环境

server：linux redhat7.6
网络适配器：nat（个人习惯）
IP地址：192.168.1.229

安装docker容器

这里我使用的是阿里云镜像中的docker-ce，具体安装方法
完成后在目录/etc/yum.repo.d下下载文件

[root@localhost yum.repos.d]# wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

安装docker-ce

[root@localhost yum.repos.d]# yum install docker-ce
已加载插件：langpacks, product-id, search-disabled-repos
正在解决依赖关系
--> 正在检查事务
---> 软件包 docker-ce.x86_64.3.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 container-selinux >= 2:2.74，它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 containerd.io >= 1.4.1，它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 docker-ce-cli，它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 docker-ce-rootless-extras，它被软件包 3:docker-ce-20.10.12-3.el7.x86_64 需要
--> 正在检查事务
---> 软件包 container-selinux.noarch.2.2.119.2-1.911c772.el7_8 将被 安装
---> 软件包 containerd.io.x86_64.0.1.4.12-3.1.el7 将被 安装
---> 软件包 docker-ce-cli.x86_64.1.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 docker-scan-plugin(x86-64)，它被软件包 1:docker-ce-cli-20.10.12-3.el7.x86_64 需要
---> 软件包 docker-ce-rootless-extras.x86_64.0.20.10.12-3.el7 将被 安装
--> 正在处理依赖关系 fuse-overlayfs >= 0.7，它被软件包 docker-ce-rootless-extras-20.10.12-3.el7.x86_64 需要
--> 正在处理依赖关系 slirp4netns >= 0.4，它被软件包 docker-ce-rootless-extras-20.10.12-3.el7.x86_64 需要
--> 正在检查事务
---> 软件包 docker-scan-plugin.x86_64.0.0.12.0-3.el7 将被 安装
---> 软件包 fuse-overlayfs.x86_64.0.0.7.2-6.el7_8 将被 安装
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.2)(64bit)，它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
--> 正在处理依赖关系 libfuse3.so.3(FUSE_3.0)(64bit)，它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
--> 正在处理依赖关系 libfuse3.so.3()(64bit)，它被软件包 fuse-overlayfs-0.7.2-6.el7_8.x86_64 需要
---> 软件包 slirp4netns.x86_64.0.0.4.3-4.el7_8 将被 安装
--> 正在检查事务
---> 软件包 fuse3-libs.x86_64.0.3.6.1-4.el7 将被 安装
--> 解决依赖关系完成

依赖关系解决

=======================================================================================================
 Package                        架构        版本                           源                     大小
=======================================================================================================
正在安装:
 docker-ce                      x86_64      3:20.10.12-3.el7               docker-ce-stable       23 M
为依赖而安装:
 container-selinux              noarch      2:2.119.2-1.911c772.el7_8      extras                 40 k
 containerd.io                  x86_64      1.4.12-3.1.el7                 docker-ce-stable       28 M
 docker-ce-cli                  x86_64      1:20.10.12-3.el7               docker-ce-stable       30 M
 docker-ce-rootless-extras      x86_64      20.10.12-3.el7                 docker-ce-stable      8.0 M
 docker-scan-plugin             x86_64      0.12.0-3.el7                   docker-ce-stable      3.7 M
 fuse-overlayfs                 x86_64      0.7.2-6.el7_8                  extras                 54 k
 fuse3-libs                     x86_64      3.6.1-4.el7                    extras                 82 k
 slirp4netns                    x86_64      0.4.3-4.el7_8                  extras                 81 k

事务概要
=======================================================================================================
安装  1 软件包 (+8 依赖软件包)

总下载量：93 M
安装大小：381 M
Is this ok [y/d/N]: y
Downloading packages:
(1/9): container-selinux-2.119.2-1.911c772.el7_8.noarch.rpm                     |  40 kB  00:00:01     
warning: /var/cache/yum/x86_64/7Server/docker-ce-stable/packages/docker-ce-20.10.12-3.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
docker-ce-20.10.12-3.el7.x86_64.rpm 的公钥尚未安装
(2/9): docker-ce-20.10.12-3.el7.x86_64.rpm                                      |  23 MB  00:00:09     
(3/9): containerd.io-1.4.12-3.1.el7.x86_64.rpm                                  |  28 MB  00:00:11     
(4/9): docker-ce-rootless-extras-20.10.12-3.el7.x86_64.rpm                      | 8.0 MB  00:00:02     
(5/9): docker-scan-plugin-0.12.0-3.el7.x86_64.rpm                               | 3.7 MB  00:00:01     
(6/9): fuse-overlayfs-0.7.2-6.el7_8.x86_64.rpm                                  |  54 kB  00:00:01     
(7/9): fuse3-libs-3.6.1-4.el7.x86_64.rpm                                        |  82 kB  00:00:01     
(8/9): slirp4netns-0.4.3-4.el7_8.x86_64.rpm                                     |  81 kB  00:00:00     
(9/9): docker-ce-cli-20.10.12-3.el7.x86_64.rpm                                  |  30 MB  00:00:08     
-------------------------------------------------------------------------------------------------------
总计                                                                   5.3 MB/s |  93 MB  00:00:17     
从 https://mirrors.aliyun.com/docker-ce/linux/centos/gpg 检索密钥
导入 GPG key 0x621E9F35:
 用户ID     : "Docker Release (CE rpm) "
 指纹       : 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
 来自       : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
是否继续？[y/N]：y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  正在安装    : docker-scan-plugin-0.12.0-3.el7.x86_64                                             1/9 
  正在安装    : 1:docker-ce-cli-20.10.12-3.el7.x86_64                                              2/9 
  正在安装    : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch                                 3/9 
  正在安装    : containerd.io-1.4.12-3.1.el7.x86_64                                                4/9 
  正在安装    : slirp4netns-0.4.3-4.el7_8.x86_64                                                   5/9 
  正在安装    : fuse3-libs-3.6.1-4.el7.x86_64                                                      6/9 
  正在安装    : fuse-overlayfs-0.7.2-6.el7_8.x86_64                                                7/9 
  正在安装    : 3:docker-ce-20.10.12-3.el7.x86_64                                                  8/9 
  正在安装    : docker-ce-rootless-extras-20.10.12-3.el7.x86_64                                    9/9 
  验证中      : fuse3-libs-3.6.1-4.el7.x86_64                                                      1/9 
  验证中      : 1:docker-ce-cli-20.10.12-3.el7.x86_64                                              2/9 
  验证中      : fuse-overlayfs-0.7.2-6.el7_8.x86_64                                                3/9 
  验证中      : docker-scan-plugin-0.12.0-3.el7.x86_64                                             4/9 
  验证中      : slirp4netns-0.4.3-4.el7_8.x86_64                                                   5/9 
  验证中      : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch                                 6/9 
  验证中      : docker-ce-rootless-extras-20.10.12-3.el7.x86_64                                    7/9 
  验证中      : containerd.io-1.4.12-3.1.el7.x86_64                                                8/9 
  验证中      : 3:docker-ce-20.10.12-3.el7.x86_64                                                  9/9 

已安装:
  docker-ce.x86_64 3:20.10.12-3.el7                                                                    

作为依赖被安装:
  container-selinux.noarch 2:2.119.2-1.911c772.el7_8 containerd.io.x86_64 0:1.4.12-3.1.el7            
  docker-ce-cli.x86_64 1:20.10.12-3.el7              docker-ce-rootless-extras.x86_64 0:20.10.12-3.el7
  docker-scan-plugin.x86_64 0:0.12.0-3.el7           fuse-overlayfs.x86_64 0:0.7.2-6.el7_8            
  fuse3-libs.x86_64 0:3.6.1-4.el7                    slirp4netns.x86_64 0:0.4.3-4.el7_8               

完毕！

查看拥有的仓库

[root@localhost yum.repos.d]# yum repolist
已加载插件：langpacks, product-id, search-disabled-repos
源标识                                     源名称                                                  状态
docker-ce-stable/7Server/x86_64            Docker CE Stable - x86_64                               139
extras/x86_64                              CentOS-7Server - Extras - mirrors.aliyun.com            500
repolist: 639

启动并启用docker服务

[root@localhost yum.repos.d]# cd /
[root@localhost /]# systemctl enable --now docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost /]# docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.7.1-docker)
  scan: Docker Scan (Docker Inc., v0.12.0)

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 20.10.12
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc version: v1.0.2-0-g52b36a2
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-957.el7.x86_64
 Operating System: Red Hat Enterprise Linux Server 7.6 (Maipo)
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 1.777GiB
 Name: localhost.localdomain
 ID: MHLI:YK4H:CZR5:OXSG:X7S2:MLR4:QG2I:IF62:B4YV:FX34:WZXX:CEBN
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

成功
查看本地镜像，发现没有东西，搜索yakexi007，看到仓库中有四个镜像，拉取game2048

[root@localhost sysctl.d]# docker images
REPOSITORY   TAG       IMAGE ID   CREATED   SIZE
[root@localhost sysctl.d]# docker search yakexi007
NAME                      DEscriptION   STARS     OFFICIAL   AUTOMATED
yakexi007/game2048                      0                    
yakexi007/mario                         0                    
yakexi007/nginx                         0                    
yakexi007/base-debian10                 0                    
[root@localhost sysctl.d]# cd /
[root@localhost /]# docker pull yakexi007/game2048
Using default tag: latest
latest: Pulling from yakexi007/game2048
534e72e7cedc: Pull complete 
f62e2f6dfeef: Pull complete 
fe7db6293242: Pull complete 
3f120f6a2bf8: Pull complete 
4ba4e6930ea5: Pull complete 
Digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390
Status: Downloaded newer image for yakexi007/game2048:latest
docker.io/yakexi007/game2048:latest
[root@localhost /]# docker images
REPOSITORY           TAG       IMAGE ID       CREATED       SIZE
yakexi007/game2048   latest    19299002fdbe   5 years ago   55.5MB

看到已经成功拉取game2048的镜像
给容器取名为demo，做一个端口映射，加入镜像

[root@localhost /]# docker run -d --name demo -p 80:80 yakexi007/game2048
f0b59eb0e33f6a2775d99ec0c8c4ef7786e7e4a9d718c95593cedf365cdb9477
[root@localhost /]# docker ps
CONTAINER ID   IMAGE                COMMAND                  CREATED         STATUS         PORTS                                        NAMES
f0b59eb0e33f   yakexi007/game2048   "/bin/sh -c 'sed -i …"   9 seconds ago   Up 6 seconds   0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp   demo

看到容器已经成功运行
连接查看

成功
删除，尝试拉取其他的镜像并做映射

[root@localhost /]# docker rm -f demo
demo
[root@localhost /]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost /]# docker search yakexi007
NAME                      DEscriptION   STARS     OFFICIAL   AUTOMATED
yakexi007/game2048                      0                    
yakexi007/mario                         0                    
yakexi007/nginx                         0                    
yakexi007/base-debian10                 0                    
[root@localhost /]# docker pull yakexi007/mario
Using default tag: latest
latest: Pulling from yakexi007/mario
bbe1c4256df3: Pull complete 
911d09728ffd: Pull complete 
615765bc0d9f: Pull complete 
a3ed95caeb02: Pull complete 
d3be476df650: Pull complete 
11b25b5b7583: Pull complete 
Digest: sha256:7758988210dfc2c26d17376171ed8c8e0cb68cb44d9cda06f3382b06304788d9
Status: Downloaded newer image for yakexi007/mario:latest
docker.io/yakexi007/mario:latest
[root@localhost /]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@localhost /]# docker run -d --name demo -p 80:80 yakexi007/mario
7f29cb6e0733b38569b64690d781fef9778362946a542f856e9008fe29fc6471
[root@localhost /]# docker ps
CONTAINER ID   IMAGE             COMMAND                  CREATED         STATUS        PORTS                                         NAMES
7f29cb6e0733   yakexi007/mario   "python3 -m http.ser…"   5 seconds ago   Up 1 second   0.0.0.0:80->80/tcp, :::80->80/tcp, 8080/tcp   demo

刷新一下

也成功了
尝试拉取Nginx

[root@localhost docker]# docker search nginx NAME DEscriptION STARS OFFICIAL AUTOMATED nginx Official build of Nginx. 16018 [OK] jwilder/nginx-proxy Automated Nginx reverse proxy for docker con… 2103 [OK] richarvey/nginx-php-fpm Container running Nginx + PHP-FPM capable of… 820 [OK] jc21/nginx-proxy-manager Docker container for managing Nginx proxy ho… 297 linuxserver/nginx An Nginx container, brought to you by LinuxS… 161 tiangolo/nginx-rtmp Docker image with Nginx using the nginx-rtmp… 148 [OK] jlesage/nginx-proxy-manager Docker container for Nginx Proxy Manager 147 [OK] alfg/nginx-rtmp NGINX, nginx-rtmp-module and FFmpeg from sou… 112 [OK] jasonrivers/nginx-rtmp Docker images to host RTMP streams using NGI… 96 [OK] nginxdemos/hello NGINX webserver that serves a simple page co… 80 [OK] privatebin/nginx-fpm-alpine PrivateBin running on an Nginx, php-fpm & Al… 61 [OK] nginx/nginx-ingress NGINX and NGINX Plus Ingress Controllers fo… 59 nginxinc/nginx-unprivileged Unprivileged NGINX Dockerfiles 56 nginxproxy/nginx-proxy Automated Nginx reverse proxy for docker con… 31 staticfloat/nginx-certbot Opinionated setup for automatic TLS certs lo… 25 [OK] nginx/nginx-prometheus-exporter NGINX Prometheus Exporter for NGINX and NGIN… 22 schmunk42/nginx-redirect A very simple container to redirect HTTP tra… 19 [OK] centos/nginx-112-centos7 Platform for running nginx 1.12 or building … 16 centos/nginx-18-centos7 Platform for running nginx 1.8 or building n… 13 bitwarden/nginx The Bitwarden nginx web server acting as a r… 12 flashspys/nginx-static Super Lightweight Nginx Image 11 [OK] mailu/nginx Mailu nginx frontend 10 [OK] sophos/nginx-vts-exporter Simple server that scrapes Nginx vts stats a… 7 [OK] ansibleplaybookbundle/nginx-apb An APB to deploy NGINX 3 [OK] wodby/nginx Generic nginx 1 [root@localhost docker]# docker pull nginx Using default tag: latest latest: Pulling from library/nginx a2abf6c4d29d: Pull complete f3409a9a9e73: Pull complete 9919a6cbae9c: Pull complete fc1ce43285d7: Pull complete 1f01ab499216: Pull complete 13cfaf79ff6d: Pull complete Digest: sha256:366e9f1ddebdb844044c2fafd13b75271a9f620819370f8971220c2b330a9254 Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest [root@localhost docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b2a7a078aa8f yakexi007/mario "python3 -m http.ser…" 10 minutes ago Up 9 minutes 0.0.0.0:80->8080/tcp, :::80->8080/tcp demo [root@localhost docker]# docker rm -f demo demo [root@localhost docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [root@localhost docker]# docker run -d --name demo -p 80:80 nginx d6cbc86f7b7964ede2d758a0ceb27618931b33b4365132ba8126379db2d88559 [root@localhost docker]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d6cbc86f7b79 nginx "/docker-entrypoint.…" 12 seconds ago Up 9 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp demo [root@localhost docker]# curl localhost Welcome to nginx!

Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

[root@localhost docker]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest f6987c8d6ed5 4 days ago 141MB yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB [root@localhost docker]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d6cbc86f7b79 nginx "/docker-entrypoint.…" 34 minutes ago Up 34 minutes 0.0.0.0:80->80/tcp, :::80->80/tcp demo [root@localhost docker]# docker rm -f demo demo [root@localhost docker]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

拉取busybox

[root@localhost docker]# docker pull busybox
Using default tag: latest
latest: Pulling from library/busybox
3cb635b06aa2: Pull complete 
Digest: sha256:b5cfd4befc119a590ca1a81d6bb0fa1fb19f1fbebd0397f25fae164abe1e8a6a
Status: Downloaded newer image for busybox:latest
docker.io/library/busybox:latest

使用busybox

[root@localhost docker]# docker images
REPOSITORY           TAG       IMAGE ID       CREATED       SIZE
nginx                latest    f6987c8d6ed5   4 days ago    141MB
busybox              latest    ffe9d497c324   2 weeks ago   1.24MB
yakexi007/game2048   latest    19299002fdbe   5 years ago   55.5MB
yakexi007/mario      latest    9a35a9e43e8c   6 years ago   198MB
[root@localhost docker]# docker run -it --name demo busybox
/ # ls
bin   dev   etc   home  proc  root  sys   tmp   usr   var
/ # cd /etc/
/etc # touch file1
/etc # touch file2
/etc # touch file3
/etc # touch file4
/etc # ls
file1        file3        group        hosts        mtab         passwd       shadow
file2        file4        hostname     localtime    network      resolv.conf
新建文件成功
退出
/etc # exit
查看
[root@localhost docker]# docker ps -a
CONTAINER ID   IMAGE     COMMAND   CREATED              STATUS                        PORTS     NAMES
fec55f2c45e8   busybox   "sh"      about a minute ago   Exited (127) 15 seconds ago             demo
[root@localhost docker]# docker start demo
demo
[root@localhost docker]# docker ps 
CONTAINER ID   IMAGE     COMMAND   CREATED         STATUS         PORTS     NAMES
fec55f2c45e8   busybox   "sh"      2 minutes ago   Up 2 seconds             demo
[root@localhost docker]# docker attach demo
/ # ls
bin   dev   etc   home  proc  root  sys   tmp   usr   var
修改内容后退出，修改无效
/ # read escape sequence
[root@localhost docker]# docker ps 
CONTAINER ID   IMAGE     COMMAND   CREATED         STATUS              PORTS     NAMES
fec55f2c45e8   busybox   "sh"      3 minutes ago   Up about a minute             demo

如果想修改有效，可以提交容器到tagv1

[root@localhost docker]# docker commit demo demo:v1
sha256:db428082afdeb0bc8e69d589b4cebb901dcf73ebe07fa55ee7ed6118dda83717
[root@localhost docker]# docker images
REPOSITORY           TAG       IMAGE ID       CREATED         SIZE
demo                 v1        db428082afde   9 seconds ago   1.24MB
nginx                latest    f6987c8d6ed5   4 days ago      141MB
busybox              latest    ffe9d497c324   2 weeks ago     1.24MB
yakexi007/game2048   latest    19299002fdbe   5 years ago     55.5MB
yakexi007/mario      latest    9a35a9e43e8c   6 years ago     198MB
[root@localhost docker]# docker history demo:v1
IMAGE          CREATED          CREATED BY                                      SIZE      COMMENT
db428082afde   34 seconds ago   sh                                              91B       
ffe9d497c324   2 weeks ago      /bin/sh -c #(nop)  CMD ["sh"]                   0B        
      2 weeks ago      /bin/sh -c #(nop) ADD file:e2d2d9591696b1478…   1.24MB    
[root@localhost docker]# docker history busybox:latest
IMAGE          CREATED       CREATED BY                                      SIZE      COMMENT
ffe9d497c324   2 weeks ago   /bin/sh -c #(nop)  CMD ["sh"]                   0B        
      2 weeks ago   /bin/sh -c #(nop) ADD file:e2d2d9591696b1478…   1.24MB    
[root@localhost docker]# docker rmi demo:v1
Untagged: demo:v1
Deleted: sha256:db428082afdeb0bc8e69d589b4cebb901dcf73ebe07fa55ee7ed6118dda83717
Deleted: sha256:346c4e52d157376dc257d40f347cf01543b2c543b3e133fed355ab2934c3ffdd
[root@localhost docker]# docker images
REPOSITORY           TAG       IMAGE ID       CREATED       SIZE
nginx                latest    f6987c8d6ed5   4 days ago    141MB
busybox              latest    ffe9d497c324   2 weeks ago   1.24MB
yakexi007/game2048   latest    19299002fdbe   5 years ago   55.5MB
yakexi007/mario      latest    9a35a9e43e8c   6 years ago   198MB
[root@localhost docker]# docker ps -a
CONTAINER ID   IMAGE     COMMAND   CREATED         STATUS                     PORTS     NAMES
320be8aac198   busybox   "sh"      5 minutes ago   Exited (0) 3 minutes ago             demo
[root@localhost docker]# docker rm -f demo
demo
[root@localhost docker]# docker ps
CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

创建harbor仓库

在github中下载harbor
个人建议首选离线，在线会比较慢
harbor-offline-installer-v2.4.1.tgz
下载后进行解压

[root@localhost ~]# tar zxf harbor-offline-installer-v2.4.1.tgz
[root@localhost ~]# ls
anaconda-ks.cfg                      initial-setup-ks.cfg     openssl11              公共  图片  音乐
harbor                               keepalived-1.2.5         openssl-1.1.1m         模板  文档  桌面
harbor-offline-installer-v2.4.1.tgz  keepalived-1.2.5.tar.gz  openssl-1.1.1m.tar.gz  视频  下载
[root@localhost ~]# cd harbor/
[root@localhost harbor]# ls
common.sh  harbor.v2.4.1.tar.gz  harbor.yml.tmpl  install.sh  LICENSE  prepare
[root@localhost harbor]# mv harbor.yml.tmpl harbor.yml
[root@localhost harbor]# ls
common.sh  harbor.v2.4.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare
[root@localhost harbor]# vim harbor.yml
[root@localhost harbor]# cat harbor.yml 
# Configuration file of Harbor

# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: reg.smy.org                         *修改域名

# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80

# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /           *修改证书位置
  private_key: /           *修改密钥位置

# # Uncomment following will enable tls communication between all harbor components
# internal_tls:
#   # set enabled to true means internal tls is enabled
#   enabled: true
#   # put your cert and key files on dir
#   dir: /etc/harbor/tls/internal

# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433

# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
harbor_admin_password: smy                      *修改harbor登录密码

# Harbor DB configuration
database:
  # The password for the root user of Harbor DB. Change this before any production use.
  password: root123
  # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
  max_idle_conns: 100
  # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
  # Note: the default number of connections is 1024 for postgres of harbor.
  max_open_conns: 900

# The default data volume
data_volume: /data

# Harbor Storage settings by default is using /data dir on local filesystem
# Uncomment storage_service setting If you want to using external storage
# storage_service:
#   # ca_bundle is the path to the custom root ca certificate, which will be injected into the truststore
#   # of registry's and chart repository's containers.  This is usually needed when the user hosts a internal storage with self signed certificate.
#   ca_bundle:

#   # storage backend, default is filesystem, options include filesystem, azure, gcs, s3, swift and oss
#   # for more info about this configuration please refer https://docs.docker.com/registry/configuration/
#   filesystem:
#     maxthreads: 100
#   # set disable to true when you want to disable registry redirect
#   redirect:
#     disabled: false

# Trivy configuration
#
# Trivy DB contains vulnerability information from NVD, Red Hat, and many other upstream vulnerability databases.
# It is downloaded by Trivy from the GitHub release page https://github.com/aquasecurity/trivy-db/releases and cached
# in the local file system. In addition, the database contains the update timestamp so Trivy can detect whether it
# should download a newer version from the Internet or use the cached one. Currently, the database is updated every
# 12 hours and published as a new release to GitHub.
trivy:
  # ignoreUnfixed The flag to display only fixed vulnerabilities
  ignore_unfixed: false
  # skipUpdate The flag to enable or disable Trivy DB downloads from GitHub
  #
  # You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues.
  # If the flag is enabled you have to download the `trivy-offline.tar.gz` archive manually, extract `trivy.db` and
  # `metadata.json` files and mount them in the `/home/scanner/.cache/trivy/db` path.
  skip_update: false
  #
  # insecure The flag to skip verifying registry certificate
  insecure: false
  # github_token The GitHub access token to download Trivy DB
  #
  # Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough
  # for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000
  # requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult
  # https://developer.github.com/v3/#rate-limiting
  #
  # You can create a GitHub token by following the instructions in
  # https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line
  #
  # github_token: xxx

jobservice:
  # Maximum number of job workers in job service
  max_job_workers: 10

notification:
  # Maximum retry count for webhook job
  webhook_job_max_retry: 10

chart:
  # Change the value of absolute_url to enabled can enable absolute url in chart
  absolute_url: disabled

# Log configurations
log:
  # options are debug, info, warning, error, fatal
  level: info
  # configs for logs in local storage
  local:
    # Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.
    rotate_count: 50
    # Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes.
    # If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G
    # are all valid.
    rotate_size: 200M
    # The directory on your host that store log
    location: /var/log/harbor

  # Uncomment following lines to enable external syslog endpoint.
  # external_endpoint:
  #   # protocol used to transmit log to external endpoint, options is tcp or udp
  #   protocol: tcp
  #   # The host of external endpoint
  #   host: localhost
  #   # Port of external endpoint
  #   port: 5140

#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version: 2.4.0

# Uncomment external_database if using external database.
# external_database:
#   harbor:
#     host: harbor_db_host
#     port: harbor_db_port
#     db_name: harbor_db_name
#     username: harbor_db_username
#     password: harbor_db_password
#     ssl_mode: disable
#     max_idle_conns: 2
#     max_open_conns: 0
#   notary_signer:
#     host: notary_signer_db_host
#     port: notary_signer_db_port
#     db_name: notary_signer_db_name
#     username: notary_signer_db_username
#     password: notary_signer_db_password
#     ssl_mode: disable
#   notary_server:
#     host: notary_server_db_host
#     port: notary_server_db_port
#     db_name: notary_server_db_name
#     username: notary_server_db_username
#     password: notary_server_db_password
#     ssl_mode: disable

# Uncomment external_redis if using external Redis server
# external_redis:
#   # support redis, redis+sentinel
#   # host for redis: :
#   # host for redis+sentinel:
#   #  :,:,:
#   host: redis:6379
#   password:
#   # sentinel_master_set must be set to support redis+sentinel
#   #sentinel_master_set:
#   # db_index 0 is for core, it's unchangeable
#   registry_db_index: 1
#   jobservice_db_index: 2
#   chartmuseum_db_index: 3
#   trivy_db_index: 5
#   idle_timeout_seconds: 30

# Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.
# uaa:
#   ca_file: /path/to/ca

# Global proxy
# Config http proxy for components, e.g. http://my.proxy.com:3128
# Components doesn't need to connect to each others via http proxy.
# Remove component from `components` array if want disable proxy
# for it. If you want use proxy for replication, MUST enable proxy
# for core and jobservice, and set `http_proxy` and `https_proxy`.
# Add domain to the `no_proxy` field, when you want disable proxy
# for some special registry.
proxy:
  http_proxy:
  https_proxy:
  no_proxy:
  components:
    - core
    - jobservice
    - trivy

# metric:
#   enabled: false
#   port: 9090
#   path: /metrics

# Trace related config
# only can enable one trace provider(jaeger or otel) at the same time,
# and when using jaeger as provider, can only enable it with agent mode or collector mode.
# if using jaeger collector mode, uncomment endpoint and uncomment username, password if needed
# if using jaeger agetn mode uncomment agent_host and agent_port
# trace:
#   enabled: true
#   # set sample_rate to 1 if you wanna sampling 100% of trace data; set 0.5 if you wanna sampling 50% of trace data, and so forth
#   sample_rate: 1
#   # # namespace used to differenciate different harbor services
#   # namespace:
#   # # attributes is a key value dict contains user defined attributes used to initialize trace provider
#   # attributes:
#   #   application: harbor
#   # # jaeger should be 1.26 or newer.
#   # jaeger:
#   #   endpoint: http://hostname:14268/api/traces
#   #   username:
#   #   password:
#   #   agent_host: hostname
#   #   # export trace data by jaeger.thrift in compact mode
#   #   agent_port: 6831
#   # otel:
#   #   endpoint: hostname:4318
#   #   url_path: /v1/traces
#   #   compression: false
#   #   insecure: true
#   #   timeout: 10s

修改完成后保存退出

下载并安装openssl11

看到需要有证书和密钥，下载openssl
我下载的是openssl-1.1.1m.tar.gz
解压

[root@localhost ~]# ls
anaconda-ks.cfg  initial-setup-ks.cfg  openssl11  公共  图片  音乐  harbor  keepalived-1.2.5  模板  文档  桌面  harbor-offline-installer-v2.4.1.tgz  keepalived-1.2.5.tar.gz  openssl-1.1.1m.tar.gz  视频  下载
[root@localhost ~]# tar -xzf openssl-1.0.2f.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg   initial-setup-ks.cfg    openssl11    公共  图片  音乐
harbor    keepalived-1.2.5    openssl-1.1.1m    模板  文档  桌面
harbor-offline-installer-v2.4.1.tgz  keepalived-1.2.5.tar.gz  openssl-1.1.1m.tar.gz  视频  下载

安装

[root@localhost openssl11]# yum list openssl11
已加载插件：langpacks, product-id, search-disabled-repos
已安装的软件包
openssl11.x86_64                                  1:1.1.1k-2.el7                                  @epel
[root@localhost openssl11]# mkdir /data
[root@localhost openssl11]# ls
bin  include  lib  share  ssl
[root@localhost openssl11]# cd /data/
[root@localhost data]# ls
[root@localhost data]# mkdir certs
[root@localhost data]# ls
certs
[root@localhost data]# openssl11 req -newkey rsa:4096 -nodes -sha256 -keyout certs/smy.org.key -addext "subjectAltName = DNS:reg.smy.org" -x509 -days 365 -out certs/smy.org.crt
Can't load /root/.rnd into RNG
140587046758208:error:2406F079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:98:Filename=/root/.rnd
Generating a RSA private key
.......................................................................++++
...........................................................++++
writing new private key to 'certs/smy.org.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:cn
State or Province Name (full name) []:henan
Locality Name (eg, city) [Default City]:xinxiang                       
Organization Name (eg, company) [Default Company Ltd]:smy
Organizational Unit Name (eg, section) []:linux
Common Name (eg, your name or your server's hostname) []:reg.smy.org
Email Address []:root@smy.org
[root@localhost data]# ls certs/
smy.org.crt  smy.org.key

已经生成证书和密钥，根据生成的路径编辑harbor.yml文件刚才*的证书和密钥路径
在hosts中映射域名

[root@localhost harbor]# vim harbor.yml 
[root@localhost harbor]# ll /data/certs/smy.org.crt 
-rw-r--r--. 1 root root 2134 12月 26 14:14 /data/certs/smy.org.crt
[root@localhost harbor]# ll /data/certs/smy.org.key 
-rw-------. 1 root root 3272 12月 26 14:12 /data/certs/smy.org.key
[root@localhost harbor]# vim /etc/hosts
[root@localhost harbor]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.229      localhost  reg.smy.org
[root@localhost harbor]# ping reg.smy.org
PING localhost (192.168.1.229) 56(84) bytes of data.
64 bytes from localhost (192.168.1.229): icmp_seq=1 ttl=64 time=11.7 ms
64 bytes from localhost (192.168.1.229): icmp_seq=2 ttl=64 time=0.083 ms
^C
--- localhost ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.083/5.930/11.777/5.847 ms

看到域名可用
开始安装！

[root@localhost harbor]# ./install.sh 

[Step 0]: checking if docker is installed ...

Note: docker version: 20.10.12

[Step 1]: checking docker-compose is installed ...
✖ Need to install docker-compose(1.18.0+) by yourself first and run this script again.
安装docker-compose
[root@localhost harbor]# ls
common.sh  harbor.v2.4.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare

发现报错，未安装docker-compose
下载一个docker-compose
我选择下载docker-compose-linux-x86_64
将下载的docker-compose移动到/usr/local/bin/docker-compose下，并赋予可执行权限

[root@localhost ~]# mv docker-compose-linux-x86_64 /usr/local/bin/docker-compose
[root@localhost ~]# chmod +x /usr/local/bin/docker-compose

此时回到harbor目录进行安装

[root@localhost ~]# cd
[root@localhost ~]# cd harbor/
[root@localhost harbor]# ./install.sh 

[Step 0]: checking if docker is installed ...

Note: docker version: 20.10.12

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 2.2.2

[Step 2]: loading Harbor images ...
1e3f0dc884e2: Loading layer  39.45MB/39.45MB
3fd9ccd5eeaa: Loading layer  5.275MB/5.275MB
c600bceee2f7: Loading layer  4.096kB/4.096kB
724cd8711815: Loading layer  3.072kB/3.072kB
d7c82a981c89: Loading layer  17.32MB/17.32MB
a814341c2c44: Loading layer  18.12MB/18.12MB
Loaded image: goharbor/registry-photon:v2.4.1
b00595b6932d: Loading layer   5.27MB/5.27MB
e34892d856ce: Loading layer  5.928MB/5.928MB
ac5a22c6047d: Loading layer  14.47MB/14.47MB
3d1ac12eb215: Loading layer  29.29MB/29.29MB
394b4b2ea0fa: Loading layer  22.02kB/22.02kB
bb0deb7416e0: Loading layer  14.47MB/14.47MB
Loaded image: goharbor/notary-signer-photon:v2.4.1
c3b02aec560c: Loading layer  8.422MB/8.422MB
4d5b3acd128e: Loading layer  3.584kB/3.584kB
7afbf44c3706: Loading layer   2.56kB/2.56kB
31f95ac6eb9a: Loading layer  75.59MB/75.59MB
8981a12f5c17: Loading layer  5.632kB/5.632kB
16eb0821dcc3: Loading layer  96.26kB/96.26kB
b19eba29a0de: Loading layer  11.78kB/11.78kB
f0785d2e9965: Loading layer  76.49MB/76.49MB
26ce29b9d7ab: Loading layer   2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.4.1
59e3814aa5f1: Loading layer  119.8MB/119.8MB
1e99e9cd580e: Loading layer  3.072kB/3.072kB
2bab205001c7: Loading layer   59.9kB/59.9kB
c51450af480c: Loading layer  61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.4.1
3636ff090145: Loading layer  8.421MB/8.421MB
fa3d57c372c8: Loading layer  3.584kB/3.584kB
a2c97825dcbf: Loading layer   2.56kB/2.56kB
366b1363b528: Loading layer  86.95MB/86.95MB
3d2fd6d13a0f: Loading layer  87.74MB/87.74MB
Loaded image: goharbor/harbor-jobservice:v2.4.1
8f71cf8bc1c6: Loading layer  5.275MB/5.275MB
5cb3457d8e25: Loading layer  4.096kB/4.096kB
02c18fad9dc6: Loading layer  17.32MB/17.32MB
7bbcea1ec44e: Loading layer  3.072kB/3.072kB
f2842e1ada70: Loading layer  28.69MB/28.69MB
4665575c3f9e: Loading layer  46.81MB/46.81MB
Loaded image: goharbor/harbor-registryctl:v2.4.1
439595cfbbc0: Loading layer  7.192MB/7.192MB
Loaded image: goharbor/nginx-photon:v2.4.1
a19de03ace6b: Loading layer   5.27MB/5.27MB
35bbd4cf35b6: Loading layer  5.928MB/5.928MB
88f852ebd746: Loading layer  15.88MB/15.88MB
e3c0db81a28c: Loading layer  29.29MB/29.29MB
f74e521b7a55: Loading layer  22.02kB/22.02kB
7d97a705f439: Loading layer  15.88MB/15.88MB
Loaded image: goharbor/notary-server-photon:v2.4.1
1e6473070b18: Loading layer    124MB/124MB
f05c1a477d2d: Loading layer  3.584kB/3.584kB
bcab3e00aa98: Loading layer  3.072kB/3.072kB
970d569f474a: Loading layer   2.56kB/2.56kB
c659c9812277: Loading layer  3.072kB/3.072kB
9d401ff8bf07: Loading layer  3.584kB/3.584kB
968dfed00d2e: Loading layer  19.97kB/19.97kB
Loaded image: goharbor/harbor-log:v2.4.1
b64000a1cd2c: Loading layer  1.097MB/1.097MB
e3fb7ac15701: Loading layer  5.889MB/5.889MB
d6e7f8008582: Loading layer  165.9MB/165.9MB
eff0812a8c6f: Loading layer  15.07MB/15.07MB
91a6abd7a540: Loading layer  4.096kB/4.096kB
47e875926154: Loading layer  6.144kB/6.144kB
04876e025d4a: Loading layer  3.072kB/3.072kB
b817a88114e6: Loading layer  2.048kB/2.048kB
e5fb37021dff: Loading layer   2.56kB/2.56kB
767486d5c318: Loading layer   2.56kB/2.56kB
b92f2b842b46: Loading layer   2.56kB/2.56kB
e90e3a7ea4e9: Loading layer  8.704kB/8.704kB
Loaded image: goharbor/harbor-db:v2.4.1
daf3d38cddc8: Loading layer  8.422MB/8.422MB
8013b2cbc0b9: Loading layer  18.13MB/18.13MB
4445f5ea7083: Loading layer  4.608kB/4.608kB
32e035f0af8e: Loading layer  18.93MB/18.93MB
Loaded image: goharbor/harbor-exporter:v2.4.1
0ad72e88d766: Loading layer   8.54MB/8.54MB
fe195f48d47b: Loading layer  4.096kB/4.096kB
71f2671db231: Loading layer  3.072kB/3.072kB
ddda0b4a8eae: Loading layer  39.27MB/39.27MB
c3fe76027866: Loading layer  12.37MB/12.37MB
d82a7403c39a: Loading layer  52.43MB/52.43MB
Loaded image: goharbor/trivy-adapter-photon:v2.4.1
03e449493f09: Loading layer  5.275MB/5.275MB
4f4a25c7cc0d: Loading layer   64.5MB/64.5MB
77a37df05436: Loading layer  3.072kB/3.072kB
47c58e48962d: Loading layer  4.096kB/4.096kB
5dd56c28f3fc: Loading layer  65.29MB/65.29MB-1.
Loaded image: goharbor/chartmuseum-photon:v2.4.1
8b7cbddd8918: Loading layer  165.6MB/165.6MB
b8157b6f7cb8: Loading layer   57.6MB/57.6MB
4a53b9a92b30: Loading layer   2.56kB/2.56kB
59184fc56c3c: Loading layer  1.536kB/1.536kB
99431fe2c10f: Loading layer  12.29kB/12.29kB
3735b7f4881f: Loading layer   2.62MB/2.62MB
bcff3633b236: Loading layer  325.6kB/325.6kB
Loaded image: goharbor/prepare:v2.4.1
eb57d0945b2e: Loading layer  7.192MB/7.192MB
dd9069fd53a8: Loading layer  7.355MB/7.355MB
e779dab1d180: Loading layer  1.754MB/1.754MB
Loaded image: goharbor/harbor-portal:v2.4.1


[Step 3]: preparing environment ...

[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING: IPv4 forwarding is disabled. Networking will not work.
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir



[Step 5]: starting Harbor ...
[+] Running 10/10
 ⠿ Network harbor_harbor        Created                                                           7.8s
 ⠿ Container harbor-log         Started                                                           2.8s
 ⠿ Container registry           Started                                                          15.3s
 ⠿ Container harbor-portal      Started                                                          22.8s
 ⠿ Container redis              Started                                                          22.8s
 ⠿ Container registryctl        Started                                                          22.5s
 ⠿ Container harbor-db          Started                                                          13.9s
 ⠿ Container harbor-core        Started                                                          24.1s
 ⠿ Container harbor-jobservice  Started                                                          50.6s
 ⠿ Container nginx              Started                                                          52.2s
✔ ----Harbor has been installed and started successfully.----

成功
查看

[root@localhost harbor]# docker ps
CONTAINER ID   IMAGE                                COMMAND                  CREATED         STATUS                   PORTS                                                                            NAMES
c6750a87a689   goharbor/harbor-jobservice:v2.4.1    "/harbor/entrypoint.…"   3 minutes ago   Up 2 minutes (healthy)                                                                                    harbor-jobservice
968d2e9a245f   goharbor/nginx-photon:v2.4.1         "nginx -g 'daemon of…"   3 minutes ago   Up 2 minutes (healthy)   0.0.0.0:80->8080/tcp, :::80->8080/tcp, 0.0.0.0:443->8443/tcp, :::443->8443/tcp   nginx
afee09a11ef7   goharbor/harbor-core:v2.4.1          "/harbor/entrypoint.…"   3 minutes ago   Up 2 minutes (healthy)                                                                                    harbor-core
3c28bacb604c   goharbor/harbor-registryctl:v2.4.1   "/home/harbor/start.…"   3 minutes ago   Up 2 minutes (healthy)                                                                                    registryctl
723744c9affa   goharbor/redis-photon:v2.4.1         "redis-server /etc/r…"   3 minutes ago   Up 2 minutes (healthy)                                                                                    redis
caba75f40589   goharbor/registry-photon:v2.4.1      "/home/harbor/entryp…"   3 minutes ago   Up 3 minutes (healthy)                                                                                    registry
3a58ddb2bbdd   goharbor/harbor-portal:v2.4.1        "nginx -g 'daemon of…"   3 minutes ago   Up 2 minutes (healthy)                                                                                    harbor-portal
66d02cb675b0   goharbor/harbor-db:v2.4.1            "/docker-entrypoint.…"   3 minutes ago   Up 3 minutes (healthy)                                                                                    harbor-db
c4b2207875dd   goharbor/harbor-log:v2.4.1           "/bin/sh -c /usr/loc…"   3 minutes ago   Up 3 minutes (healthy)   127.0.0.1:1514->10514/tcp                                                        harbor-log
[root@localhost harbor]# docker-compose ps
NAME                COMMAND                  SERVICE             STATUS              PORTS
harbor-core         "/harbor/entrypoint.…"   core                running (healthy)   
harbor-db           "/docker-entrypoint.…"   postgresql          running (healthy)   
harbor-jobservice   "/harbor/entrypoint.…"   jobservice          running (healthy)   
harbor-log          "/bin/sh -c /usr/loc…"   log                 running (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       "nginx -g 'daemon of…"   portal              running (healthy)   
nginx               "nginx -g 'daemon of…"   proxy               running (healthy)   0.0.0.0:80->8080/tcp, 0.0.0.0:443->8443/tcp, :::80->8080/tcp, :::443->8443/tcp
redis               "redis-server /etc/r…"   redis               running (healthy)   
registry            "/home/harbor/entryp…"   registry            running (healthy)   
registryctl         "/home/harbor/start.…"   registryctl         running (healthy)   
[root@localhost harbor]# 
[root@localhost harbor]# ls
common  common.sh  docker-compose.yml  harbor.v2.4.1.tar.gz  harbor.yml  install.sh  LICENSE  prepare
[root@localhost harbor]# cd
[root@localhost ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED       SIZE
nginx                           latest    f6987c8d6ed5   5 days ago    141MB
goharbor/harbor-exporter        v2.4.1    0ee361b5454a   10 days ago   82.7MB
goharbor/chartmuseum-photon     v2.4.1    337a9d03b197   10 days ago   174MB
goharbor/redis-photon           v2.4.1    2bbe19b8cc5d   10 days ago   156MB
goharbor/trivy-adapter-photon   v2.4.1    d39fd42c93f0   10 days ago   151MB
goharbor/notary-server-photon   v2.4.1    e75c68b6638b   10 days ago   111MB
goharbor/notary-signer-photon   v2.4.1    17a627caf6dd   10 days ago   108MB
goharbor/harbor-registryctl     v2.4.1    bff3d2665456   10 days ago   137MB
goharbor/registry-photon        v2.4.1    b46e45c49d6f   10 days ago   79.2MB
goharbor/nginx-photon           v2.4.1    78aad8c8ef41   10 days ago   45.7MB
goharbor/harbor-log             v2.4.1    c86562daee64   10 days ago   160MB
goharbor/harbor-jobservice      v2.4.1    d8baceb5f1f6   10 days ago   220MB
goharbor/harbor-core            v2.4.1    80a4e3e60403   10 days ago   198MB
goharbor/harbor-portal          v2.4.1    1c9ed1cc3cb9   10 days ago   54.7MB
goharbor/harbor-db              v2.4.1    417d0a840247   10 days ago   222MB
goharbor/prepare                v2.4.1    e9158d34970b   10 days ago   257MB
busybox                         latest    ffe9d497c324   2 weeks ago   1.24MB
yakexi007/game2048              latest    19299002fdbe   5 years ago   55.5MB
yakexi007/mario                 latest    9a35a9e43e8c   6 years ago   198MB
[root@localhost ~]# docker tag nginx:latest reg.smy.org/library/nginx:latest
[root@localhost ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED       SIZE
nginx                           latest    f6987c8d6ed5   5 days ago    141MB
reg.smy.org/library/nginx       latest    f6987c8d6ed5   5 days ago    141MB
goharbor/harbor-exporter        v2.4.1    0ee361b5454a   10 days ago   82.7MB
goharbor/chartmuseum-photon     v2.4.1    337a9d03b197   10 days ago   174MB
goharbor/redis-photon           v2.4.1    2bbe19b8cc5d   10 days ago   156MB
goharbor/trivy-adapter-photon   v2.4.1    d39fd42c93f0   10 days ago   151MB
goharbor/notary-server-photon   v2.4.1    e75c68b6638b   10 days ago   111MB
goharbor/notary-signer-photon   v2.4.1    17a627caf6dd   10 days ago   108MB
goharbor/harbor-registryctl     v2.4.1    bff3d2665456   10 days ago   137MB
goharbor/registry-photon        v2.4.1    b46e45c49d6f   10 days ago   79.2MB
goharbor/nginx-photon           v2.4.1    78aad8c8ef41   10 days ago   45.7MB
goharbor/harbor-log             v2.4.1    c86562daee64   10 days ago   160MB
goharbor/harbor-jobservice      v2.4.1    d8baceb5f1f6   10 days ago   220MB
goharbor/harbor-core            v2.4.1    80a4e3e60403   10 days ago   198MB
goharbor/harbor-portal          v2.4.1    1c9ed1cc3cb9   10 days ago   54.7MB
goharbor/harbor-db              v2.4.1    417d0a840247   10 days ago   222MB
goharbor/prepare                v2.4.1    e9158d34970b   10 days ago   257MB
busybox                         latest    ffe9d497c324   2 weeks ago   1.24MB
yakexi007/game2048              latest    19299002fdbe   5 years ago   55.5MB
yakexi007/mario                 latest    9a35a9e43e8c   6 years ago   198MB

全部启动，非常奈斯，部署完成

使用

在目录reg.smy.org/library/下创建Nginx
[root@localhost ~]# docker tag nginx:latest reg.smy.org/library/nginx:latest
看到新增一个以reg.smy.org开头的，这就是刚才新建的Nginx
[root@localhost ~]# docker images
REPOSITORY                      TAG       IMAGE ID       CREATED       SIZE
nginx                           latest    f6987c8d6ed5   5 days ago    141MB
reg.smy.org/library/nginx       latest    f6987c8d6ed5   5 days ago    141MB
goharbor/harbor-exporter        v2.4.1    0ee361b5454a   10 days ago   82.7MB
goharbor/chartmuseum-photon     v2.4.1    337a9d03b197   10 days ago   174MB
goharbor/redis-photon           v2.4.1    2bbe19b8cc5d   10 days ago   156MB
goharbor/trivy-adapter-photon   v2.4.1    d39fd42c93f0   10 days ago   151MB
goharbor/notary-server-photon   v2.4.1    e75c68b6638b   10 days ago   111MB
goharbor/notary-signer-photon   v2.4.1    17a627caf6dd   10 days ago   108MB
goharbor/harbor-registryctl     v2.4.1    bff3d2665456   10 days ago   137MB
goharbor/registry-photon        v2.4.1    b46e45c49d6f   10 days ago   79.2MB
goharbor/nginx-photon           v2.4.1    78aad8c8ef41   10 days ago   45.7MB
goharbor/harbor-log             v2.4.1    c86562daee64   10 days ago   160MB
goharbor/harbor-jobservice      v2.4.1    d8baceb5f1f6   10 days ago   220MB
goharbor/harbor-core            v2.4.1    80a4e3e60403   10 days ago   198MB
goharbor/harbor-portal          v2.4.1    1c9ed1cc3cb9   10 days ago   54.7MB
goharbor/harbor-db              v2.4.1    417d0a840247   10 days ago   222MB
goharbor/prepare                v2.4.1    e9158d34970b   10 days ago   257MB
busybox                         latest    ffe9d497c324   2 weeks ago   1.24MB
yakexi007/game2048              latest    19299002fdbe   5 years ago   55.5MB
yakexi007/mario                 latest    9a35a9e43e8c   6 years ago   198MB
尝试拉取新建的Nginx
[root@localhost ~]# docker push reg.smy.org/library/nginx:latest 
The push refers to repository [reg.smy.org/library/nginx]
Get "https://reg.smy.org/v2/": x509: certificate signed by unknown authority
失败，并且提醒缺少证书
[root@localhost ~]# cd /data/
[root@localhost data]# cd /data/certs/
[root@localhost certs]# ls
smy.org.crt  smy.org.key
[root@localhost certs]# cd /etc/docker/
[root@localhost docker]# ls
certs.d  key.json
[root@localhost docker]# cd certs.d/
[root@localhost certs.d]# pwd
/etc/docker/certs.d
[root@localhost certs.d]# ls
access.redhat.com  cdn.redhat.com  registry.access.redhat.com  registry.redhat.io
[root@localhost certs.d]# mkdir reg.smy.org
[root@localhost certs.d]# ls
access.redhat.com  cdn.redhat.com  registry.access.redhat.com  registry.redhat.io  reg.smy.org
[root@localhost certs.d]# cd reg.smy.org/
[root@localhost reg.smy.org]# ls
将生成的证书复制过来，并改名为ca.crt
[root@localhost reg.smy.org]# cp /data/certs/smy.org.crt ca.crt
[root@localhost reg.smy.org]# ls
ca.crt
[root@localhost reg.smy.org]# pwd
/etc/docker/certs.d/reg.smy.org
继续尝试拉取Nginx
[root@localhost reg.smy.org]# docker push reg.smy.org/library/nginx:latest 
The push refers to repository [reg.smy.org/library/nginx]
51a4ac025eb4: Preparing 
4ded77d16e76: Preparing 
32359d2cd6cd: Preparing 
4270b63061e5: Preparing 
5f5f780b24de: Preparing 
2edcec3590a4: Waiting 
unauthorized: unauthorized to access repository: library/nginx, action: push: unauthorized to access repository: library/nginx, action: push
报错，提醒未授权
[root@localhost reg.smy.org]# docker login reg.smy.org
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded
又一次尝试拉取
[root@localhost reg.smy.org]# docker push reg.smy.org/library/nginx:latest 
The push refers to repository [reg.smy.org/library/nginx]
51a4ac025eb4: Pushed 
4ded77d16e76: Pushed 
32359d2cd6cd: Pushed 
4270b63061e5: Pushed 
5f5f780b24de: Pushed 
2edcec3590a4: Pushed 
latest: digest: sha256:2e87d9ff130deb0c2d63600390c3f2370e71e71841573990d54579bc35046203 size: 1570

终于成功了！
同理，再创建一个game2048
[root@localhost reg.smy.org]# cd
[root@localhost ~]# docker tag yakexi007/game2048:latest reg.smy.org/library/game2048:latest
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest f6987c8d6ed5 5 days ago 141MB
reg.smy.org/library/nginx latest f6987c8d6ed5 5 days ago 141MB
goharbor/harbor-exporter v2.4.1 0ee361b5454a 10 days ago 82.7MB
goharbor/chartmuseum-photon v2.4.1 337a9d03b197 10 days ago 174MB
goharbor/redis-photon v2.4.1 2bbe19b8cc5d 10 days ago 156MB
goharbor/trivy-adapter-photon v2.4.1 d39fd42c93f0 10 days ago 151MB
goharbor/notary-server-photon v2.4.1 e75c68b6638b 10 days ago 111MB
goharbor/notary-signer-photon v2.4.1 17a627caf6dd 10 days ago 108MB
goharbor/harbor-registryctl v2.4.1 bff3d2665456 10 days ago 137MB
goharbor/registry-photon v2.4.1 b46e45c49d6f 10 days ago 79.2MB
goharbor/nginx-photon v2.4.1 78aad8c8ef41 10 days ago 45.7MB
goharbor/harbor-log v2.4.1 c86562daee64 10 days ago 160MB
goharbor/harbor-jobservice v2.4.1 d8baceb5f1f6 10 days ago 220MB
goharbor/harbor-core v2.4.1 80a4e3e60403 10 days ago 198MB
goharbor/harbor-portal v2.4.1 1c9ed1cc3cb9 10 days ago 54.7MB
goharbor/harbor-db v2.4.1 417d0a840247 10 days ago 222MB
goharbor/prepare v2.4.1 e9158d34970b 10 days ago 257MB
busybox latest ffe9d497c324 2 weeks ago 1.24MB
yakexi007/game2048 latest 19299002fdbe 5 years ago 55.5MB
reg.smy.org/library/game2048 latest 19299002fdbe 5 years ago 55.5MB
yakexi007/mario latest 9a35a9e43e8c 6 years ago 198MB
[root@localhost ~]# docker push reg.smy.org/library/game2048:latest
The push refers to repository [reg.smy.org/library/game2048]
88fca8ae768a: Pushed
6d7504772167: Pushed
192e9fad2abc: Pushed
36e9226e74f8: Pushed
011b303988d2: Pushed
latest: digest: sha256:8a34fb9cb168c420604b6e5d32ca6d412cb0d533a826b313b190535c03fe9390 size: 1364
拉取成功，快乐又回来啦！
顺便看一下图形界面吧
登录界面

主界面

查看我的仓库

创建的两个都有

从零开始搭建harbor私有仓库

Linux相关栏目本月热门文章