.0 —— 安装LAMP环境、安装mantisbt-2.12.0
一.安装LAMP环境 1 二. 环境的启动 6 三. Mantis数据库的创建 6 四. 安装mantis-2.12.0 9 1>安装配置 9 2>登录管理员账号 13 3>新建用户 ...
- linux yum安装redis5.0,CentOS 7安装Redis 5.0.5并加入Systemd服务
记录在CentOS 7下安装Redis 5.0.5并加入Systemd服务的步骤. 1. 安装gcc-c++, tcl yum install gcc-c++ tcl 2. 解压缩, 编译, 测试 t ...
- CentOS 7 安装 Mysql 8.0 教程
1.安装Mysql 8.0 1)配置Mysql 8.0安装源 sudo rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7 ...
- CentOS 7安装MySQL 8.0教程
在centos7中已经将mysql从yum应用列表中移除,并使用mariadb代替,所以直接通过yum install mysql-server安装时会提示没有可用软件包mysql-server.在c ...
- CentOS 7安装zabbix-agent 5.0报错:依赖检测失败:libpcre.so.0()(64bit)/获取GPG密钥失败解决
报错信息: [root@localhost ~]# wget https://mirrors.tuna.tsinghua.edu.cn/zabbix/zabbix/5.0/rhel/6/x86_64/ ...
- centos 7 安装GTK+-2.0
问题:The development files for GTK+ were not found. 解决如下 1 yum install libgtk2.0*, #gtk+-2.0所需的所有文件将统通 ...
- 关于在centos下安装python3.7.0以上版本时报错ModuleNotFoundError No module named _ctypes 的解决办法
3.7版本需要一个新的包libffi-devel,安装此包之后再次进行编译安装即可. #yum install libffi-devel -y #make install 若在安装前移除了/usr/b ...
最新文章
- 概率论快速学习03:概率公理补充
- python菜鸟基础教程-终于懂得python入门菜鸟教程
- 什么是物联网的边缘计算?
- 利用python爬虫技术本福特_Python爬虫技术(一)--模拟登陆
- 学习Java编程到底是为了什么,该具备什么样的能力
- adb 多点触碰_无法触及的神话
- java获取上周一_java 获取昨天,上个星期一,本月开始时间戳,怎么写呢?
- 编写第一个OpenACC程序
- 【Adobe Premiere Pro 2020】pr2020文字与图形的关键帧制作说明、各类字体添加和字幕创建说【包含动态字幕】、特效添加说明【混合视频剪辑】
- [史]《全球通史》上册——摘记
- 上海率先开放政府数据 医院床位车位信息均可查
- hosts文件导致无法网页观看视频
- 「实战篇」开源项目docker化运维部署-前端java部署(八)
- 分析的意义:数据背后的故事(1)
- c语言动态规划算法数塔问题,动态规划之数塔问题...
- 基于layui的后台管理模板
- 通过fsockopen()方法从中国福彩网获取双色球历史中奖数据
- 《C程序设计快速进阶大学教程》第8章编程题
- photoshop 高手之路
- 教育部统考课程-计算机,教育部统考课程—《计算机应用基础》作业练习三.doc...
热门文章
- 速度×6,模型缩小20倍:用华为华科的TinyBERT做搜索,性能达BERT 90%
- DeepMind提出新型神经网络架构,用无监督方法从视频中提取关键点 | 论文
- 对话嬴彻科技CEO马喆人:L3才是自动驾驶货运的本质拐点
- vue中使用mockjs
- 【新手教程】如何向App Store提交应用
- 各种Java日志框架的比较
- 众说纷纭office2010系列
- No such file or directory: Failed to enable the 'httpready' Accept Filter
- 设计模式 — 结构型模式 — 外观模式
- MEC — 安全策略