Detailed tutorial on installing harbor private warehouse using docker compose

Detailed tutorial on installing harbor private warehouse using docker compose

Overview

What is harbor? The English word means: harbor. The harbor is used to store containers (cargo), and the origin of Docker is based on the principle of containers, so Harbor is used to store Docker images and used as an image warehouse. The official statement is: Harbor is an enterprise-level Registry server for storing and distributing Docker images.

The harbor image warehouse is an enterprise-level image warehouse open sourced by VMware. It includes many functions such as permission management (RBAC), LDAP, log audit, management interface, self-registration, image replication, etc.

1. Harbor Features

1. Role-based access control: Users and repositories are organized by "projects", and users can have different permissions for multiple image repositories in the same namespace.
2. Mirror replication: You can replicate (synchronize) images and charts between multiple Registry instances. If any errors occur, Harbor will automatically retry replication. Ideal for load balancing, high availability, multi-data center, hybrid, and multi-cloud scenarios.
LDAP/AD support: Harbor integrates with existing enterprise LDAP/AD for user authentication and management, and supports importing LDAP groups into Harbor and assigning appropriate project roles to them.
Image deletion and garbage collection: Images can be deleted and their space can be reclaimed.
4. Internationalization: support for multiple languages ​​(already has Chinese, English, German, Japanese and Russian);
5. Graphical User Interface: Users can easily browse, search repositories, and manage projects.
6. Audit management: Track all operations on the repository.
7. RESTful API: RESTful API for most management operations, easy to integrate with external systems. An embedded Swagger user interface is available for exploring and testing the API.
Easy deployment: Online and offline installers are available. In addition, it can be installed as a virtual appliance on the vSphere platform (OVA format).

2. Harbor Components

1. Proxy: Harbor's components, such as the registry, UI, and token service, are all located behind a reverse proxy. The proxy forwards requests from browsers and Docker clients to various backend services.
2. Registry: responsible for storing Docker images and processing Docker push/pull commands. Since Harbor needs to control access permissions to images, the Registry will direct the client to access the token service to obtain a valid token for each pull or push request.
3. Core Service: Harbor's core functions, mainly providing the following services:
1) UI: Provides a graphical user interface to help users manage images and authorize users.
2) Webhook: In order to obtain the status changes of images on the registry in a timely manner, configure webhook on the registry to pass the status changes to the UI module;
3) Token service: responsible for issuing tokens for each docker push/pull command based on the user's role in the project. If there is no token in the request sent from the Docker client, the registry will redirect the request to the token service.
4. Datebase: Provides database services for core services and is responsible for storing user permissions, audit logs, Docker image grouping information, and other data.
5. Job Services: Provides remote image management function and can synchronize local images to other harbor instances.
6. Log Collector: To help monitor the operation of Harbor, it is responsible for the logs of other components of the mobile phone for future analysis.

insert image description here

3. Deployment Environment

centos-7.6 192.168.8.130
Docker version 1.19.3
docker-compose version 1.24.2
harbor-offline-installer-v1.8.6.tgz

4. Install docker-compose

Method 1:
[root@centos130 ~]# curl -L https://github.com/docker/compose/releases/download/1.24.1/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
[root@centos130 ~]# chmod +x /usr/local/bin/docker-compose
Method 2:
[root@centos130 ~]# wget https://bootstrap.pypa.io/get-pip.py
[root@centos130 ~]# python get-pip.py
[root@centos130 ~]# pip install docker-compose

5. Uninstall docker-compose

#Binary:
[root@centos130 ~]rm /usr/local/bin/docker-compose
#pip:
[root@centos130 ~]pip uninstall docker-compose

6. Install Docker

[root@centos130 ~]# yum install -y yum-utils device-mapper-persistent-data lvm2
Add a stable source [root@centos130 ~]# yum-config-manager --add-repo \
    http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
[root@centos130 ~]# yum makecache fast
Install the latest stable version of docker-ce
[root@centos130 ~]# yum install -y docker-ce docker-ce-cli containerd.io vim
[root@centos130 ~]# mkdir /etc/docker && vim /etc/docker/daemon.json
{
  "registry-mirrors": ["https://yxrgrke0.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.8.130:5000"],
  "insecure-registries": ["centos130:80"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m",
    "max-file": "3"
    }
}
Start Docker
[root@centos130 ~]# systemctl daemon-reload
[root@centos130 ~]# systemctl enable docker && systemctl start docker
[root@centos130 ~]# systemctl status docker

7. Install harbor

harbor download address:
harbor github address https://github.com/goharbor/harbor
http://harbor.orientsoft.cn/
[root@centos130 ~]# wget https://storage.googleapis.com/harbor-releases/release-1.8.6/harbor-offline-installer-v1.8.6.tgz
[root@centos130 ~]# tar -xf harbor-offline-installer-v1.8.6.tgz -C /usr/local/
[root@centos130 ~]# cd /usr/local/harbor/
[root@centos130 ~]# vim harbor.yml
hostname = centos130
#This is just a simple test, so only edit this line, and leave the others unchanged by default #Disable user registration self_registration = off
#Set that only administrators can create projects project_creation_restriction = adminonly

8. Execute the installation script

[root@centos130 ~]# ./instsll.sh  
Description: Installation error: Cannot find docker-proxy, docker-runc
Execute [root@centos130 ~]# ln -s /usr/libexec/docker/docker-runc-current /usr/bin/docker-runc
[root@centos130 ~]# ln -s /usr/libexec/docker/docker-proxy-current /usr/bin/docker-proxy
View the started image file [root@centos130 ~]# docker-compose ps
Stop and start of Harbor container:
[root@centos130 ~]# cd /usr/local/harbor/
[root@centos130 ~]# docker-compose stop
[root@centos130 ~]# docker-compose start

9. Log in to Harbor

The installation is now complete. Open the browser and log in directly, and create the my project:
The default user password is: admin/Harbor12345

insert image description here

Log in to the harbor repository via the Shell command line terminal

[root@centos130 ~]# harbor upload image [root@centos130 ~]# docker login centos130:80
[root@centos130 ~]# docker login -u admin -p Harbor12345 centos130:80 #Account and password: admin/Harbor12345
Username: admin
Password: 
Login Succeeded

Test image upload

[root@centos130 ~]# docker pull nginx
[root@centos130 ~]# docker tag nginx:latest centos130:80/my/nginx:latest
[root@centos130 ~]# docker images
[root@centos130 ~]# docker push centos130:80/my/nginx:latest
The push refers to repository [centos130:80/my/nginx]
55a77731ed26: Pushed 
71f2244bc14d: Pushed 
f2cb0ecef392: Pushed 
latest: digest: sha256:3936fb3946790d711a68c58be93628e43cbca72439079e16d154b5db216b58da size: 948

Note: The format is: userip/project name/image name:version number (the project name needs to be created in advance in the webui)
[root@centos130 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
centos130:80/my/nginx:latest latest 5a3221f0137b 5 days ago 126MB
nginx latest 5a3221f0137b 5 days ago 126MB
Delete the local nginx image and test the download [root@centos130 ~]# docker pull centos130:80/my/nginx:latest

10. Harbor changes the port number

1. Modify the docker-compose.yml file mapping to port 1180:

Modify the configuration file [root@centos130 ~]# cat /usr/local/harbor/docker-compose.yml

version: '2.3'
services:
  log:
    image: goharbor/harbor-log:v1.8.6
    container_name: harbor-log
    restart: always
    dns_search: .
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -DAC_OVERRIDE
      -SETGID
      -SETUID
    volumes:
      - /var/log/harbor/:/var/log/docker/:z
      - ./common/config/log/:/etc/logrotate.d/:z
    ports:
      - 127.0.0.1:1514:10514
    networks:
      -harbor
  registry:
    image: goharbor/registry-photon:v2.7.1-patch-2819-v1.8.6
    container_name: registry
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - type: bind
        source: /data/secret/registry/root.crt
        target: /etc/registry/root.crt
    networks:
      -harbor
    dns_search: .
    depends_on:
      -log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registry"
  registryctl:
    image: goharbor/harbor-registryctl:v1.8.6
    container_name: registryctl
    env_file:
      - ./common/config/registryctl/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - type: bind
        source: ./common/config/registryctl/config.yml
        target: /etc/registryctl/config.yml
    networks:
      -harbor
    dns_search: .
    depends_on:
      -log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registryctl"
  postgresql:
    image: goharbor/harbor-db:v1.8.6
    container_name: harbor-db
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -DAC_OVERRIDE
      -SETGID
      -SETUID
    volumes:
      - /data/database:/var/lib/postgresql/data:z
    networks:
      harbor:
    dns_search: .
    env_file:
      - ./common/config/db/env
    depends_on:
      -log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "postgresql"
  core:
    image: goharbor/harbor-core:v1.8.6
    container_name: harbor-core
    env_file:
      - ./common/config/core/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -SETGID
      -SETUID
    volumes:
      - /data/ca_download/:/etc/core/ca/:z
      - /data/psc/:/etc/core/token/:z
      - /data/:/data/:z
      - ./common/config/core/certificates/:/etc/core/certificates/:z
      - type: bind
        source: ./common/config/core/app.conf
        target: /etc/core/app.conf
      - type: bind
        source: /data/secret/core/private_key.pem
        target: /etc/core/private_key.pem
      - type: bind
        source: /data/secret/keys/secretkey
        target: /etc/core/key
    networks:
      harbor:
    dns_search: .
    depends_on:
      -log
      - registry
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "core"
  portal:
    image: goharbor/harbor-portal:v1.8.6
    container_name: harbor-portal
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
      -NET_BIND_SERVICE
    networks:
      -harbor
    dns_search: .
    depends_on:
      -log
      -core
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "portal"

  jobservice:
    image: goharbor/harbor-jobservice:v1.8.6
    container_name: harbor-jobservice
    env_file:
      - ./common/config/jobservice/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
    volumes:
      - /data/job_logs:/var/log/jobs:z
      - type: bind
        source: ./common/config/jobservice/config.yml
        target: /etc/jobservice/config.yml
    networks:
      -harbor
    dns_search: .
    depends_on:
      - redis
      -core
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "jobservice"
  redis:
    image: goharbor/redis-photon:v1.8.6
    container_name: redis
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
    volumes:
      - /data/redis:/var/lib/redis
    networks:
      harbor:
    dns_search: .
    depends_on:
      -log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "redis"
  proxy:
    image: goharbor/nginx-photon:v1.8.6
    container_name: nginx
    restart: always
    cap_drop:
      - ALL
    cap_add:
      -CHOWN
      -SETGID
      -SETUID
      -NET_BIND_SERVICE
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      -harbor
    dns_search: .
    ports:
      - 1180:80
      -443:443
      -4443:4443
    depends_on:
      - postgresql
      - registry
      -core
      - portal
      -log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "proxy"
networks:
  harbor:
    external: false

2. Modify the /etc/docker/daemon.json file and change port 80 to port 1180:

Modify daemon configuration [root@centos130 ~]# cat /etc/docker/daemon.json 

{
  "registry-mirrors": ["https://yxrgrke0.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.8.130:5000"],
  "insecure-registries": ["centos130:1180"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m",
    "max-file": "3"
    }
}

3. Modify the hostname of the /usr/locat/harbor/harbor.yml file

Modify the hostname configuration cat /usr/locat/harbor/harbor.yml
hostname: centos130:1180

4. Stop harbor, restart and generate configuration files

Reinitialize [root@centos130 ~]# cd /usr/locat/harbor/
[root@centos130 ~]# docker-compose stop
[root@centos130 ~]# ./install.sh

5. Restart Docker

[root@centos130 ~]# systemctl daemon-reload
[root@centos130 ~]# systemctl restart docker.service
Verify [root@centos130 ~]# docker login centos130:1180
Username: admin
Password: Harbor12345

This is the end of this article about installing harbor with docker-compose. For more information about installing harbor with docker-compose, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope you will support 123WORDPRESS.COM in the future!

You may also be interested in:
  • Detailed explanation of building a Docker private image repository based on Harbor
  • Docker builds a private warehouse (registry, harbor)
  • Architecture and component description of docker private library Harbor
  • Detailed steps for installing Harbor, a private Docker repository
  • Implementation of Docker to build private warehouse (registry and Harbor)
  • Example of how to build a Harbor public repository with Docker
  • Docker private warehouse harbor construction process
  • Steps for Docker to build a private warehouse Harbor
  • Docker Gitlab+Jenkins+Harbor builds a persistent platform operation
  • Detailed tutorial on building a continuous integration delivery environment based on Docker+K8S+GitLab/SVN+Jenkins+Harbor
  • How to build a private Docker repository using Harbor
  • Docker5 full-featured harbor warehouse construction process
  • Jenkins builds Docker images and pushes them to Harbor warehouse
  • Method of building docker private warehouse based on Harbor
  • Introduction and deployment method of Docker private warehouse Harbor

<<:  Detailed explanation of the this pointing problem of JavaScript prototype objects

>>:  How to design MySQL statistical data tables

Recommend

Tomcat security specifications (tomcat security reinforcement and specifications)

tomcat is an open source web server. The web base...

Deploy Nginx+Flask+Mongo application using Docker

Nginx is used as the server, Mongo is used as the...

9 Tips for Web Page Layout

<br />Related articles: 9 practical suggesti...

JavaScript and JQuery Framework Basics Tutorial

Table of contents 1. JS Object DOM –1, Function –...

Why I recommend Nginx as a backend server proxy (reason analysis)

1. Introduction Our real servers should not be di...

Specific use of Linux which command

We often want to find a file in Linux, but we don...

MySql common query command operation list

MYSQL commonly used query commands: mysql> sel...

HTML tags: sub tag and sup tag

Today I will introduce two HTML tags that I don’t...

MySQL deep paging (how to quickly paginate tens of millions of data)

Table of contents Preface Case optimization summa...

How to install MySQL using yum on Centos7 and achieve remote connection

Centos7 uses yum to install MySQL and how to achi...

20 Signposts on the Road to Becoming an Excellent UI (User Interface) Designer

Introduction: Interface designer Joshua Porter pub...

How to use nodejs to write a data table entity class generation tool for C#

Although Microsoft provides T4 templates, I find ...

Nginx http health check configuration process analysis

Passive Check With passive health checks, NGINX a...

MySQL joint table query basic operation left-join common pitfalls

Overview For small and medium-sized projects, joi...

Detailed explanation of replication configuration example between mysql containers

background Last week the company trained on MySQL...