用Harbor实现容器镜像仓库的管理和运维<二>

发表于 | 分类于 |
| 字数统计: 1,068 | 阅读时长 ≈ 6

修改Harbor的默认端口

一般情况下,harbor默认使用的端口为80端口,不管用命令行登陆还是网页登陆(HTTP模式)都是连到80端口,为了保证harbor的端口和openshift的镜像仓库端口保持一致,因此需要将80端口修改为5000端口。
对于openshift all-in-one架构,router和harbor部署在一起,而router的监听端口为80和443端口,因此为了避免端口冲突,需要将harbor的端口改为其它端口。

修改docker-compose.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
[root@harbor1 harbor]# vi docker-compose.yml 
version: '2'
services:
  log:
    image: vmware/harbor-log:v1.2.2
    container_name: harbor-log
    restart: always
    volumes:
      - /var/log/harbor/:/var/log/docker/:z
...
proxy:
    image: vmware/nginx-photon:1.11.13
    container_name: nginx
    restart: always
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    ports:
      - 10080:80   <!--修改80端口为10080端口-->
      - 443:443
      - 4443:4443
      - 5000:5000

修改/data/harbor/common/templates/registry/config.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
[root@harbor1 harbor]# vi common/templates/registry/config.yml 
version: 0.1
log:
  level: debug
  fields:
    service: registry
storage:
    cache:
        layerinfo: inmemory
    filesystem:
        rootdirectory: /storage
    maintenance:
        uploadpurging:
            enabled: false
    delete:
        enabled: true
http:
    addr: :5000
    secret: placeholder
    debug:
        addr: localhost:5001
auth:
  token:
    issuer: harbor-token-issuer
    realm: $ui_url:10080/service/token     <!--在ui_url后面接上端口-->
    rootcertbundle: /etc/registry/root.crt
    service: harbor-registry

停止harbor服务

1
2
3
[root@harbor1 harbor]# docker-compose stop
Stopping registry   ... done
Stopping harbor-log ... done

重新生成harbor配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
[root@harbor1 harbor]# ./install.sh
[Step 0]: checking installation environment ...
Note: docker version: 1.12.6
Note: docker-compose version: 1.17.0
[Step 1]: loading Harbor images ...
Loaded image: vmware/harbor-ui:v1.2.2
Loaded image: vmware/notary-photon:server-0.5.0
Loaded image: vmware/nginx-photon:1.11.13
Loaded image: vmware/registry:2.6.2-photon
Loaded image: photon:1.0
Loaded image: vmware/notary-photon:signer-0.5.0
Loaded image: vmware/harbor-adminserver:v1.2.2
Loaded image: vmware/harbor-log:v1.2.2
Loaded image: vmware/harbor-db:v1.2.2
Loaded image: vmware/harbor-jobservice:v1.2.2
Loaded image: vmware/harbor-notary-db:mariadb-10.1.10
Loaded image: vmware/clair:v2.0.1-photon
Loaded image: vmware/postgresql:9.6.4-photon
[Step 2]: preparing environment ...
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/ui/env
Clearing the configuration file: ./common/config/ui/app.conf
Clearing the configuration file: ./common/config/ui/private_key.pem
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/app.conf
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/nginx.conf
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/app.conf
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.
[Step 3]: checking existing instance of Harbor ...
Note: stopping existing Harbor instance ...
Removing nginx              ... done
Removing harbor-jobservice  ... done
Removing harbor-ui          ... done
Removing harbor-adminserver ... done
Removing harbor-db          ... done
Removing registry           ... done
Removing harbor-log         ... done
Removing network harbor_harbor
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... 
Creating harbor-log ... done
Creating registry ... 
Creating harbor-db ... 
Creating registry
Creating harbor-adminserver ... 
Creating harbor-db
Creating harbor-adminserver ... done
Creating harbor-ui ... 
Creating harbor-ui ... done
Creating harbor-jobservice ... 
Creating nginx ... 
Creating harbor-jobservice
Creating nginx ... done
✔ ----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://harbor1.test.com. 
For more details, please visit https://github.com/vmware/harbor .

修改/usr/lib/systemd/system/docker.service

1
2
3
4
[root@harbor1 harbor]# vi /usr/lib/systemd/system/docker.service
...
ExecStart=/usr/bin/dockerd-current \
          --insecure-registry harbor1.test.com:10080 \

重启docker服务

1
2
[root@harbor1 harbor]# systemctl daemon-reload 
[root@harbor1 harbor]# systemctl restart docker

验证

1
2
3
4
[root@harbor1 harbor]# docker login harbor1.test.com:10080
Username: admin
Password: 
Login Succeeded

验证成功!

问题
重启docker服务后,发现登陆时报

1
2
3
4
[root@harbor1 harbor]# docker login harbor1.test.com:10080
Username: admin
Password: 
Error response from daemon: Get http://harbor1.test.com:10080/v1/users/: dial tcp 192.168.10.19:10080: getsockopt: connection refused

检查docker-compose的服务时发现部分服务没有启动,然后用docker-compose重启下服务

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
[root@harbor1 harbor]# docker-compose ps
       Name                     Command                State                       Ports                  
----------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/harbor_adminserver       Up                                                  
harbor-db            docker-entrypoint.sh mysqld      Exit 128                                            
harbor-jobservice    /harbor/harbor_jobservice        Up                                                  
harbor-log           /bin/sh -c crond && rm -f  ...   Up         127.0.0.1:1514->514/tcp                  
harbor-ui            /harbor/harbor_ui                Up                                                  
nginx                nginx -g daemon off;             Up         0.0.0.0:443->443/tcp,                    
                                                                 0.0.0.0:4443->4443/tcp,                  
                                                                 0.0.0.0:5000->5000/tcp,                  
                                                                 0.0.0.0:10080->80/tcp                    
registry             /entrypoint.sh serve /etc/ ...   Exit 2 
[root@harbor1 harbor]# docker-compose stop
Stopping nginx              ... done
Stopping harbor-jobservice  ... done
Stopping harbor-ui          ... done
Stopping harbor-adminserver ... done
Stopping harbor-log         ... done
[root@harbor1 harbor]# docker-compose start
Starting log         ... done
Starting adminserver ... done
Starting registry    ... done
Starting ui          ... done
Starting mysql       ... done
Starting jobservice  ... done
Starting proxy       ... done
[root@harbor1 harbor]# docker-compose ps
       Name                     Command               State                      Ports                    
----------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/harbor_adminserver       Up                                                  
harbor-db            docker-entrypoint.sh mysqld      Up      3306/tcp                                    
harbor-jobservice    /harbor/harbor_jobservice        Up                                                  
harbor-log           /bin/sh -c crond && rm -f  ...   Up      127.0.0.1:1514->514/tcp                     
harbor-ui            /harbor/harbor_ui                Up                                                  
nginx                nginx -g daemon off;             Up      0.0.0.0:443->443/tcp,                       
                                                              0.0.0.0:4443->4443/tcp,                     
                                                              0.0.0.0:5000->5000/tcp,                     
                                                              0.0.0.0:10080->80/tcp                       
registry             /entrypoint.sh serve /etc/ ...   Up      5000/tcp

----本文结束感谢您的阅读----
0%