Private mirror warehouses have many advantages
1) Save network bandwidth, do not download from the central warehouse by everyone for each mirror, just download from the private warehouse;
2) Provide mirroring resources for internal use and push them to local private warehouses for internal use.
VMware has an open source enterprise Registry project, Harbor, whose goal is to help users quickly build an enterprise Docker registry service.
Huawei Cloud purchases cloud hosts in the following preparation environments
Host Name, IP Address, Role
Harbor Private Mirror Warehouse
Docker 192.168.1.68 Docker Host
- Distributing packages for experiments
Dokcer Compose is a tool for defining and running multi-container Docker applications.
Each component of Harbor is built as a Docker container, so it is deployed using Docker Compose.
Deploy a private mirror warehouse harbor
Copy harbor software from jump-server host to 1.100 host
[root@jump-server ~]# scp -r /root/project3/harbor 192.168.1.100:/root/
harbor host on route forwarding
[root@harbor ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@harbor ~]# sysctl -p
The harbor host installs the docker service and starts it
[root@harbor ~]# cd /root/harbor/ [root@harbor harbor]# yum -y install docker-ce-18.06.3.ce-3.el7.x86_64.rpm [root@harbor harbor]# systemctl start docker [root@harbor harbor]# systemctl enable docker
deploy harbor [root@harborharbor]# mv docker-compose /usr/local/bin/ [root@harborharbor]# chmod +x /usr/local/bin/docker-compose [root@harborharbor]# tar -xf harbor-offline-installer-v2.2.3.tgz -C /usr/local/ [root@harborharbor]# cd /usr/local/harbor [root@harbor harbor]# ls common.sh harbor.yml.tmpl LICENSE harbor.v2.2.3.tar.gz install.sh prepare
4) Modify the configuration file
#Copy harbor profile
[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml #Change the address of the harbor management interface to the local IP address [root@harbor harbor]# vim harbor.yml 5 hostname = 192.168.1.100 #Add a comment or you will need a certificate 13 #https: #Add a comment 14 # https port for harbor, default is 443 15 #port: 443#Add a comment 16 # The path of cert and key files for nginx 17 #certificate: /your/certificate/path #Add a comment 18 #private_key: /your/private/key/path #Add a comment
Install harbor
[root@harbor harbor]# ./install.sh
.......
✔ ----Harbor has been installed and started successfully.----
[root@harbor harbor]# ss -antpu | grep 80
tcp LISTEN 0 1024 [::]:80 [::]:* users:
(("docker-proxy",pid=15459,fd=4))1. Set up listeners and add back-end servers. No purchase required
[Server List] - > [Elastic Load Balancing ELB] - > [Custom ELB Name] - > [Listener] - > [Add Listener].
Purchase a new public network IP address to bind to this load balancer
2. Access the Harbor interface (http://public IP address: 80)
User name: admin password: Harbor12345 (password in profile)
Deploy a Docker host to test uploads and downloads.
Install docker software
Docker Registry interacts with https by default, whereas the private repository built here only provides http services, so when interacting with the private repository it will
Error reported above. To solve this problem, you need to add a boot parameter when starting docke to use http access by default. This is docker configuration on the client
Add to the location file (i.e. client that uploads the image to or downloads the image from the private repository)
harbor host copies docker package to docker host
[root@harbor harbor]# cd /root/harbor/ [root@harbor harbor]# scp docker-ce-18.06.3.ce-3.el7.x86_64.rpm 192.168.1.68:/root/
Docker host installs docker package, changes configuration file
[root@docker ~]# yum -y install docker-ce-18.06.3.ce-3.el7.x86_64.rpm [root@docker ~]# vim /usr/lib/systemd/system/docker.service 12 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.100:80 [root@docker ~]# systemctl daemon-reload && systemctl enable docker && systemctl start docker
Test login to the Harbor mirror repository.
[root@docker ~]# docker login http://192.168.1.100:80 Username: admin Password: Harbor12345 ....... Login Succeeded
#Password information is stored in/root/.docker/config.json
Note: If you do not add--insecure-registry 192.168.1.100:80, the following error will be reported at login.
Error response from daemon: Get https://192.168.1.100:80/v2/: http: server gave HTTP response to
HTTPS client solution: Add parameters and restart the service.
Upload mirror to private repository harbor Host Upload busybox Mirror to docker Host [root@harbor docker]# cd /root/harbor/ [root@harbor harbor]# scp busybox.tar 192.168.1.68:/root/ [Click and drag to move] #docker host import mirror [root@docker ~]# docker load -i busybox.tar [root@docker ~]# docker images [Click and drag to move] #View system mirrors [root@docker ~]# docker tag busybox:latest 192.168.1.100:80/library/busybox:latest #Change label [root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.1.67:8099/library/busybox latest be5888e67be6 2 months ago 1.22MB busybox latest be5888e67be6 2 months ago 1.22MB [Click and drag to move] #Push Mirror to Private Warehouse [root@docker ~]# docker push 192.168.1.100:80/library/busybox:latest The push refers to repository 192.168.1.100:80/library/busybox] 5b0d2d635df8: Pushed latest: digest: sha256:a2490cec4484ee6c1068ba3a05f89934010c85242f736280b35343483b2264b6 size: 527
View the image file you just uploaded in the interface.
You can see the number of mirrored warehouses is 1. Click on the project name to view the mirrored files under the project
Click in to see the uploaded image
Delete the existing mirror files in the system and download the images from the private mirror repository
[root@docker ~]# docker rmi 192.168.1.100:80/library/busybox:latest [root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE busybox latest be5888e67be6 2 months ago 1.22MB Download Mirror [root@docker ~]# docker pull 192.168.1.100:80/library/busybox:latest [root@docker ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE 192.168.1.67:8099/library/busybox latest be5888e67be6 2 months ago 1.22MB busybox latest be5888e67be6 2 months ago 1.22MB
Click on the left navigation bar to see the log information
If harbor stops, you can start it with the following command
[root@harbor ~]# cd /usr/local/harbor/ [root@harbor harbor]# docker-compose up -d