CentOS deploys Harbor mirror warehouse

http://creativecommons.org/licenses/by-sa/4.0/ Copyright statement: This article is the original article of the blogger and follows the CC 4.0 BY-SA copyright agreement. Please attach the original source link and this statement for reprinting.

  Link to this article: [https://blog.csdn.net/boling_cavalry/article/details/101100898](https://blog.csdn.net/boling_cavalry/article/details/101100898)

About Harbor

Harbor is a mirror warehouse service for storing and distributing Docker images. Compared with Docker Registry, Harbor has enhanced security, identification, and management, and is more suitable for enterprise use;

1. Official website: https://goharbor.io/
2. Official open source: https://github.com/goharbor/harbor

Environmental information###

The Harbor version to be deployed today is 1.9.0, and the machine information used for this deployment is as follows:

1. Operating system: CentOS Linux release 7.7.1908
2. Docker：19.03.2
3. docker-compose：1.23.2

Deploy Harbor

Harbor officially provides online and offline installation methods. Considering that the enterprise server may not be able to access the external network, it is more practical to choose offline installation;

1. Open the release page of Harbor's GitHub repository to download the offline installation package, the address is: https://github.com/goharbor/harbor/releases, as shown in the red box in the figure below, I chose the latest version 1.9.0:

1. Download the offline installation package harbor-offline-installer-v1.9.0.tgz to your computer and execute the following command to decompress:

tar -zxvf harbor-offline-installer-v1.9.0.tgz

The result of decompression is a folder named harbor, enter the folder;

1. Modify the configuration file harbor.yml, mainly to modify the following two configurations:
   a. hostname: fill in the IP address or hostname of the machine, if it has been bound to the domain name, you can also fill in the domain name;
   b. harbor_admin_password: the initial password of the administrator;
   For more configuration such as https, storage, etc., please refer to the official documentation for on-demand settings;
2. To start the installation, execute the command ./install.sh in the directory where the install.sh file is located to install Harbor. The console information for successful deployment is as follows:

Creating network "harbor_harbor"with the default driver
Creating harbor-log ... done
Creating registryctl   ... done
Creating registry      ... done
Creating harbor-db     ... done
Creating redis         ... done
Creating harbor-portal ... done
Creating harbor-core   ... done
Creating nginx             ... done
Creating harbor-jobservice ... done

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://192.168.50.167. 
For more details, please visit https://github.com/goharbor/harbor .

1. There should be nine containers running normally at this point:

[ root@vostro ~]# docker ps
CONTAINER ID        IMAGE                                               COMMAND                  CREATED             STATUS                 PORTS                       NAMES
dac02ab21a1f        goharbor/harbor-jobservice:v1.9.0"/harbor/harbor_jobs…"3 hours ago         Up 3hours(healthy)                               harbor-jobservice
998 fa5676a08        goharbor/nginx-photon:v1.9.0"nginx -g 'daemon of…"3 hours ago         Up 3hours(healthy)0.0.0.0:80->8080/tcp        nginx
bc87d9a5a7f7        goharbor/harbor-core:v1.9.0"/harbor/harbor_core"3 hours ago         Up 3hours(healthy)                               harbor-core
ce495560ef35        goharbor/harbor-db:v1.9.0"/docker-entrypoint.…"3 hours ago         Up 3hours(healthy)5432/tcp                    harbor-db
25 a13fddd607        goharbor/harbor-portal:v1.9.0"nginx -g 'daemon of…"3 hours ago         Up 3hours(healthy)8080/tcp                    harbor-portal
b9f72d4da022        goharbor/redis-photon:v1.9.0"redis-server /etc/r…"3 hours ago         Up 3hours(healthy)6379/tcp                    redis
3804003153 ae        goharbor/harbor-registryctl:v1.9.0"/harbor/start.sh"3 hours ago         Up 3hours(healthy)                               registryctl
d8d570e88874        goharbor/registry-photon:v2.7.1-patch-2819-v1.9.0"/entrypoint.sh /etc…"3 hours ago         Up 3hours(healthy)5000/tcp                    registry
2 d940d7fd271        goharbor/harbor-log:v1.9.0"/bin/sh -c /usr/loc…"3 hours ago         Up 3hours(healthy)127.0.0.1:1514->10514/tcp   harbor-log

1. Because Harbor's web service uses port 80 of [Host] (https://cloud.tencent.com/product/cdh?from=10680), you can directly enter the IP address of the host in the browser to access Harbor's web management page. The account is admin, and the password is the value of harbor_admin_password set earlier. (The default is Harbor12345):

1. After logging in successfully, I found it empty, too, there is nothing at present:

Allow http connection###

Next, we need to verify whether the Harbor service is available. The verification method is to remotely push the image from another Linux computer (hereinafter referred to as computer A) to the Harbor machine;
Harbor does not allow http connections by default. Here you can modify the settings to support http connections for subsequent verification operations;

1. If you want to connect to the Harbor server from computer A, you must set up computer A, where computer A is the Linux operating system;
2. Edit the /etc/docker/daemon.json file of computer A (create a new one if it does not exist), add the following content, 192.168.50.167 is the IP address of the Harbor server:

{" insecure-registries":["192.168.50.167"]}

1. Restart to make the configuration take effect:

systemctl daemon-reload  && systemctl restart docker

Remind again: The modification here is the configuration of the machine connecting to the Harbor service remotely, not the configuration of the Harbor server;

Push the mirror to Harbor

Next, verify the service of Harbor and try to push the image of this machine to Harbor on computer A;

1. Log in to computer A and choose a local mirror for testing. I have a local mirror named jenkinsci/blueocean:1.19.0 with an ID of 11e2757c8bc1:

root@hedy:~# docker images
REPOSITORY                          TAG                 IMAGE ID            CREATED             SIZE
jenkinsci/blueocean                 1.19.0              11e2757c8bc1        7 days ago          553MB

1. Execute the following command to modify the name and TAG of the selected local mirror:

docker tag 11e2757c8bc1 192.168.50.167/library/jenkinsci/blueocean:1.19.0

In the above command, 192.168.50.167 is the hostname value configured in the harbor.yml file when the harbor is installed, and library is the default project name of the harbor;
3. Execute the following command to log in to Harbor from computer A:

docker login 192.168.50.167-u admin -p Harbor12345

1. Execute the command docker push 192.168.50.167/library/jenkinsci/blueocean:1.19.0

root@hedy:~# docker push 192.168.50.167/library/jenkinsci/blueocean:1.19.0
The push refers to repository [192.168.50.167/library/jenkinsci/blueocean]
2963284 ab4ce: Pushing [================================================>]58.27MB/60.25MB
c4a4de444fad: Pushing [========>]47.87MB/267.6MB
850 b4f512dc8: Pushed 
abdaf43f94b6: Pushed 
a6a27b82134d: Pushed 
d6bee87a74b8: Pushed 
28 c6bdb5fda9: Pushed 
bb25d1c7cc8a: Pushed 
e2419390abaa: Pushing [========================>]37.29MB/77.36MB
d6982687f77e: Pushed 
c9659702491d: Pushed 
ed4e100c24a1: Pushing [==========================================>]36.71MB/43.37MB
ceaf9e1ebef5: Pushing [======>]12.58MB/99.29MB
9 b9b7f3d56a0: Waiting 
f1b5933fe4b5: Waiting

1. After uploading, log in to Harbor webpage, you can see the newly uploaded image:

At this point, the actual combat is over. I hope this article can give you some reference when you build the Harbor service.