Harbor开源企业级别docker容器仓库系统,初次使用说明

  • A+
所属分类:Docker

首现我们来验证以下公开项目

登陆harbor我们创建一个public项目

122617 0227 Harbordoc1 - Harbor开源企业级别docker容器仓库系统,初次使用说明

 
 

然后进入项目我们就能看到一些项目的配置

122617 0227 Harbordoc2 - Harbor开源企业级别docker容器仓库系统,初次使用说明

 
 

首先我们创建一个人员信息

122617 0227 Harbordoc3 - Harbor开源企业级别docker容器仓库系统,初次使用说明

把上面的人员信息添加到这个项目中,为开发角色

122617 0227 Harbordoc4 - Harbor开源企业级别docker容器仓库系统,初次使用说明

 
 

通过客户端进行上传镜像测试

--docker客户端配置

修改docker使用的镜像仓库

[root@registry /]# vim /etc/sysconfig/docker

ADD_REGISTRY='--add-registry harbor-registry.alex.com'

INSECURE_REGISTRY='--insecure-registry harbor-registry.alex.com'

BLOCK_REGISTRY='--block-registry public' #禁止使用公共仓库,docker.io

保存重启docker

[root@registry /]# systemctl restart docker

由于我使用的是自签名证书,需要把ca证书导入到docker这台机器上,

[root@registry /]# mkdir /etc/docker/certs.d/harbor-registry.alex.com/

[root@registry /]# scp root@harbor-registry.alex.com:/mycre/ca_cert.pem /etc/docker/certs.d/harbor-registry.alex.com/ca.crt

 
 

由于项目中还没有镜像,我们先上传一个,这里就不先执行登陆

更改本地images的标签,本地镜像可以通过导入或者从别的仓库中拉去

[root@registry /]# docker tag httpd harbor-registry.alex.com/public/httpd

把镜像上传到我们的仓库中

[root@registry /]# docker push harbor-registry.alex.com/public/httpd

The push refers to a repository [harbor-registry.alex.com/public/httpd] (len: 1)

9d845d7d8d26: Image push failed

9d845d7d8d26: Buffering to Disk

#这里就体现了我们上传镜像是需要权限的,输入我们的开发人员账户信息

Please login prior to push:

Username: kf

Password: *********

Email: kf@alex.com

WARNING: login credentials saved in /root/.docker/config.json

Login Succeeded

The push refers to a repository [harbor-registry.alex.com/public/httpd] (len: 1)

9d845d7d8d26: Image already exists

118c9509e172: Image successfully pushed

6ace9b13ff5e: Image successfully pushed

ccf7a5f58478: Image successfully pushed

f417fa2a82a5: Image successfully pushed

904dbd572cee: Image successfully pushed

dde8e59bffb1: Image successfully pushed

 
 

镜像上传完成,有兴趣的可以试试访客账户是否能上传,

我们把项目转换为私有项目,通过普通帐号进行pull操作

[root@registry /]# docker rmi harbor-registry.alex.com/public/httpd //删除本地的镜像

root@registry /]# docker login harbor-registry.alex.com //使用创建的普通帐号进行登陆

Username (kf): guest

Password: ********

Email (kf@alex.com): guest@alex.com

WARNING: login credentials saved in /root/.docker/config.json

Login Succeeded

[root@registry /]#

发现普通帐号并无法pull私有项目中的镜像

[root@registry /]# docker pull harbor-registry.alex.com/public/httpd:latest

Trying to pull repository harbor-registry.alex.com/public/httpd ... not found

Error: image public/httpd:latest not found

[root@registry /]#

在把项目转换为公有的进行测试

122617 0227 Harbordoc5 - Harbor开源企业级别docker容器仓库系统,初次使用说明

然后可以正常下载

[root@registry /]# docker pull harbor-registry.alex.com/public/httpd:latest

latest: Pulling from harbor-registry.alex.com/public/httpd

 
 

dde8e59bffb1: Already exists

904dbd572cee: Already exists

f417fa2a82a5: Already exists

ccf7a5f58478: Already exists

6ace9b13ff5e: Already exists

9d845d7d8d26: Already exists

Digest: sha256:e0dcf25006b96fb416e47f2fc40a18f247fc63a62eefda0866f0bcbf949f9add

Status: Downloaded newer image for harbor-registry.alex.com/public/httpd:latest

[root@registry /]#

日志记录

122617 0227 Harbordoc6 - Harbor开源企业级别docker容器仓库系统,初次使用说明

 
 

一些简单的使用就这样。

 
 

 
 

 
 

 
 

头像

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: