Deploy an Enterprise Private Mirror Warehouse Harbor

Private mirror warehouses have many advantages
1) Save network bandwidth, do not download from the central warehouse by everyone for each mirror, just download from the private warehouse;
2) Provide mirroring resources for internal use and push them to local private warehouses for internal use.
VMware has an open source enterprise Registry project, Harbor, whose goal is to help users quickly build an enterprise Docker registry service.

Huawei Cloud purchases cloud hosts in the following preparation environments
Host Name, IP Address, Role
Harbor Private Mirror Warehouse
Docker Docker Host

  • Distributing packages for experiments

Dokcer Compose is a tool for defining and running multi-container Docker applications.
Each component of Harbor is built as a Docker container, so it is deployed using Docker Compose.

Deploy a private mirror warehouse harbor

Copy harbor software from jump-server host to 1.100 host

[root@jump-server ~]# scp -r /root/project3/harbor

harbor host on route forwarding

[root@harbor ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
[root@harbor ~]# sysctl -p

The harbor host installs the docker service and starts it

[root@harbor ~]# cd /root/harbor/
[root@harbor harbor]# yum -y install docker-ce-18.06.3.ce-3.el7.x86_64.rpm
[root@harbor harbor]# systemctl start docker
[root@harbor harbor]# systemctl enable docker
deploy harbor
[root@harborharbor]# mv docker-compose /usr/local/bin/
[root@harborharbor]# chmod +x /usr/local/bin/docker-compose
[root@harborharbor]# tar -xf harbor-offline-installer-v2.2.3.tgz -C /usr/local/
[root@harborharbor]# cd /usr/local/harbor
[root@harbor harbor]# ls   harbor.yml.tmpl LICENSE  harbor.v2.2.3.tar.gz  prepare

4) Modify the configuration file
#Copy harbor profile

[root@harbor harbor]# cp harbor.yml.tmpl harbor.yml
#Change the address of the harbor management interface to the local IP address
[root@harbor harbor]# vim harbor.yml
5 hostname =
#Add a comment or you will need a certificate
13 #https:  #Add a comment
14 # https port for harbor, default is 443
15 #port: 443#Add a comment
16 # The path of cert and key files for nginx
17 #certificate: /your/certificate/path #Add a comment
18 #private_key: /your/private/key/path #Add a comment

Install harbor

[root@harbor harbor]# ./
✔ ----Harbor has been installed and started successfully.----
[root@harbor harbor]# ss -antpu | grep 80
tcp  LISTEN  0   1024  [::]:80   [::]:*   users:

1. Set up listeners and add back-end servers. No purchase required
[Server List] - > [Elastic Load Balancing ELB] - > [Custom ELB Name] - > [Listener] - > [Add Listener].





Purchase a new public network IP address to bind to this load balancer

2. Access the Harbor interface (http://public IP address: 80)
User name: admin password: Harbor12345 (password in profile)

Deploy a Docker host to test uploads and downloads.

Install docker software
Docker Registry interacts with https by default, whereas the private repository built here only provides http services, so when interacting with the private repository it will
Error reported above. To solve this problem, you need to add a boot parameter when starting docke to use http access by default. This is docker configuration on the client
Add to the location file (i.e. client that uploads the image to or downloads the image from the private repository)

harbor host copies docker package to docker host

[root@harbor harbor]# cd /root/harbor/
[root@harbor harbor]# scp docker-ce-18.06.3.ce-3.el7.x86_64.rpm

Docker host installs docker package, changes configuration file

[root@docker ~]# yum -y install docker-ce-18.06.3.ce-3.el7.x86_64.rpm
[root@docker ~]# vim /usr/lib/systemd/system/docker.service
12 ExecStart=/usr/bin/dockerd --insecure-registry
[root@docker ~]# systemctl daemon-reload && systemctl enable docker && systemctl start docker

Test login to the Harbor mirror repository.

[root@docker ~]# docker login
Username: admin
Password: Harbor12345
Login Succeeded

#Password information is stored in/root/.docker/config.json

Note: If you do not add--insecure-registry, the following error will be reported at login.

Error response from daemon: Get http: server gave HTTP response to

HTTPS client solution: Add parameters and restart the service.

Upload mirror to private repository
harbor Host Upload busybox Mirror to docker Host

[root@harbor docker]# cd /root/harbor/
[root@harbor harbor]# scp busybox.tar

[Click and drag to move]

#docker host import mirror

[root@docker ~]# docker load -i busybox.tar
[root@docker ~]# docker images

[Click and drag to move]

#View system mirrors
[root@docker ~]# docker tag busybox:latest
#Change label

[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE latest be5888e67be6 2 months ago 1.22MB
busybox latest be5888e67be6 2 months ago 1.22MB

[Click and drag to move]

#Push Mirror to Private Warehouse

[root@docker ~]# docker push
The push refers to repository]
5b0d2d635df8: Pushed
latest: digest: sha256:a2490cec4484ee6c1068ba3a05f89934010c85242f736280b35343483b2264b6 size: 527

View the image file you just uploaded in the interface.

You can see the number of mirrored warehouses is 1. Click on the project name to view the mirrored files under the project

Click in to see the uploaded image


Delete the existing mirror files in the system and download the images from the private mirror repository

[root@docker ~]# docker rmi
[root@docker ~]# docker images
busybox latest be5888e67be6 2 months ago 1.22MB
 Download Mirror
[root@docker ~]# docker pull
[root@docker ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE latest be5888e67be6 2 months ago 1.22MB
busybox latest be5888e67be6 2 months ago 1.22MB

Click on the left navigation bar to see the log information
If harbor stops, you can start it with the following command

[root@harbor ~]# cd /usr/local/harbor/
[root@harbor harbor]# docker-compose up -d

Keywords: Linux Operation & Maintenance Docker Middleware

Added by SeaJones on Mon, 20 Sep 2021 07:54:43 +0300