关于docker:Docker-入门私人笔记十三构建-Docker-私有仓库之-VMware-的开源仓库-Harbor

48次阅读

共计 26569 个字符,预计需要花费 67 分钟才能阅读完成。

两种罕用的镜像仓库:

  • Docker 官网的仓库 registry
  • VMware 的开源仓库 harbor( 内置了 registry

harbor 的地址:
https://github.com/goharbor/h…

下载地址:
https://github.com/goharbor/h…

harbor 默认是应用 docker-compose 启动的,装置 docker-compose 要应用 python-pip:

yum install python-pip
或者
yum install python3-pip

Python3 通常要求将 pip 更新到 pip-21*

pip3 install --upgrade pip

装置后的 pip-21* 门路

[root@k8s-master soft]# /usr/local/bin/pip -V
pip 21.3.1 from /usr/local/lib/python3.6/site-packages/pip (python 3.6)

应用 pip 21.3.1 装置 docker-compose:

/usr/local/bin/pip install docker-compose

此处有可能会遇到装置报错如下:

    _posixsubprocess.c:16:20: 致命谬误:Python.h:没有那个文件或目录
     #include "Python.h"
                        ^
    编译中断。error: command 'gcc' failed with exit status 1
    
    ----------------------------------------
Command "/usr/bin/python2 -u -c"import setuptools, tokenize;__file__='/tmp/pip-build-lE7MFu/subprocess32/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))"install --record /tmp/pip-RjfJP_-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-lE7MFu/subprocess32/
You are using pip version 8.1.2, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

依据提醒:#include “Python.h”,装置 python-devel 之后再重新安装 docker-compose 胜利:

[root@linux-node1 ~]# yum install python-devel
[root@linux-node1 ~]# pip install docker-compose
Collecting docker-compose
  Using cached https://files.pythonhosted.org/packages/2e/93/b8fb6532487fcc40f5c607ac428a609e7f74bfb26a1c3c980a253c6e5a14/docker_compose-1.25.0-py2.py3-none-any.whl
Requirement already satisfied (use --upgrade to upgrade): texttable<2,>=0.9.0 in /usr/lib/python2.7/site-packages (from docker-compose)
Requirement already satisfied (use --upgrade to upgrade): websocket-client<1,>=0.32.0 in /usr/lib/python2.7/site-packages (from docker-compose)
......
Collecting pycparser (from cffi!=1.11.3,>=1.8->cryptography>=2.5->paramiko>=2.4.2; extra == "ssh"->docker[ssh]<5,>=3.7.0->docker-compose)
  Using cached https://files.pythonhosted.org/packages/68/9e/49196946aee219aead1290e00d1e7fdeab8567783e83e1b9ab5585e6206a/pycparser-2.19.tar.gz
Installing collected packages: subprocess32, enum34, chardet, idna, urllib3, certifi, requests, pyrsistent, attrs, configparser, more-itertools, zipp, contextlib2, scandir, pathlib2, importlib-metadata, functools32, jsonschema, backports.shutil-get-terminal-size, pycparser, cffi, cryptography, pynacl, bcrypt, paramiko, docker, cached-property, docker-compose
  Running setup.py install for subprocess32 ... done
  Running setup.py install for pyrsistent ... done
  Running setup.py install for more-itertools ... done
  Running setup.py install for scandir ... done
  Running setup.py install for functools32 ... done
  Running setup.py install for pycparser ... done
Successfully installed attrs-19.3.0 backports.shutil-get-terminal-size-1.0.0 bcrypt-3.1.7 cached-property-1.5.1 certifi-2019.9.11 cffi-1.13.2 chardet-3.0.4 configparser-4.0.2 contextlib2-0.6.0.post1 cryptography-2.8 docker-4.1.0 docker-compose-1.25.0 enum34-1.1.6 functools32-3.2.3.post2 idna-2.8 importlib-metadata-0.23 jsonschema-3.2.0 more-itertools-7.2.0 paramiko-2.6.0 pathlib2-2.3.5 pycparser-2.19 pynacl-1.3.0 pyrsistent-0.15.6 requests-2.22.0 scandir-1.10.0 subprocess32-3.5.4 urllib3-1.25.7 zipp-0.6.0
You are using pip version 8.1.2, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

这里有可能(只是有可能)遇到报错:查看 docker-compose 版本提醒 Python 语法的报错:

[root@linux-node1 ~]# docker-compose --version
Traceback (most recent call last):
  File "/usr/bin/docker-compose", line 5, in <module>
    from compose.cli.main import main
  File "/usr/lib/python2.7/site-packages/compose/cli/main.py", line 23, in <module>
    from ..bundle import get_image_digests
  File "/usr/lib/python2.7/site-packages/compose/bundle.py", line 12, in <module>
    from .config.serialize import denormalize_config
  File "/usr/lib/python2.7/site-packages/compose/config/__init__.py", line 6, in <module>
    from .config import ConfigurationError
  File "/usr/lib/python2.7/site-packages/compose/config/config.py", line 50, in <module>
    from .validation import match_named_volumes
  File "/usr/lib/python2.7/site-packages/compose/config/validation.py", line 12, in <module>
    from jsonschema import Draft4Validator
  File "/usr/lib/python2.7/site-packages/jsonschema/__init__.py", line 33, in <module>
    import importlib_metadata as metadata
  File "/usr/lib/python2.7/site-packages/importlib_metadata/__init__.py", line 9, in <module>
    import zipp
  File "/usr/lib/python2.7/site-packages/zipp.py", line 12, in <module>
    import more_itertools
  File "/usr/lib/python2.7/site-packages/more_itertools/__init__.py", line 1, in <module>
    from more_itertools.more import *  # noqa
  File "/usr/lib/python2.7/site-packages/more_itertools/more.py", line 340
    def _collate(*iterables, key=lambda a: a, reverse=False):
                               ^
SyntaxError: invalid syntax

认为 Python2 的问题,降级到 Python3,发现问题仍在。
起初找到解决方案,须要降级 backports.ssl_match_hostname,然而遇到新报错:

[root@linux-node1 ~]# pip install --upgrade backports.ssl_match_hostname
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Collecting backports.ssl_match_hostname
  Using cached https://files.pythonhosted.org/packages/ff/2b/8265224812912bc5b7a607c44bf7b027554e1b9775e9ee0de8032e3de4b2/backports.ssl_match_hostname-3.7.0.1.tar.gz
Installing collected packages: backports.ssl-match-hostname
  Found existing installation: backports.ssl-match-hostname 3.5.0.1
ERROR: Cannot uninstall 'backports.ssl-match-hostname'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.

重新安装 pip 为指定版本 9.0.1:

[root@linux-node1 ~]# pip install pip==9.0.1
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won't be maintained after that date. A future version of pip will drop support for Python 2.7. More details about Python 2 support in pip, can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Collecting pip==9.0.1
  Downloading https://files.pythonhosted.org/packages/b6/ac/7015eb97dc749283ffdec1c3a88ddb8ae03b8fad0f0e611408f196358da3/pip-9.0.1-py2.py3-none-any.whl (1.3MB)
     |████████████████████████████████| 1.3MB 430kB/s 
Installing collected packages: pip
  Found existing installation: pip 19.3.1
    Uninstalling pip-19.3.1:
      Successfully uninstalled pip-19.3.1
Successfully installed pip-9.0.1

或者执行

/usr/local/Python3.10/bin/python3.10 -m pip install --upgrade pip -i http://mirrors.aliyun.com/pypi/simple --trusted-host mirrors.aliyun.com

再次尝试降级 backports.ssl_match_hostname 胜利:

[root@linux-node1 ~]# pip install --upgrade backports.ssl_match_hostname
Cache entry deserialization failed, entry ignored
Collecting backports.ssl_match_hostname
  Cache entry deserialization failed, entry ignored
  Downloading https://files.pythonhosted.org/packages/ff/2b/8265224812912bc5b7a607c44bf7b027554e1b9775e9ee0de8032e3de4b2/backports.ssl_match_hostname-3.7.0.1.tar.gz
Installing collected packages: backports.ssl-match-hostname
  Found existing installation: backports.ssl-match-hostname 3.5.0.1
    DEPRECATION: Uninstalling a distutils installed project (backports.ssl-match-hostname) has been deprecated and will be removed in a future version. This is due to the fact that uninstalling a distutils project will only partially uninstall the project.
    Uninstalling backports.ssl-match-hostname-3.5.0.1:
      Successfully uninstalled backports.ssl-match-hostname-3.5.0.1
  Running setup.py install for backports.ssl-match-hostname ... done
Successfully installed backports.ssl-match-hostname-3.7.0.1
You are using pip version 9.0.1, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

再次查看 docker-compose 版本依然报后面 Python 语法的谬误。查到可能是须要重新安装 more_itertools,但发现曾经存在了:

[root@linux-node1 ~]# pip install more_itertools
Requirement already satisfied: more_itertools in /usr/lib/python2.7/site-packages
You are using pip version 9.0.1, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

遂尝试卸载并重新安装,重新安装后发现 more_itertools 的版本变了:

[root@linux-node1 ~]# pip uninstall more_itertools
Uninstalling more-itertools-7.2.0:
  /usr/lib/python2.7/site-packages/more_itertools-7.2.0-py2.7.egg-info
  /usr/lib/python2.7/site-packages/more_itertools/__init__.py
  /usr/lib/python2.7/site-packages/more_itertools/__init__.pyc
  /usr/lib/python2.7/site-packages/more_itertools/more.py
  /usr/lib/python2.7/site-packages/more_itertools/recipes.py
  /usr/lib/python2.7/site-packages/more_itertools/recipes.pyc
  /usr/lib/python2.7/site-packages/more_itertools/tests/__init__.py
  /usr/lib/python2.7/site-packages/more_itertools/tests/__init__.pyc
  /usr/lib/python2.7/site-packages/more_itertools/tests/test_more.py
  /usr/lib/python2.7/site-packages/more_itertools/tests/test_recipes.py
  /usr/lib/python2.7/site-packages/more_itertools/tests/test_recipes.pyc
Proceed (y/n)? y
  Successfully uninstalled more-itertools-7.2.0
You are using pip version 9.0.1, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@linux-node1 ~]# pip install more_itertools
Collecting more_itertools
  Downloading https://files.pythonhosted.org/packages/2f/9d/dcfe59e213093695f108508af1214cf9cd95cc5489e46877ec5cb56369e5/more_itertools-5.0.0-py2-none-any.whl (52kB)
    100% |████████████████████████████████| 61kB 206kB/s 
Requirement already satisfied: six<2.0.0,>=1.0.0 in /usr/lib/python2.7/site-packages (from more_itertools)
Installing collected packages: more-itertools
Successfully installed more-itertools-5.0.0
You are using pip version 9.0.1, however version 19.3.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

再次产看 docker-compose 版本,不再报错:

[root@linux-node1 ~]# docker-compose --version
docker-compose version 1.25.0, build b42d419

下载 harbor:

wget https://github.com/goharbor/harbor/releases/tag/v1.9.1

解压,编辑 harbor 配置文件:

[root@k8s-master /data]# tar -zxf harbor-offline-installer-v1.9.1.tgz
[root@k8s-master /data]# cd harbor
[root@k8s-master /data]# ls
harbor.v1.9.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare
[root@k8s-master /data]# vim harbor.yml

harbor.yml 默认配置如下:

hostname: reg.mydomain.com

http:
  port: 80

harbor_admin_password: Harbor12345

database:
  password: root123
  max_idle_conns: 50
  max_open_conns: 100

data_volume: /data

clair:
  updaters_interval: 12

jobservice:
  max_job_workers: 10

notification:
  webhook_job_max_retry: 10

chart:
  absolute_url: disabled

log:
  level: info
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor

_version: 1.9.0

proxy:
  http_proxy:
  https_proxy:
  no_proxy: 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair
  components:
    - core
    - jobservice
    - clair

找到代码:

hostname: reg.mydomain.com

替换为主机的 IP:

hostname: 192.168.100.151

开始装置 docker-compose:

[root@k8s-master /data/dockerfile/app/harbor/harbor]# ./install.sh 

[Step 0]: checking installation environment ...

Note: docker version: 19.03.1

Note: docker-compose version: 1.24.1

[Step 1]: loading Harbor images ...
b80136ee24a4: Loading layer [==================================================>]  34.25MB/34.25MB
cad87ea2da29: Loading layer [==================================================>]  77.02MB/77.02MB
034ded39ed39: Loading layer [==================================================>]  3.072kB/3.072kB
f6ca716ef169: Loading layer [==================================================>]   59.9kB/59.9kB
baf21a4a14d3: Loading layer [==================================================>]  61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v1.9.1
38d0cc9d1ffd: Loading layer [==================================================>]   8.98MB/8.98MB
f68a1f0c31fc: Loading layer [==================================================>]  3.072kB/3.072kB
72515108750d: Loading layer [==================================================>]   2.56kB/2.56kB
a2cda355c3ef: Loading layer [==================================================>]   20.1MB/20.1MB
ab2865eb128e: Loading layer [==================================================>]   20.1MB/20.1MB
Loaded image: goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.9.1
527ef66806e1: Loading layer [==================================================>]   8.98MB/8.98MB
0f11d90dd35b: Loading layer [==================================================>]  3.072kB/3.072kB
3425f8898e4f: Loading layer [==================================================>]   20.1MB/20.1MB
cfa38640b856: Loading layer [==================================================>]  3.072kB/3.072kB
e7794afc289f: Loading layer [==================================================>]  8.661MB/8.661MB
76012da7ad6a: Loading layer [==================================================>]  28.76MB/28.76MB
Loaded image: goharbor/harbor-registryctl:v1.9.1
e83beb288a0d: Loading layer [==================================================>]    113MB/113MB
93e08bdb2f3c: Loading layer [==================================================>]  11.17MB/11.17MB
7a823857fc40: Loading layer [==================================================>]  2.048kB/2.048kB
fc24f20df72d: Loading layer [==================================================>]  48.13kB/48.13kB
bd925688a6c6: Loading layer [==================================================>]  3.072kB/3.072kB
d0812a8a6aa1: Loading layer [==================================================>]  11.22MB/11.22MB
Loaded image: goharbor/clair-photon:v2.0.9-v1.9.1
4c42b997c1d3: Loading layer [==================================================>]  337.7MB/337.7MB
b921c11a7cce: Loading layer [==================================================>]  119.8kB/119.8kB
Loaded image: goharbor/harbor-migrator:v1.9.1
50d9ef917fd0: Loading layer [==================================================>]  8.985MB/8.985MB
49be4811c210: Loading layer [==================================================>]  44.39MB/44.39MB
e3e7d0ecbd56: Loading layer [==================================================>]  2.048kB/2.048kB
bd6ae8ad3688: Loading layer [==================================================>]  3.072kB/3.072kB
f8daafb6452b: Loading layer [==================================================>]   44.4MB/44.4MB
Loaded image: goharbor/chartmuseum-photon:v0.9.0-v1.9.1
f8be5d65a497: Loading layer [==================================================>]   2.56kB/2.56kB
ec2558a18995: Loading layer [==================================================>]  1.536kB/1.536kB
9253b305f3e0: Loading layer [==================================================>]  72.14MB/72.14MB
f5bc3b95773b: Loading layer [==================================================>]  42.56MB/42.56MB
1cb18728da6a: Loading layer [==================================================>]  156.7kB/156.7kB
10d8c3845ea7: Loading layer [==================================================>]  3.006MB/3.006MB
Loaded image: goharbor/prepare:v1.9.1
63f870b51f41: Loading layer [==================================================>]  63.49MB/63.49MB
7306099794e1: Loading layer [==================================================>]  53.21MB/53.21MB
8a9f36b3fb5f: Loading layer [==================================================>]  5.632kB/5.632kB
75daaad9bfa8: Loading layer [==================================================>]  2.048kB/2.048kB
d8f94d1114c6: Loading layer [==================================================>]   2.56kB/2.56kB
7ecefe35a143: Loading layer [==================================================>]   2.56kB/2.56kB
a8fab8d5af16: Loading layer [==================================================>]   2.56kB/2.56kB
94cf351a3c19: Loading layer [==================================================>]  10.24kB/10.24kB
Loaded image: goharbor/harbor-db:v1.9.1
9837bf8ee24e: Loading layer [==================================================>]  8.979MB/8.979MB
ba364bbbdbdd: Loading layer [==================================================>]  6.239MB/6.239MB
3fd94bb9f201: Loading layer [==================================================>]  15.13MB/15.13MB
a71f5b58dc99: Loading layer [==================================================>]  26.47MB/26.47MB
80997da865e8: Loading layer [==================================================>]  22.02kB/22.02kB
376d829dd4a8: Loading layer [==================================================>]  47.84MB/47.84MB
Loaded image: goharbor/notary-server-photon:v0.6.1-v1.9.1
7310144c80b8: Loading layer [==================================================>]  12.75MB/12.75MB
57822721a26e: Loading layer [==================================================>]  48.13MB/48.13MB
Loaded image: goharbor/harbor-jobservice:v1.9.1
b9172b8bd1c0: Loading layer [==================================================>]  10.82MB/10.82MB
Loaded image: goharbor/nginx-photon:v1.9.1
3999c34ab3d1: Loading layer [==================================================>]  13.72MB/13.72MB
55d2a47566d6: Loading layer [==================================================>]  26.47MB/26.47MB
605a3b90e10b: Loading layer [==================================================>]  22.02kB/22.02kB
753afe3849f7: Loading layer [==================================================>]  46.43MB/46.43MB
Loaded image: goharbor/notary-signer-photon:v0.6.1-v1.9.1
f6d400c78205: Loading layer [==================================================>]  7.012MB/7.012MB
da6e265c346e: Loading layer [==================================================>]  196.6kB/196.6kB
11f6a9c90cd1: Loading layer [==================================================>]    172kB/172kB
99996a16f7b1: Loading layer [==================================================>]  15.36kB/15.36kB
d94e53aaf9b8: Loading layer [==================================================>]  3.584kB/3.584kB
b84ee50e8238: Loading layer [==================================================>]  10.82MB/10.82MB
Loaded image: goharbor/harbor-portal:v1.9.1
e755a945ae2a: Loading layer [==================================================>]  12.75MB/12.75MB
dc5d22c53956: Loading layer [==================================================>]  55.39MB/55.39MB
15f93df7269e: Loading layer [==================================================>]  5.632kB/5.632kB
ee595495168a: Loading layer [==================================================>]  36.35kB/36.35kB
8fb7538d9d82: Loading layer [==================================================>]  55.39MB/55.39MB
Loaded image: goharbor/harbor-core:v1.9.1
3e458fabaeef: Loading layer [==================================================>]  50.61MB/50.61MB
2a88a9994014: Loading layer [==================================================>]  3.584kB/3.584kB
19d8eee966bd: Loading layer [==================================================>]  3.072kB/3.072kB
bd017a9bef7c: Loading layer [==================================================>]   2.56kB/2.56kB
186ca97fbd0d: Loading layer [==================================================>]  3.072kB/3.072kB
8b15fc511dbf: Loading layer [==================================================>]  3.584kB/3.584kB
cc84783073de: Loading layer [==================================================>]  12.29kB/12.29kB
Loaded image: goharbor/harbor-log:v1.9.1


[Step 2]: preparing environment ...
prepare base dir is set to /data/dockerfile/app/harbor/harbor
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /secret/keys/secretkey
Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir



[Step 3]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating registry      ... done
Creating harbor-portal ... done
Creating registryctl   ... done
Creating redis         ... done
Creating harbor-db     ... done
Creating harbor-core   ... done
Creating nginx             ... done
Creating harbor-jobservice ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://192.168.100.151. 
For more details, please visit https://github.com/goharbor/harbor .

查看 harbor 库中的镜像:

[root@linux-node1 /data/soft/harbor]# docker-compose images
    Container               Repository                         Tag                  Image Id       Size  
---------------------------------------------------------------------------------------------------------
harbor-core         goharbor/harbor-core          v1.9.1                          d105210d9924   155.4 MB
harbor-db           goharbor/harbor-db            v1.9.1                          91784692a954   146.8 MB
harbor-jobservice   goharbor/harbor-jobservice    v1.9.1                          71d4a3eaff94   140.9 MB
harbor-log          goharbor/harbor-log           v1.9.1                          368dd79ef99f   82.56 MB
harbor-portal       goharbor/harbor-portal        v1.9.1                          2dced1823043   51.3 MB 
nginx               goharbor/nginx-photon         v1.9.1                          0db1e12b9d30   43.93 MB
redis               goharbor/redis-photon         v1.9.1                          4d8d79a557df   109.6 MB
registry            goharbor/registry-photon      v2.7.1-patch-2819-2553-v1.9.1   d460d658f383   82.31 MB
registryctl         goharbor/harbor-registryctl   v1.9.1                          f4b2b72cdf71   99.63 MB

查看 harbor 启动的容器:

[root@k8s-master /data/dockerfile/app/harbor/harbor]# docker-compose ps
      Name                     Command                  State                 Ports          
---------------------------------------------------------------------------------------------
harbor-core         /harbor/harbor_core              Up (healthy)                            
harbor-db           /docker-entrypoint.sh            Up (healthy)   5432/tcp                 
harbor-jobservice   /harbor/harbor_jobservice  ...   Up (healthy)                            
harbor-log          /bin/sh -c /usr/local/bin/ ...   Up (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       nginx -g daemon off;             Up (healthy)   8080/tcp                 
nginx               nginx -g daemon off;             Up (healthy)   0.0.0.0:80->8080/tcp     
redis               redis-server /etc/redis.conf     Up (healthy)   6379/tcp                 
registry            /entrypoint.sh /etc/regist ...   Up (healthy)   5000/tcp                 
registryctl         /harbor/start.sh                 Up (healthy)

从下面的装置过程能够看出,装置 docker-compose 的装置形式也是基于容器的。它先拉取了几个镜像到本地,而后又基于这些镜像别离启动了容器,这些容器独特提供了 docker-compose 服务。这其中蕴含了 nginx(能够推断出 docker-compose 是基于 Nginx 部署的 web 的服务器),从下面的镜像列表能够看出它默认将宿主机的 80 端口映射给容器的 8080 端口。所以如果以后主机中有正在运行的利用占用了 80 端口,docker-compose 的装置过程就会报错:

[Step 3]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating registryctl   ... done
Creating registry      ... done
Creating harbor-portal ... done
Creating harbor-db     ... done
Creating redis         ... done
Creating harbor-core   ... done
Creating nginx             ... error
Creating harbor-jobservice ... 

ERROR: for nginx  Cannot start service proxy: driver failed programming external connectivity on endpoint nginx (0013631c93b74d1fbdfa55b88aa827a45597b2b7f3248b19f6bc016b7a9cb492): Error sta
Creating harbor-jobservice ... done

ERROR: for proxy  Cannot start service proxy: driver failed programming external connectivity on endpoint nginx (0013631c93b74d1fbdfa55b88aa827a45597b2b7f3248b19f6bc016b7a9cb492): Error starting userland proxy: listen tcp 0.0.0.0:80: bind: address already in use
ERROR: Encountered errors while bringing up the project.

留神:
执行 docker-compose ps 命令查看镜像时, 必须在 harbor 的解压目录中执行 ,否则会报错如下,因为它在执行 ps 时要读取文件 docker-compose.yml:

[root@k8s-master ~]# docker-compose ps
ERROR: 
        Can't find a suitable configuration file in this directory or any
        parent. Are you in the right directory?

        Supported filenames: docker-compose.yml, docker-compose.yaml

harbor 装置实现后,目录中多了一个文件夹和文件:common 和 docker-compose.yml。二者都是组成 harbor 服务的各个容器的配置文件。

[root@k8s-master /data/dockerfile/app/harbor/harbor]# ls
common  docker-compose.yml  harbor.v1.9.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare

不同的是:
common 蕴含的是各个组件(利用)的配置文件,例如 registry 的 config.yml 和 root.crt,nginx 的 conf.d 和 nginx.conf。
docker-compose.yml 定义的配置是所有组成 docker-compose 服务的容器的配置信息,蕴含每个容器的名称、应用的镜像、是否主动重启、cap_drop、cap_add、卷、网络、dns、日志、地址和端口等。

common 蕴含的配置文件如下:

[root@k8s-master /data/dockerfile/app/harbor/harbor/common/config]# ls
core  db  jobservice  log  nginx  registry  registryctl
[root@k8s-master /data/dockerfile/app/harbor/harbor/common/config]# 
[root@k8s-master /data/dockerfile/app/harbor/harbor/common/config]# ls *
core:
app.conf  certificates  env

db:
env

jobservice:
config.yml  env

log:
logrotate.conf  rsyslog_docker.conf

nginx:
conf.d  nginx.conf

registry:
config.yml  root.crt

registryctl:
config.yml  env

docker-compose.yml 的初始配置如下:

version: '2.3'
services:
  log:
    image: goharbor/harbor-log:v1.9.1
    container_name: harbor-log
    restart: always
    dns_search: .
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - DAC_OVERRIDE
      - SETGID
      - SETUID
    volumes:
      - /var/log/harbor/:/var/log/docker/:z
      - ./common/config/log/logrotate.conf:/etc/logrotate.d/logrotate.conf:z
      - ./common/config/log/rsyslog_docker.conf:/etc/rsyslog.d/rsyslog_docker.conf:z
    ports:
      - 127.0.0.1:1514:10514
    networks:
      - harbor
  registry:
    image: goharbor/registry-photon:v2.7.1-patch-2819-2553-v1.9.1
    container_name: registry
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - type: bind
        source: /data/secret/registry/root.crt
        target: /etc/registry/root.crt
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registry"
  registryctl:
    image: goharbor/harbor-registryctl:v1.9.1
    container_name: registryctl
    env_file:
      - ./common/config/registryctl/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - type: bind
        source: ./common/config/registryctl/config.yml
        target: /etc/registryctl/config.yml
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registryctl"
  postgresql:
    image: goharbor/harbor-db:v1.9.1
    container_name: harbor-db
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - DAC_OVERRIDE
      - SETGID
      - SETUID
    volumes:
      - /data/database:/var/lib/postgresql/data:z
    networks:
      harbor:
    dns_search: .
    env_file:
      - ./common/config/db/env
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "postgresql"
  core:
    image: goharbor/harbor-core:v1.9.1
    container_name: harbor-core
    env_file:
      - ./common/config/core/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
    volumes:
      - /data/ca_download/:/etc/core/ca/:z
      - /data/psc/:/etc/core/token/:z
      - /data/:/data/:z
      - ./common/config/core/certificates/:/etc/core/certificates/:z
      - type: bind
        source: ./common/config/core/app.conf
        target: /etc/core/app.conf
      - type: bind
        source: /data/secret/core/private_key.pem
        target: /etc/core/private_key.pem
      - type: bind
        source: /data/secret/keys/secretkey
        target: /etc/core/key
    networks:
      harbor:
    dns_search: .
    depends_on:
      - log
      - registry
      - redis
      - postgresql
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "core"
  portal:
    image: goharbor/harbor-portal:v1.9.1
    container_name: harbor-portal
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - NET_BIND_SERVICE
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "portal"

  jobservice:
    image: goharbor/harbor-jobservice:v1.9.1
    container_name: harbor-jobservice
    env_file:
      - ./common/config/jobservice/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/job_logs:/var/log/jobs:z
      - type: bind
        source: ./common/config/jobservice/config.yml
        target: /etc/jobservice/config.yml
    networks:
      - harbor
    dns_search: .
    depends_on:
      - core
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "jobservice"
  redis:
    image: goharbor/redis-photon:v1.9.1
    container_name: redis
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/redis:/var/lib/redis
    networks:
      harbor:
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "redis"
  proxy:
    image: goharbor/nginx-photon:v1.9.1
    container_name: nginx
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - NET_BIND_SERVICE
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    dns_search: .
    ports:
      - 80:8080
    depends_on:
      - registry
      - core
      - portal
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "proxy"
networks:
  harbor:
    external: false

拜访 harbor:
http://192.168.100.151:80

邮箱设置:

正文完
 0