docker.4.3-docker容器镜像加速器及本地容器镜像仓库-harbor
docker容器镜像加速器及本地容器镜像仓库
一、容器镜像加速器
由于国内访问国外的容器镜像仓库速度比较慢,因此国内企业创建了容器镜像加速器,以方便国内用户使用容器镜像。
1.1 获取阿里云容器镜像加速地址
1.2 配置docker daemon使用加速器
添加daemon.json配置文件
# vim /etc/docker/daemon.json
# cat /etc/docker/daemon.json
{"registry-mirrors": ["https://s27w6kze.mirror.aliyuncs.com"]
}
重启docker
# systemctl daemon-reload
# systemctl restart docker
尝试下载容器镜像
# docker pull centos
二、容器镜像仓库
2.1 docker hub
2.1.1 注册
准备邮箱及用户ID
2.1.2 登录
2.1.3 创建容器镜像仓库
2.1.4 在本地登录Docker Hub
默认可以不添加docker hub容器镜像仓库地址
# docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: dockersmartmsb
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded 成功
登出
# docker logout
Removing login credentials for https://index.docker.io/v1/
2.1.5 上传容器镜像
在登录Docker Hub主机上传容器镜像,向全球用户共享容器镜像。
为容器镜像重新打标记原始容器镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 4 months ago 231MB重新为容器镜像打标记
# docker tag centos:latest dockersmartmsb/centos:v1重新打标记后容器镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dockersmartmsb/centos v1 5d0da3dc9764 4 months ago 231MB
centos latest 5d0da3dc9764 4 months ago 231MB
上传容器镜像至docker hub
# docker push dockersmartmsb/centos:v1
The push refers to repository [docker.io/dockersmartmsb/centos]
74ddd0ec08fa: Mounted from library/centos
v1: digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc size: 529
2.1.6 下载容器镜像
在其它主机上下载下载
# docker pull dockersmartmsb/centos:v1
v1: Pulling from dockersmartmsb/centos
a1d0c7532777: Pull complete
Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Status: Downloaded newer image for dockersmartmsb/centos:v1
docker.io/dockersmartmsb/centos:v1查看下载后容器镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
dockersmartmsb/centos v1 5d0da3dc9764 4 months ago 231MB
2.2 harbor
2.2.1 获取 docker compose二进制文件
#给与 2核4G 100G存储
cpu 2 mem 4G disk 100G下载docker-compose二进制文件
# wget https://github.com/docker/compose/releases/download/1.25.0/docker-compose-Linux-x86_64
查看已下载二进制文件
# ls
docker-compose-Linux-x86_64查看当前环境变量路径
#echo $PATH
/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/usr/local/java/jdk1.8.0_171/bin
移动二进制文件到/usr/bin目录,并更名为docker-compose
# mv docker-compose-Linux-x86_64 /usr/bin/docker-compose
为二进制文件添加可执行权限
# chmod +x /usr/bin/docker-compose
安装完成后,查看docker-compse版本
# docker-compose version
docker-compose version 1.25.0, build 0a186604
docker-py version: 4.1.0
CPython version: 3.7.4
OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019
2.2.2 获取harbor安装文件
查看当前磁盘大小
# df -h
放入home 下面
# cd /home下载harbor离线安装包
# wget https://github.com/goharbor/harbor/releases/download/v2.4.1/harbor-offline-installer-v2.4.1.tgz
查看已下载的离线安装包
# ls
harbor-offline-installer-v2.4.1.tgz
2.2.3 获取TLS文件
查看准备好的证书
# ls
kubemsb.com_nginx.zip
解压证书压缩包文件
# unzip kubemsb.com_nginx.zip
Archive: kubemsb.com_nginx.zip
Aliyun Certificate Downloadinflating: 6864844_kubemsb.com.peminflating: 6864844_kubemsb.com.key
查看解压出的文件
# ls
6864844_kubemsb.com.key
6864844_kubemsb.com.pem
2.2.4 修改配置文件
解压harbor离线安装包
# tar xf harbor-offline-installer-v2.4.1.tgz
查看解压出来的目录
# ls
harbor
移动证书到harbor目录
# # mv 6864844_kubemsb.com.* harbor查看harbor目录
# ls harbor
6864844_kubemsb.com.key 6864844_kubemsb.com.pem common.sh harbor.v2.4.1.tar.gz harbor.yml.tmpl install.sh LICENSE prepare
创建配置文件
# cd harbor/
# mv harbor.yml.tmpl harbor.yml
修改配置文件内容# vim harbor.yml# Configuration file of Harbor# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: www.kubemsb.com 修改为域名,而且一定是证书签发的域名# http related config
http:# port for http, default is 80. If https enabled, this port will redirect to https portport: 80# https related config
https:# https port for harbor, default is 443port: 443# The path of cert and key files for nginxcertificate: /root/harbor/6864844_kubemsb.com.pem 证书private_key: /root/harbor/6864844_kubemsb.com.key 密钥# # Uncomment following will enable tls communication between all harbor components
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: 12345 访问密码
......
2.2.5 执行预备脚本
# ./prepare
输出
prepare base dir is set to /root/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
2.2.6 执行安装脚本
# ./install.sh
输出
[Step 0]: checking if docker is installed ...Note: docker version: 20.10.12[Step 1]: checking docker-compose is installed ...Note: docker-compose version: 1.25.0[Step 2]: loading Harbor images ...[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-db ... done
Creating registry ... done
Creating registryctl ... done
Creating redis ... done
Creating harbor-portal ... done
Creating harbor-core ... done
Creating harbor-jobservice ... done
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
2.2.7 验证运行情况
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
71c0db683e4a goharbor/nginx-photon:v2.4.1 "nginx -g 'daemon of…" About a minute ago Up About a minute (healthy) 0.0.0.0:80->8080/tcp, :::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp nginx
4e3b53a86f01 goharbor/harbor-jobservice:v2.4.1 "/harbor/entrypoint.…" About a minute ago Up About a minute (healthy) harbor-jobservice
df76e1eabbf7 goharbor/harbor-core:v2.4.1 "/harbor/entrypoint.…" About a minute ago Up About a minute (healthy) harbor-core
eeb4d224dfc4 goharbor/harbor-portal:v2.4.1 "nginx -g 'daemon of…" About a minute ago Up About a minute (healthy) harbor-portal
70e162c38b59 goharbor/redis-photon:v2.4.1 "redis-server /etc/r…" About a minute ago Up About a minute (healthy) redis
8bcc0e9b06ec goharbor/harbor-registryctl:v2.4.1 "/home/harbor/start.…" About a minute ago Up About a minute (healthy) registryctl
d88196398df7 goharbor/registry-photon:v2.4.1 "/home/harbor/entryp…" About a minute ago Up About a minute (healthy) registry
ed5ba2ba9c82 goharbor/harbor-db:v2.4.1 "/docker-entrypoint.…" About a minute ago Up About a minute (healthy) harbor-db
dcb4b57c7542 goharbor/harbor-log:v2.4.1 "/bin/sh -c /usr/loc…" About a minute ago Up About a minute (healthy) 127.0.0.1:1514->10514/tcp harbor-log
2.2.8 访问harbor UI界面
2.2.8.1 在物理机通过浏览器访问
2.2.8.2 在Docker Host主机通过域名访问
添加域名解析
# vim /etc/hosts
# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.155 www.kubemsb.com
三、docker镜像上传至Harbor及从harbor下载
3.1 修改docker daemon使用harbor
添加/etc/docker/daemon.json文件,默认不存在,需要手动添加
# vim /etc/docker/daemon.json
# cat /etc/docker/daemon.json
{"insecure-registries": ["www.kubemsb.com"]
}
重启加载daemon配置
# systemctl daemon-reload
重启docker
# systemctl restart docker# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5472791f6752 goharbor/nginx-photon:v2.5.3 "nginx -g 'daemon of…" 39 hours ago Up 11 seconds (health: starting) 0.0.0.0:80->8080/tcp, :::80->8080/tcp nginx
7c2bbcecca8b goharbor/harbor-jobservice:v2.5.3 "/harbor/entrypoint.…" 39 hours ago Up 12 seconds (health: starting) harbor-jobservice
5e182fef06d5 goharbor/harbor-core:v2.5.3 "/harbor/entrypoint.…" 39 hours ago Up 11 seconds (health: starting) harbor-core
ea0a02e9e99b goharbor/harbor-db:v2.5.3 "/docker-entrypoint.…" 39 hours ago Up 12 seconds (health: starting) harbor-db
429efbb41597 goharbor/harbor-registryctl:v2.5.3 "/home/harbor/start.…" 39 hours ago Up 11 seconds (health: starting) registryctl
8a6412ace3bb goharbor/registry-photon:v2.5.3 "/home/harbor/entryp…" 39 hours ago Up 11 seconds (health: starting) registry
17bab10a043a goharbor/harbor-portal:v2.5.3 "nginx -g 'daemon of…" 39 hours ago Up 12 seconds (health: starting) harbor-portal
47d8f63b0391 goharbor/redis-photon:v2.5.3 "redis-server /etc/r…" 39 hours ago Up 11 seconds (health: starting) redis
2ff85613bc1b goharbor/harbor-log:v2.5.3 "/bin/sh -c /usr/loc…" 39 hours ago Up 12 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log如果少于9 个,建议重启
# docker-compose down
关闭全部之后在使用
# docker-compose up -d
3.2 docker tag
查看已有容器镜像文件
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 4 months ago 231MB
为已存在镜像重新添加tag
# docker tag centos:latest www.kubemsb.com/library/centos:v1
再次查看本地容器镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos latest 5d0da3dc9764 4 months ago 231MB
www.kubemsb.com/library/centos v1 5d0da3dc9764 4 months ago 231MB
3.3 docker push
# docker login www.kubemsb.com
Username: admin 用户名 admin
Password: 密码 12345
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-storeLogin Succeeded 登陆成功
推送本地容器镜像到harbor仓库
# docker push www.kubemsb.com/library/centos:v1
3.4 docker pull
在其它主机上下载或使用harbor容器镜像仓库中的容器镜像
在本地添加域名解析
# vim /etc/hosts
# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.155 www.kubemsb.com
在本地添加/etc/docker/daemon.json文件,其中为本地主机访问的容器镜像仓库
# vim /etc/docker/daemon.json
# cat /etc/docker/daemon.json
{"insecure-registries": ["www.kubemsb.com"]
}
# systemctl daemon-reload
# systemctl restart docker
下载容器镜像
# docker pull www.kubemsb.com/library/centos:v1
v1: Pulling from library/centos
Digest: sha256:a1801b843b1bfaf77c501e7a6d3f709401a1e0c83863037fa3aab063a7fdb9dc
Status: Downloaded newer image for www.kubemsb.com/library/centos:v1
www.kubemsb.com/library/centos:v1
查看已下载的容器镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
www.kubemsb.com/library/centos v1 5d0da3dc9764 4 months ago 231MB
docker.4.3-docker容器镜像加速器及本地容器镜像仓库-harbor相关推荐
- Docker学习(4)——如何通过阿里云的镜像加速器快速拉取镜像到本地
1.为什么要使用阿里云的镜像加速器? 构建容器的镜像全部在下面这个网站里面,但是这个站点在国外,对于我们来说使用很不方便,下载非常慢 国内的阿里云上有自己已经拉取过来的镜像可以供我们直接使用 但是如果 ...
- 企业版Docker4——如何通过阿里云的镜像加速器快速拉取镜像到本地
以下所有的实操都是在rhel7.5上 1.为什么要使用阿里云的镜像加速器? 构建容器的镜像全部在下面这个网站里面,但是这个站点在国外,对于我们来说使用很不方便,下载非常慢 国内的阿里云上有自己已经拉取 ...
- DockerKubernetes ❀ Docker的在线安装、离线安装、配置镜像加速器、配置文件参数详解
文章目录 1.Docker容器技术简述 2.CentOS 6安装Docker 3.CentOS 7/8安装Docker 3.1 卸载旧版本Docker与其依赖关系 3.2 安装Docker服务 3.2 ...
- docker入门(二) 配置镜像加速器
一.为什么要下载镜像加速器 默认情况下,从dockerhub上下载 docker镜像太慢了,一般都会配置镜像加速器 ustc:中科大镜像加速器 阿里云 腾讯云 网易云 这里默认 下载腾讯云 二.具体步 ...
- docker 导出本地所有镜像,带仓库和tag值导出到tar.gz文件
shell脚本导出本地机器上所有docker镜像,导出成一个文件. 1.根据docker image list 结果 2.将所有镜像的REPOSITORY和TAG值,用awk取出,并合并到一行. 3. ...
- Docker实践 -- 安装Docker
2019独角兽企业重金招聘Python工程师标准>>> 1.安装Docker yum install docker 2.启动Docker服务 service docker start ...
- Docker精华问答 | Docker vs VM
在计算机技术日新月异的今天, Docker 在国内发展的如火如荼.特别是在一线互联网公司 Docker 的使用是十分普遍的,甚至成为了一些企业面试的加分项,那么今天我们继续关于Docker 的精华问答 ...
- Docker系列(二十三)——Docker实例五Docker安装MongoDB实例
< Docker实例三Docker安装MongoDB实例 > 前言 在前面一篇文章种,完成了 < Docker安装MySQL实例 >,本篇将继续镜像安装教程,并完成Docker ...
- Docker系列(二十一)——Docker实例三Docker安装Tomcat实例
< Docker实例三Docker安装Tomcat实例 > 前言 在前面一篇文章种,完成了 < Docker安装Nginx实例 >,本篇将继续镜像安装教程,并完成Docker安 ...
最新文章
- MTCNN-将多任务级联卷积神经网络用于人脸检测和对齐
- 《C++程序设计教程(第3版)》——第3章,第2节cout输出流
- 【转载】机器学习领域的大家
- 应用矩阵分析1 子空间分析1 线性子空间基础
- Cisco 2950 系列交换机实例配置
- 深入理解Linux软件包的配置、编译与安装
- Code Review工具Jupiter介绍
- 人工智能教程007:创建一个卷积神经网络(2)
- 前端学习(2890):如何短时间内实现v-for 模板编译321
- 防抖与节流方案_前端ajax优化解决方案
- laravel 命令行输出进度条
- multiprocessing python_一行 Python 代码实现并行
- 在Htdocs之外创建XAMPP / Apache服务文件[关闭]
- 将所有的表中,数值类型由char,varchar改为nchar,nvarchar 的存储过程
- 黑马程序员 Java运算符
- zabbix 3.2 php,zabbix3.2.3安装教程
- java class命名_Java中class文件命名规则
- 【解决】maven install出现fatal error compiling
- Python 编码检测与编码转换
- 微信开发平台和微信公众平台绑定