harbor是什么呢？英文單詞的意思是：港灣。港灣用來(lái)存放集裝箱(貨物的)，而docker的由來(lái)正是借鑒了集裝箱的原理，所以harbor是用于存放docker的鏡像，作為鏡像倉(cāng)庫(kù)使用。官方的說(shuō)法是：Harbor是一個(gè)用于存儲(chǔ)和分發(fā)Docker鏡像的企業(yè)級(jí)Registry服務(wù)器。

harbor鏡像倉(cāng)庫(kù)是由VMware開(kāi)源的一款企業(yè)級(jí)鏡像倉(cāng)庫(kù)，它包括權(quán)限管理(RBAC)、LDAP、日志審核、管理界面、自我注冊(cè)、鏡像復(fù)制等諸多功能。

1、基于角色的訪問(wèn)控制：用戶和存儲(chǔ)庫(kù)是通過(guò)“項(xiàng)目”組織的，用戶可以對(duì)多個(gè)鏡像倉(cāng)庫(kù)統(tǒng)一命名空間擁有不同的權(quán)限。2、鏡像復(fù)制：可以基于具有多個(gè)Registry實(shí)例之間復(fù)制（同步）圖像和圖表。如果出現(xiàn)任何錯(cuò)誤，Harbor會(huì)自動(dòng)重試復(fù)制。非常適合于負(fù)載平衡、高可用性、多數(shù)據(jù)中心、混合和多云場(chǎng)景。3、LDAP/AD支持：Harbor與現(xiàn)有企業(yè)LDAP/AD集成，用于用戶身份驗(yàn)證和管理，并支持將LDAP組導(dǎo)入Harbor并為其分配適當(dāng)?shù)捻?xiàng)目角色。鏡像刪除和垃圾收集：鏡像可以刪除，其空間可以回收。4、國(guó)際化：對(duì)多國(guó)語(yǔ)言支持（已擁有中文、英文、德文、日語(yǔ)和俄文）；5、圖形化用戶界面：用戶可以輕松瀏覽、搜索存儲(chǔ)庫(kù)和管理項(xiàng)目。6、審計(jì)管理：跟蹤到存儲(chǔ)庫(kù)的所有操作。7、RESTful API：用于大多數(shù)管理操作的RESTful API，易于與外部系統(tǒng)集成。一個(gè)嵌入式的Swagger用戶界面可用于探索和測(cè)試API。簡(jiǎn)單部署：提供在線和離線安裝程序。此外，可以安裝到vSphere平臺(tái)的(OVA方式)虛擬設(shè)備。

1、proxy：Harbor的組件，如注冊(cè)表、UI和令牌服務(wù)，都位于反向代理之后。代理將來(lái)自瀏覽器和Docker客戶機(jī)的請(qǐng)求轉(zhuǎn)發(fā)到各種后端服務(wù)。2、Registry：負(fù)責(zé)存儲(chǔ)Docker鏡像和處理Docker推/拉命令。由于Harbor需要對(duì)映像進(jìn)行訪問(wèn)權(quán)限控制，Registry將引導(dǎo)客戶機(jī)訪問(wèn)令牌服務(wù)，以便為每個(gè)pull或push請(qǐng)求獲取有效的令牌（token）。3、Core Service：Harbor的核心功能，主要提供以下服務(wù)：1）UI：提供圖像化的圖形用戶界面，幫助人戶管理鏡像和對(duì)用戶授權(quán)。2）webhook: 為了及時(shí)獲取registry上images的狀態(tài)變化的情況，在Registry上配置webhook，把狀態(tài)變化傳遞UI模塊；3）Token令牌服務(wù)：負(fù)責(zé)根據(jù)用戶在項(xiàng)目中的角色為每個(gè)docker push/pull命令頒發(fā)令牌。如果從Docker客戶機(jī)發(fā)送的請(qǐng)求中沒(méi)有令牌，注冊(cè)表將把請(qǐng)求重定向到令牌服務(wù)。4、Datebase：為了給core services提供數(shù)據(jù)庫(kù)舒服，負(fù)責(zé)儲(chǔ)存用戶權(quán)限、審計(jì)日志、Docker image分組信息等數(shù)據(jù)。5、Job Services：提供鏡像遠(yuǎn)程負(fù)責(zé)功能，能把本地鏡像同步到其他harbor實(shí)例當(dāng)中。6、Log Collector：為了幫助監(jiān)控Harbor運(yùn)行，負(fù)責(zé)手機(jī)其他組件的log，供日后分析。

centos-7.6 192.168.8.130Docker version 1.19.3docker-compose version 1.24.2harbor-offline-installer-v1.8.6.tgz四、安裝docker-compose

方式1:[root@centos130 ~]# curl -L https://github.com/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose[root@centos130 ~]# chmod +x /usr/local/bin/docker-compose方式2:[root@centos130 ~]# wget https://bootstrap.pypa.io/get-pip.py[root@centos130 ~]# python get-pip.py[root@centos130 ~]# pip install docker-compose五、卸載docker-compose

#二進(jìn)制：[root@centos130 ~]rm /usr/local/bin/docker-compose#pip:[root@centos130 ~]pip uninstall docker-compose六、安裝docker

[root@centos130 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2添加一個(gè)穩(wěn)定的源[root@centos130 ~]# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo[root@centos130 ~]# yum makecache fast安裝最新穩(wěn)定版本的docker-ce[root@centos130 ~]# yum install -y docker-ce docker-ce-cli containerd.io vim[root@centos130 ~]# mkdir /etc/docker && vim /etc/docker/daemon.json{ 'registry-mirrors': ['https://yxrgrke0.mirror.aliyuncs.com'], 'insecure-registries': ['192.168.8.130:5000'], 'insecure-registries': ['centos130:80'], 'log-driver': 'json-file', 'log-opts': { 'max-size': '100m', 'max-file': '3' }}啟動(dòng)docker[root@centos130 ~]# systemctl daemon-reload[root@centos130 ~]# systemctl enable docker && systemctl start docker[root@centos130 ~]# systemctl status docker七、安裝harbor

harbor下載地址:harbor github 地址 https://github.com/goharbor/harborhttp://harbor.orientsoft.cn/[root@centos130 ~]# wget https://storage.googleapis.com/harbor-releases/release-1.8.6/harbor-offline-installer-v1.8.6.tgz[root@centos130 ~]# tar -xf harbor-offline-installer-v1.8.6.tgz -C /usr/local/[root@centos130 ~]# cd /usr/local/harbor/[root@centos130 ~]# vim harbor.ymlhostname = centos130#這里只是簡(jiǎn)單的測(cè)試，所以只編輯這一行，其他的默認(rèn)不做修改#禁止用戶注冊(cè)self_registration = off#設(shè)置只有管理員可以創(chuàng)建項(xiàng)目project_creation_restriction = adminonly八、執(zhí)行安裝腳本

[root@centos130 ~]# ./instsll.sh 說(shuō)明：安裝報(bào)錯(cuò) 找不到docker-proxy 、 docker-runc執(zhí)行[root@centos130 ~]# ln -s /usr/libexec/docker/docker-runc-current /usr/bin/docker-runc[root@centos130 ~]# ln -s /usr/libexec/docker/docker-proxy-current /usr/bin/docker-proxy查看啟動(dòng)的鏡像文件[root@centos130 ~]# docker-compose psHarbor容器的stop與start：[root@centos130 ~]# cd /usr/local/harbor/[root@centos130 ~]# docker-compose stop[root@centos130 ~]# docker-compose start九、登錄harbor

到此便安裝完成了，直接打開(kāi)瀏覽器登陸，并創(chuàng)建my項(xiàng)目：默認(rèn)用戶密碼是：admin/Harbor12345

Shell命令行終端登錄harbor倉(cāng)庫(kù)

[root@centos130 ~]# harbor上傳鏡像[root@centos130 ~]# docker login centos130:80[root@centos130 ~]# docker login -u admin -p Harbor12345 centos130:80 #賬號(hào)密碼： admin/Harbor12345Username: adminPassword: Login Succeeded

測(cè)試鏡像上傳

[root@centos130 ~]# docker pull nginx[root@centos130 ~]# docker tag nginx:latest centos130:80/my/nginx:latest[root@centos130 ~]# docker images[root@centos130 ~]# docker push centos130:80/my/nginx:latestThe push refers to repository [centos130:80/my/nginx]55a77731ed26: Pushed 71f2244bc14d: Pushed f2cb0ecef392: Pushed latest: digest: sha256:3936fb3946790d711a68c58be93628e43cbca72439079e16d154b5db216b58da size: 948說(shuō)明： 格式為: userip/項(xiàng)目名/image名字:版本號(hào) （項(xiàng)目名需要在webui 提前建好）[root@centos130 ~]# docker imagesREPOSITORY TAGIMAGE ID CREATED SIZEcentos130:80/my/nginx:latest latest 5a3221f0137b5 days ago 126MBnginx latest 5a3221f0137b5 days ago 126MB刪除本地nginx鏡像，測(cè)試下載[root@centos130 ~]# docker pull centos130:80/my/nginx:latest十、harbor修改端口號(hào)

1、修改docker-compose.yml文件映射為1180端口：

修改配置文件[root@centos130 ~]# cat /usr/local/harbor/docker-compose.ymlversion: ’2.3’services: log: image: goharbor/harbor-log:v1.8.6 container_name: harbor-log restart: always dns_search: . cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /var/log/harbor/:/var/log/docker/:z - ./common/config/log/:/etc/logrotate.d/:z ports: - 127.0.0.1:1514:10514 networks: - harbor registry: image: goharbor/registry-photon:v2.7.1-patch-2819-v1.8.6 container_name: registry restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z - ./common/config/registry/:/etc/registry/:z - type: bindsource: /data/secret/registry/root.crttarget: /etc/registry/root.crt networks: - harbor dns_search: . depends_on: - log logging: driver: 'syslog' options: syslog-address: 'tcp://127.0.0.1:1514'tag: 'registry' registryctl: image: goharbor/harbor-registryctl:v1.8.6 container_name: registryctl env_file: - ./common/config/registryctl/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/registry:/storage:z - ./common/config/registry/:/etc/registry/:z - type: bindsource: ./common/config/registryctl/config.ymltarget: /etc/registryctl/config.yml networks: - harbor dns_search: . depends_on: - log logging: driver: 'syslog' options: syslog-address: 'tcp://127.0.0.1:1514'tag: 'registryctl' postgresql: image: goharbor/harbor-db:v1.8.6 container_name: harbor-db restart: always cap_drop: - ALL cap_add: - CHOWN - DAC_OVERRIDE - SETGID - SETUID volumes: - /data/database:/var/lib/postgresql/data:z networks: harbor: dns_search: . env_file: - ./common/config/db/env depends_on: - log logging: driver: 'syslog' options: syslog-address: 'tcp://127.0.0.1:1514'tag: 'postgresql' core: image: goharbor/harbor-core:v1.8.6 container_name: harbor-core env_file: - ./common/config/core/env restart: always cap_drop: - ALL cap_add: - SETGID - SETUID volumes: - /data/ca_download/:/etc/core/ca/:z - /data/psc/:/etc/core/token/:z - /data/:/data/:z - ./common/config/core/certificates/:/etc/core/certificates/:z - type: bindsource: ./common/config/core/app.conftarget: /etc/core/app.conf - type: bindsource: /data/secret/core/private_key.pemtarget: /etc/core/private_key.pem - type: bindsource: /data/secret/keys/secretkeytarget: /etc/core/key networks: harbor: dns_search: . depends_on: - log - registry logging: driver: 'syslog' options: syslog-address: 'tcp://127.0.0.1:1514'tag: 'core' portal: image: goharbor/harbor-portal:v1.8.6 container_name: harbor-portal restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE networks: - harbor dns_search: . depends_on: - log - core logging: driver: 'syslog' options:syslog-address: 'tcp://127.0.0.1:1514'tag: 'portal' jobservice: image: goharbor/harbor-jobservice:v1.8.6 container_name: harbor-jobservice env_file: - ./common/config/jobservice/env restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/job_logs:/var/log/jobs:z - type: bindsource: ./common/config/jobservice/config.ymltarget: /etc/jobservice/config.yml networks: - harbor dns_search: . depends_on: - redis - core logging: driver: 'syslog' options:syslog-address: 'tcp://127.0.0.1:1514'tag: 'jobservice' redis: image: goharbor/redis-photon:v1.8.6 container_name: redis restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID volumes: - /data/redis:/var/lib/redis networks: harbor: dns_search: . depends_on: - log logging: driver: 'syslog' options:syslog-address: 'tcp://127.0.0.1:1514'tag: 'redis' proxy: image: goharbor/nginx-photon:v1.8.6 container_name: nginx restart: always cap_drop: - ALL cap_add: - CHOWN - SETGID - SETUID - NET_BIND_SERVICE volumes: - ./common/config/nginx:/etc/nginx:z networks: - harbor dns_search: . ports: - 1180:80 - 443:443 - 4443:4443 depends_on: - postgresql - registry - core - portal - log logging: driver: 'syslog' options: syslog-address: 'tcp://127.0.0.1:1514'tag: 'proxy'networks: harbor: external: false

2、修改/etc/docker/daemon.json文件將80修改為1180端口：

修改daemon配置[root@centos130 ~]# cat /etc/docker/daemon.json { 'registry-mirrors': ['https://yxrgrke0.mirror.aliyuncs.com'], 'insecure-registries': ['192.168.8.130:5000'], 'insecure-registries': ['centos130:1180'], 'log-driver': 'json-file', 'log-opts': { 'max-size': '100m', 'max-file': '3' }}

3、修改/usr/locat/harbor/harbor.yml文件的hostname

修改hostname配置cat /usr/locat/harbor/harbor.ymlhostname: centos130:1180

4、停止harbor，重新啟動(dòng)并生成配置文件

重新初始化[root@centos130 ~]# cd /usr/locat/harbor/[root@centos130 ~]# docker-compose stop[root@centos130 ~]# ./install.sh

5、重新啟動(dòng)docker

[root@centos130 ~]# systemctl daemon-reload[root@centos130 ~]# systemctl restart docker.service驗(yàn)證[root@centos130 ~]# docker login centos130:1180Username: adminPassword: Harbor12345

到此這篇關(guān)于使用docker-compose安裝harbor的文章就介紹到這了,更多相關(guān)docker compose安裝harbor內(nèi)容請(qǐng)搜索好吧啦網(wǎng)以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持好吧啦網(wǎng)！