Harbor 是一个企业级的 Docker 公有仓库我的项目,它自身由多个 Docker Containers 组成,通过 docker-compose 治理 containers 之间的依赖关系。
1. 装置
装置参见官网文档:Harbor - Installation and Configuration Guide
批改 harbor.yml 时,须要留神的有:
(1)应用 https 时,要本人生成证书,而后在 harbor.yml 里配置好证书的门路。
- 客户端也须要装置你生成的这个证书,否则会报错。(所以证书要做好备份)
- 详见 Docker - Use self-signed certificates
(2)data_volume 能够指定为 /data/harbor,而后要定期备份这个文件夹。(或者间接在新机器上装个 harbor,用 harbor 自带的仓库复制性能做定期备份。)
(3)企业的话,可能还须要配置 ldap 集成验证。
而后 sudo ./install.sh 装置 harbor(貌似必须用 sudo,因为生成进去的配置文件的 owner 都是 root,而且权限设得很严格。)
装置实现后会主动启动 harbor.
2. 设置主动启动
查看 harbor 目录下的 docker-compose.yml 会发现,所有的 containers 都配置了restart: always
version: '2.3'services: log: image: goharbor/harbor-log:v1.8.1 container_name: harbor-log restart: always dns_search: . # ...... registry: image: goharbor/registry-photon:v2.7.1-patch-2819-v1.8.1 container_name: registry restart: always # ......这示意所有的容器在意外敞开后都会主动重启,比方 docker 重启或服务器重启。当然,手动 stop 不会主动重启。
然而我在手动运行 docker-compose up -d,而后重启服务器后,发现有几个 container 并没有主动重启:
[ryan@ryan-pc ~]$ docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMESf30d802002a4 goharbor/nginx-photon:v1.8.1 "nginx -g 'daemon of…" 13 hours ago Exited (128) 27 minutes ago 0.0.0.0:80->80/tcp nginx21472ce8a993 goharbor/harbor-portal:v1.8.1 "nginx -g 'daemon of…" 13 hours ago Exited (128) 27 minutes ago 80/tcp harbor-portal5d866bb17c58 goharbor/harbor-jobservice:v1.8.1 "/harbor/start.sh" 13 hours ago Exited (137) 26 minutes ago harbor-jobservice0cf0f93b5a87 goharbor/harbor-core:v1.8.1 "/harbor/start.sh" 13 hours ago Up 11 seconds (health: starting) harbor-corecba280d9b945 goharbor/redis-photon:v1.8.1 "docker-entrypoint.s…" 13 hours ago Exited (137) 26 minutes ago 6379/tcp redis473e46d1f746 goharbor/harbor-registryctl:v1.8.1 "/harbor/start.sh" 13 hours ago Up 11 seconds (health: starting) registryctl51f105f1691d goharbor/registry-photon:v2.7.1-patch-2819-v1.8.1 "/entrypoint.sh /etc…" 13 hours ago Exited (137) 26 minutes ago 5000/tcp registryc41594ec7779 goharbor/harbor-db:v1.8.1 "/entrypoint.sh post…" 13 hours ago Up 11 seconds (health: starting) 5432/tcp harbor-db713bd4961772 goharbor/harbor-log:v1.8.1 "/bin/sh -c /usr/loc…" 13 hours ago Up 11 seconds (health: starting) 127.0.0.1:1514->10514/tcp harbor-log能够看到下列五个容器都处于 Exited 状态:
goharbor/nginx-photon:v1.8.1
goharbor/harbor-portal:v1.8.1
goharbor/harbor-jobservice:v1.8.1
goharbor/redis-photon:v1.8.1
goharbor/registry-photon:v2.7.1-patch-2819-v1.8.1
搜寻发现有人提过这个 issue: https://github.com/goharbor/h...
于是尝试将 harbor 配成 systemd 的 service,增加配置文件 /usr/lib/systemd/system/harbor.service,内容如下:
[Unit]Description=HarborAfter=docker.service systemd-networkd.service systemd-resolved.serviceRequires=docker.serviceDocumentation=http://github.com/vmware/harbor[Service]Type=simpleRestart=on-failureRestartSec=5ExecStart=/usr/local/bin/docker-compose -f {{ harbor_install_path }}/harbor/docker-compose.yml upExecStop=/usr/local/bin/docker-compose -f {{ harbor_install_path }}/harbor/docker-compose.yml down[Install]WantedBy=multi-user.target其中 {{ harbor_install_path }} 换成本人的 harbor 装置门路。
还有 docker-compose 的绝对路径,请通过 which docker-compose 查看。
而后启动该项服务并设置开机主动启动:
sudo systemctl start harborsudo systemctl enable harbor当初查看下 harbor.service 的状况:
● harbor.service - Harbor Loaded: loaded (/usr/lib/systemd/system/harbor.service; enabled; vendor preset: disabled) Active: active (running) since Sun 2019-07-07 12:54:27 CST; 2min 4s ago Docs: http://github.com/vmware/harbor Main PID: 9734 (docker-compose) Tasks: 11 (limit: 4915) Memory: 35.7M CGroup: /system.slice/harbor.service └─9734 /usr/bin/python /usr/bin/docker-compose -f /home/ryan/harbor/docker-compose.yml up7月 07 12:54:30 ryan-pc docker-compose[9734]: [128B blob data]7月 07 12:54:31 ryan-pc docker-compose[9734]: [167B blob data]7月 07 12:54:31 ryan-pc docker-compose[9734]: registryctl | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: registry | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: harbor-db | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: redis | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: harbor-core | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: harbor-jobservice | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: harbor-portal | WARNING: no logs are available with the 'syslog' log driver7月 07 12:54:31 ryan-pc docker-compose[9734]: nginx | WARNING: no logs are available with the 'syslog' log driver重启再看,发现 harbor 容器组终于全副 up 了:
[ryan@ryan-pc ~]$ docker ps -aCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES90943210e354 goharbor/nginx-photon:v1.8.1 "nginx -g 'daemon of…" 37 seconds ago Up 35 seconds (healthy) 0.0.0.0:80->80/tcp nginxbc70706d7b5f goharbor/harbor-portal:v1.8.1 "nginx -g 'daemon of…" 38 seconds ago Up 36 seconds (healthy) 80/tcp harbor-portal54e132bd1a10 goharbor/harbor-jobservice:v1.8.1 "/harbor/start.sh" 38 seconds ago Up 36 seconds harbor-jobservice28ada4a941ee goharbor/harbor-core:v1.8.1 "/harbor/start.sh" 39 seconds ago Up 37 seconds (healthy) harbor-corede44686f7e72 goharbor/registry-photon:v2.7.1-patch-2819-v1.8.1 "/entrypoint.sh /etc…" 39 seconds ago Up 38 seconds (healthy) 5000/tcp registrye5efdae34c13 goharbor/harbor-db:v1.8.1 "/entrypoint.sh post…" 39 seconds ago Up 38 seconds (healthy) 5432/tcp harbor-dba5fe52e1f184 goharbor/harbor-registryctl:v1.8.1 "/harbor/start.sh" 39 seconds ago Up 38 seconds (healthy) registryctl4a74b5f3499a goharbor/redis-photon:v1.8.1 "docker-entrypoint.s…" 39 seconds ago Up 38 seconds 6379/tcp redis677fd84d0a70 goharbor/harbor-log:v1.8.1 "/bin/sh -c /usr/loc…" 40 seconds ago Up 39 seconds (healthy) 127.0.0.1:1514->10514/tcp harbor-log本文参考:
- Harbor containers fail to start on docker startup
- 通过 systemctl 设置自定义 Service