Docker: 企业级镜像仓库Harbor的使用
上一节,演示了Harbor的安装部署
这次我们来讲解 Harbor的使用。
我们需要了解到:
1. 如何推镜像到镜像仓库
2. 如何从镜像仓库拉取镜像
3. 如何运行从私有仓库拉取的镜像
# 查看 harbor服务状态,都是up说明 harbor服务状态正常[root@192 harbor]# docker-compose ps
如果状态不对,使用docker-compose restart重启,或者使用docker-compose up -d 启动容器,并后台运行
浏览器打开 http://192.168.1.30 用户名:admin 密码:Harbor123456(在harbor.cfg配置的默认密码,在部署harbor过程中没有修改过,所以用默认密码登录)
可以通过[新建项目]来创建项目,
访问级别:公开,代表不需要登陆账号就拉取(下载)镜像; 私有,代表必须有登陆账号和账号的项目权限正确才可以拉取(下载)镜像; 不管什么访问级别,推送(上传)镜像到harbor仓库,必须先登陆账号,并且登陆账号的项目权限正确。
新建了一个用户:testuser1,密码:Test12345567;
给用户testuser1添加library项目的权限
docker和harbor之间交互的基本使用:
1、配置http镜像仓库可信任(docker默认是通过https访问harbor的,但是私有仓库是在公司内网的话,没有必要配置https, 所以我们要在daemon.json配置harbor服务器地址被docker认为是可信任的站点;如果docker通过https访问harbor,就不需要进行如下设置)
# vi /etc/docker/daemon.json
{"insecure-registries":["192.168.1.30"]}
格式不能写错,修改该配置后,需要重启docker服务,如果写错,重启docker会有问题。
# systemctl restart docker #重启docker的话,要留意一下,通过docker启动的容器是否正常运行, harbor就启动在docker容器里的,所以需要用docker-compose ps查看harbor服务状态,如果harbor状态不全是Up状态,那么使用 docker-compose up -d 再次启动所有
2、打标签
# docker tag centos:6 192.168.1.30/library/centos:6
3、上传
# docker push 192.168.1.30/library/centos:6
4、下载
# docker pull 192.168.1.30/library/centos:6
#修改docker的配置文件daemon.json(docker通过http访问harbor的话,需要配置harbor的服务器地址为可信任;如果通过https方式访问harbor,这里不需要修改) [root@192 harbor]# vi /etc/docker/daemon.json [root@192 harbor]# cat /etc/docker/daemon.json {"registry-mirrors": ["http://f1361db2.m.daocloud.io"], "insecure-registries":["192.168.1.30"] } #重启docker [root@192 harbor]# systemctl restart docker #重启查看harbor状态,因为harbor也是运行在docker容器里的,容器服务重启,相应的容器也要检查一下状态是否正常 [root@192 harbor]# docker-compose psName Command State Ports ------------------------------------------------------------------------------------------------------- harbor-adminserver /harbor/start.sh Exit 137 harbor-db /entrypoint.sh postgres Exit 255 harbor-jobservice /harbor/start.sh Exit 137 harbor-log /bin/sh -c /usr/local/bin/ ... Up (health: starting) 127.0.0.1:1514->10514/tcp harbor-ui /harbor/start.sh Up (health: starting) nginx nginx -g daemon off; Exit 128 redis docker-entrypoint.sh redis ... Exit 128 registry /entrypoint.sh /etc/regist ... Up (health: starting) 5000/tcp #(没有的)创建和有的直接启动容器,-d参数代表在后台运行服务 [root@192 harbor]# docker-compose up -d harbor-log is up-to-date Starting harbor-db ... registry is up-to-date Starting harbor-adminserver ... Starting redis ... harbor-ui is up-to-date Starting harbor-jobservice ... Starting nginx ... #查看harbor服务状态 [root@192 harbor]# docker-compose psName Command State Ports ----------------------------------------------------------------------------------------------------------------- harbor-adminserver /harbor/start.sh Up (health: starting) harbor-db /entrypoint.sh postgres Up (health: starting) 5432/tcp harbor-jobservice /harbor/start.sh Up harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/tcp harbor-ui /harbor/start.sh Up (health: starting) nginx nginx -g daemon off; Up (health: starting) 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp redis docker-entrypoint.sh redis ... Up 6379/tcp registry /entrypoint.sh /etc/regist ... Up (healthy) 5000/tcp #列出docker镜像 [root@192 harbor]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE tomcat v1 5f8fe4ca82ba 7 hours ago 427MB php v1 d48e00d7de94 7 hours ago 514MB nginx v1 a5412fe37cac 7 hours ago 361MB nginx latest 881bd08c0b08 9 days ago 109MB mysql 5.7 ee7cbd482336 9 days ago 372MB busybox latest d8233ab899d4 3 weeks ago 1.2MB centos 7 1e1148e4cc2c 3 months ago 202MB centos latest 1e1148e4cc2c 3 months ago 202MB goharbor/chartmuseum-photon v0.7.1-v1.6.1 f0a2dbee1ff1 4 months ago 350MB goharbor/harbor-migrator v1.6.1 60e8be845b35 4 months ago 798MB goharbor/redis-photon v1.6.1 6a67380bb061 4 months ago 210MB goharbor/clair-photon v2.0.6-v1.6.1 c4fcdbae7df2 4 months ago 302MB goharbor/notary-server-photon v0.5.1-v1.6.1 f1afd44d9f9b 4 months ago 209MB goharbor/notary-signer-photon v0.5.1-v1.6.1 83aa51867207 4 months ago 207MB goharbor/registry-photon v2.6.2-v1.6.1 f4cb5e83f0a4 4 months ago 196MB goharbor/nginx-photon v1.6.1 9ca888fe33b2 4 months ago 132MB goharbor/harbor-log v1.6.1 9b1ea3f29465 4 months ago 198MB goharbor/harbor-jobservice v1.6.1 9ca6fd371ca6 4 months ago 192MB goharbor/harbor-ui v1.6.1 305ee5b8952c 4 months ago 215MB goharbor/harbor-adminserver v1.6.1 a3e95f74984e 4 months ago 181MB goharbor/harbor-db v1.6.1 3bea3bff0190 4 months ago 219MB java 8 d23bdf5b1b1b 2 years ago 643MB # 配置 php:v1这个镜像,推送到哪里去,这里推送到私有仓库地址[root@192 harbor]# docker tag php:v1 192.168.1.30/library/php:v1 # docker登陆镜像仓库,成功 [root@192 harbor]# docker login 192.168.1.30 username:testuser1 password: WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store # 下次再登陆,不需要重复输入用户名,密码 [root@192 harbor]# docker login 192.168.1.30 Authenticating with existing credentials... WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded #推送到Harbor镜像仓库 [root@192 harbor]# docker push 192.168.1.30/library/php:v1 The push refers to repository [192.168.1.30/library/php] v1: digest: sha256:dff46139f7bbcaf014ef2f1b9a564b99fdf0fd6cedbce965d01e6ad4091566bb size: 1370 # 将nginx:v1打上推送到镜像仓库的地址标签,并推送 [root@192 harbor]# docker tag nginx:v1 192.168.1.30/library/nginx:v1 [root@192 harbor]# docker push 192.168.1.30/library/nginx:v1 The push refers to repository [192.168.1.30/library/nginx] v1: digest: sha256:4b4183c9fc6af4479c0b9632f13076c4276c83ccdc32784b521225f878963c74 size: 1159 # 将tomcat:v1打上推送到镜像仓库的地址标签,并推送 [root@192 harbor]# docker tag tomcat:v1 192.168.1.30/library/tomcat:v1 [root@192 harbor]# docker push 192.168.1.30/library/tomcat:v1 The push refers to repository [192.168.1.30/library/tomcat] v1: digest: sha256:37a025411fc5250673100c51cc60a48878695c9f1f59c953a6751f21b9db18df size: 952 #从镜像仓库拉取nginx:v1 [root@192 harbor]# docker pull 192.168.1.30/library/nginx:v1 v1: Pulling from library/nginx Digest: sha256:4b4183c9fc6af4479c0b9632f13076c4276c83ccdc32784b521225f878963c74 Status: Image is up to date for 192.168.1.30/library/nginx:v1 [root@192 harbor]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.1.30/library/tomcat v1 5f8fe4ca82ba 7 hours ago 427MB tomcat v1 5f8fe4ca82ba 7 hours ago 427MB 192.168.1.30/library/php v1 d48e00d7de94 8 hours ago 514MB php v1 d48e00d7de94 8 hours ago 514MB 192.168.1.30/library/nginx v1 a5412fe37cac 8 hours ago 361MB nginx v1 a5412fe37cac 8 hours ago 361MB nginx latest 881bd08c0b08 9 days ago 109MB mysql 5.7 ee7cbd482336 9 days ago 372MB busybox latest d8233ab899d4 3 weeks ago 1.2MB centos 7 1e1148e4cc2c 3 months ago 202MB centos latest 1e1148e4cc2c 3 months ago 202MB goharbor/chartmuseum-photon v0.7.1-v1.6.1 f0a2dbee1ff1 4 months ago 350MB goharbor/harbor-migrator v1.6.1 60e8be845b35 4 months ago 798MB goharbor/redis-photon v1.6.1 6a67380bb061 4 months ago 210MB goharbor/clair-photon v2.0.6-v1.6.1 c4fcdbae7df2 4 months ago 302MB goharbor/notary-server-photon v0.5.1-v1.6.1 f1afd44d9f9b 4 months ago 209MB goharbor/notary-signer-photon v0.5.1-v1.6.1 83aa51867207 4 months ago 207MB goharbor/registry-photon v2.6.2-v1.6.1 f4cb5e83f0a4 4 months ago 196MB goharbor/nginx-photon v1.6.1 9ca888fe33b2 4 months ago 132MB goharbor/harbor-log v1.6.1 9b1ea3f29465 4 months ago 198MB goharbor/harbor-jobservice v1.6.1 9ca6fd371ca6 4 months ago 192MB goharbor/harbor-ui v1.6.1 305ee5b8952c 4 months ago 215MB goharbor/harbor-adminserver v1.6.1 a3e95f74984e 4 months ago 181MB goharbor/harbor-db v1.6.1 3bea3bff0190 4 months ago 219MB java 8 d23bdf5b1b1b 2 years ago 643MB
有个规则:给镜像打好标签后,用docker images是看不到镜像的变化的, 只有通过dockor push 把镜像推送到harbor仓库后, docker images才会看到有新增的镜像
验证结果:
下面演示如何从私有镜像仓库Harbor拉取镜像并运行 nginx, php, 假设 Docker: 快速搭建LNMP网站平台 里面创建的容器,删除掉,只保留lnmp_mysql
[root@192 nginx]# docker container rm -f lnmp_nginx lnmp_nginx [root@192 nginx]# docker container rm -f lnmp_php lnmp_php#运行没什么特别,就是把镜像名和标签换成私有仓库的就可以 [root@192 nginx]# docker run -d --name lnmp_php --net lnmp --mount src=wwwroot,dst=/wwwroot 192.168.1.30/library/php:v1 c3624fb185f93351af97bea35a604155b52b2e4eca600d5be4e4e5be93b1ee7f [root@192 nginx]# docker run -d --name lnmp_nginx --net lnmp -p 88:80 --mount type=bind,src=$(pwd)/nginx.conf,dst=/usr/local/nginx/conf/nginx.conf --mount src=wwwroot,dst=/wwwroot 192.168.1.30/library/nginx:v1 3cc9715ef1f0bb9b4039c3aa58a3508d14f3825e8b275e2a50467b7e037709b6 [root@192 nginx]# docker container ls -l CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 11 seconds ago Up 9 seconds 0.0.0.0:88->80/tcp lnmp_nginx [root@192 nginx]# docker container ls -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 22 seconds ago Up 20 seconds 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" About a minute ago Up About a minute 9000/tcp lnmp_php 9b2acdc4e0d4 192.168.1.30/library/php:v1 "--name lnmp_php" 9 minutes ago Created 9000/tcp gracious_borg 31416cb93251 192.168.1.30/library/php:v1 "-name lnmp_php" 10 minutes ago Created 9000/tcp vigorous_wiles 679f5aa83443 5f8fe4ca82ba "catalina.sh run" 15 hours ago Up 15 hours 0.0.0.0:99->8080/tcp gifted_gates ce152fffc931 goharbor/harbor-jobservice:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours harbor-jobservice d5a971fcf319 goharbor/nginx-photon:v1.6.1 "nginx -g 'daemon of…" 29 hours ago Up 28 hours (healthy) 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp nginx 197b6f639c4b goharbor/harbor-ui:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours (healthy) harbor-ui 443fd0c18620 goharbor/harbor-db:v1.6.1 "/entrypoint.sh post…" 29 hours ago Up 28 hours (healthy) 5432/tcp harbor-db 4943f885123b goharbor/harbor-adminserver:v1.6.1 "/harbor/start.sh" 29 hours ago Up 28 hours (healthy) harbor-adminserver d29f080f8615 goharbor/redis-photon:v1.6.1 "docker-entrypoint.s…" 29 hours ago Up 28 hours 6379/tcp redis 5130724e6c5b goharbor/registry-photon:v2.6.2-v1.6.1 "/entrypoint.sh /etc…" 29 hours ago Up 28 hours (healthy) 5000/tcp registry 737c956d3c64 goharbor/harbor-log:v1.6.1 "/bin/sh -c /usr/loc…" 29 hours ago Up 28 hours (healthy) 127.0.0.1:1514->10514/tcp harbor-log 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql f4f3056e14b6 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Exited (1) 34 hours ago objective_wozniak [root@192 nginx]# docker container ls -a|grep lnmp 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" 29 seconds ago Up 27 seconds 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" About a minute ago Up About a minute 9000/tcp lnmp_php 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql [root@192 nginx]# docker container ls -a|grep lnmp 3cc9715ef1f0 192.168.1.30/library/nginx:v1 "nginx -g 'daemon of…" About a minute ago Up About a minute 0.0.0.0:88->80/tcp lnmp_nginx c3624fb185f9 192.168.1.30/library/php:v1 "php-fpm" 2 minutes ago Up 2 minutes 9000/tcp lnmp_php 845547a65a14 mysql:5.7 "docker-entrypoint.s…" 34 hours ago Up 19 hours 3306/tcp, 33060/tcp lnmp_mysql
打开浏览器看一下:
到此,测试从私有仓库harbor上拉取镜像,并运行,测试通过。 这里需要注意的是, php,nginx运行是有顺序的,需要先运行 php,在运行nginx. 因为nginx.cnf配置文件里,配置了转发到lnmp_php,找不到这个服务器, nginx服务就会退出 。
作者: 梅梅~
出处: https://www.cnblogs.com/keeptesting
关于作者:专注软件测试,测试运维相关工作,请多多赐教!
本文版权归作者和博客园共有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出, 原文链接 欢迎沟通交流加微信联系。 微信:yangguangkg20140901 暗号:博客园.
转载于:https://www.cnblogs.com/keeptesting/p/10553281.html
Docker: 企业级镜像仓库Harbor的使用相关推荐
- 【云原生】第十二篇--docker容器镜像仓库Harbor部署
docker容器镜像仓库Harbor部署 一.容器镜像加速器 1.1 获取阿里云容器镜像加速地址 1.2 配置docker daemon使用加速器 二.容器镜像仓库 2.1 docker hub 2. ...
- docker进阶-搭建私有企业级镜像仓库Harbor
为什么要搭建私有镜像仓库 对于一个刚刚接触Docker的人来说,官方的Docker hub是用于管理公共镜像.既然官方提供了镜像仓库我们为什么还要去自己搭建私有仓库呢?虽然也可以托管私有镜像.我们 ...
- 企业级Docker容器镜像仓库Harbor的搭建
Harbor简述 Habor是由VMWare公司开源的容器镜像仓库.事实上,Habor是在Docker Registry上进行了相应的企业级扩展,从而获得了更加广泛的应用,这些新的企业级特性包括:管理 ...
- centos7部署企业镜像仓库 Harbor
Harbor 仓库介绍 Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署私有环境内的Registry也是非常必要的. ...
- Docker镜像仓库Harbor之搭建及配置
Docker镜像仓库Harbor之搭建及配置 1.Harbor 介绍 Docker容器应用的开发和运行离不开可靠的镜像管理,虽然Docker官方也提供了公共的镜像仓库,但是从安全和效率等方面考虑,部署 ...
- 离线手动部署docker镜像仓库——harbor仓库(二)
前言: 在<离线手动部署docker镜像仓库--harbor仓库(一)>中,记录了离线部署harbor仓库的简单过程,这里主要记录修改默认访问端口80端口为1180端口的部署方式和注意点. ...
- Docker 镜像仓库 Harbor 部署 及 跨数据复制
Docker 镜像仓库 Harbor 部署 及 跨数据复制 注: 由于 Harbor 是基于 Docker Registry V2 版本,所以Docker version 17.05.0-ce, bu ...
- 华为云ECS-CentOS8.2部署(Harbor)Docker私有镜像仓库
华为云ECS-CentOS8.2部署(Harbor)Docker私有镜像仓库 1.背景 2.环境说明 3.在CentOs中安装所需要的软件包 4.部署Harbor 4.1.安装docker-compo ...
- 部署企业私有镜像仓库Harbor
私有镜像仓库有许多优点 1)节省网络带宽,针对于每个镜像不用每个人都去中央仓库上面去下载,只需要从私有仓库中下载即可; 2)提供镜像资源利用,针对于公司内部使用的镜像, ...
最新文章
- Python对象类型——字符串、列表、元组
- php docker开发环境,使用Docker的PHP开发环境
- ckeditor5加字数_CKEditor5基本使用
- jQuery【学习心得】简介和选择器
- python作业是什么意思_Python12.21-基本数据类型学习笔记和作业,python1221,及
- MongoDB学习笔记(一)--基础
- 挖掘频繁模式、关联和Apriori算法
- java8流_Java8Stream流详解
- 阶段3 2.Spring_04.Spring的常用注解_5 自动按照类型注入
- 【应用推荐】优效文件助手 everything的完美替代方案,更美观,更高效,更强大。
- visio常用快捷键_visio2003常用快捷键有哪些
- 解决putty自动断开问题
- java 处理txt_java 读写 txt 文件
- 服务器共享文档只读不可复制,局域网共享文件只读不存、共享文件只读不能复制设置法...
- worksheet怎么读_worksheet是什么意思_worksheet怎么读_worksheet翻译_用法_发音_词组_同反义词_工作表_学习单-新东方在线英语词典...
- 高中计算机课听课记录表,信息技术课听课记录
- 使用Typora添加数学公式
- python3.7爬虫
- 推荐12个优质技术公众号!
- 网易云课堂web安全学习第七天——了解url跳转漏洞