Implementation of Docker to build private warehouse (registry and Harbor)

[root@dockerA ~]# docker pull registry:2 //Download the image of registry:2 [root@dockerA ~]# docker run -itd --name registry --restart=always -p 5000:5000 -v /registry:/var/lib/registry registry:2
//Create a registry container to run the registry service;
//-p: port mapping (the front is the host port: the back is the port exposed by the container);
//-v: mount directory (the first one is the host directory: the second one is the container directory) to automatically create the host directory;
//--restart=always: Start with the startup of the docker service!
[root@dockerA ~]# docker ps //Ensure that the container is running CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f98bf93f100e registry:2 "/entrypoint.sh /etc…" 3 minutes ago Up 3 minutes 0.0.0.0:5000->5000/tcp registry
[root@dockerA ~]# netstat -anpt | grep 5000 // Make sure port 5000 is being listened to tcp6 0 0 :::5000 :::* LISTEN 2370/docker-proxy  
[root@dockerA ~]# docker tag centos:7 192.168.1.1:5000/centos:7
//Change the image name to comply with the private warehouse name specification Note: The naming convention for private warehouse images is: 192.168.20.7:5000/XXX (host machine IP: 5000 port/image name)
[root@dockerA ~]# vim /usr/lib/systemd/system/docker.service 
//Write the main configuration file of the docker service 13 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.1:5000
//Modify the original configuration file to add an insecure registry (--insecure-registry), the address is the host's IP address and port 5000 [root@dockerA ~]# systemctl daemon-reload 
[root@dockerA ~]# systemctl restart docker //Restart the docker service [root@dockerA ~]# docker push 192.168.1.1:5000/centos:7
//Upload the renamed image to the registry private warehouse [root@dockerA ~]# curl 192.168.1.1:5000/v2/_catalog //View the image in the private warehouse {"repositories":["centos"]}
[root@dockerA ~]# curl 192.168.1.1:5000/v2/centos/tags/list //View detailed information of the image {"name":"centos","tags":["7"]}

[root@dockerB ~]# vim /usr/lib/systemd/system/docker.service 
//Modify the main configuration file of docker 13 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.1:5000
//Add content consistent with the registry, specify the IP address and port of the registry private warehouse server [root@dockerB ~]# systemctl daemon-reload 
[root@dockerB ~]# systemctl restart docker //Restart the docker service [root@dockerB ~]# curl 192.168.1.1:5000/v2/_catalog //View the image in the private warehouse {"repositories":["centos"]}
[root@dockerB ~]# curl 192.168.1.1:5000/v2/centos/tags/list //View the image in the private warehouse {"name":"centos","tags":["7"]}
[root@dockerB ~]# docker pull 192.168.1.1:5000/centos:7
//Download the image in the private repository [root@dockerB ~]# docker images //Confirm that the image has been downloaded to the local REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.1.1:5000/centos 7 5e35e350aded 5 weeks ago 203MB

[root@dockerA ~]# yum -y install yum-utils device-mapper-persistent-data lvm2
//Download the dependencies required by the docker-compose tool (you can install it when you deploy the docker environment)
[root@dockerA ~]# curl -L https://github.com/docker/compose/releases/download/1.25.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
//Download the docker-compose tool [root@dockerA ~]# chmod +x /usr/local/bin/docker-compose
[root@dockerA ~]# docker-compose -v      
docker-compose version 1.25.0, build 0a186604
//Check the docker-compose tool version information to ensure that it has been installed successfully

[root@dockerA ~]# wget https://storage.googleapis.com/harbor-releases/release-1.9.0/harbor-offline-installer-v1.9.1.tgz
//Download harbor software package [root@dockerA ~]# tar zxf harbor-offline-installer-v1.9.1.tgz -C /usr/local
[root@dockerA ~]# cd /usr/local/harbor/
[root@dockerA harbor]# vim harbor.yml 
//Write its configuration file. Other versions end with cfg by default, but this version ends with yml. The file contents are the same. hostname: 192.168.1.1 //Change it to the local IP address harbor_admin_password: Harbor12345    
//This line already exists, you don't need to fill it out yourself, just remember its username and password, you can modify it if necessary[root@dockerA harbor]# ./install.sh //Execute the installation script[root@dockerA harbor]# vim /usr/lib/systemd/system/docker.service 
//Write the docker main configuration file 13 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.1
//Similar to the registry, the port number is not filled in the harbor configuration file, so you can add it here, otherwise an error may occur [root@dockerA harbor]# systemctl daemon-reload 
[root@dockerA harbor]# systemctl restart docker //Restart the docker service [root@dockerA harbor]# pwd
/usr/local/harbor //Note the directory, it must be in this directory [root@dockerA harbor]# docker-compose start
//Use the docker-compose tool to start all containers (because when you restart docker, all containers are closed)
[root@dockerA harbor]# netstat -anpt | grep 80 //Confirm that port 80 is listening on tcp 0 0 172.18.0.1:33780 172.18.0.5:10514 ESTABLISHED 70076/docker-proxy 
tcp6 0 0 :::80 :::* LISTEN 72870/docker-proxy

[root@dockerA ~]# docker login -u admin -p Harbor12345 192.168.1.1
//Specify username, password and harbor server address to log in WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded //Login successful[root@dockerA ~]# docker tag centos:7 192.168.1.1/test/centos:7
//You need to change the image name, test is the name of the warehouse you just created [root@dockerA ~]# docker push 192.168.1.1/test/centos:7
//Upload the image to the test repository of the harbor server

[root@dockerB ~]# vim /usr/lib/systemd/system/docker.service 
//Write the main configuration file of docker 13 ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.1
//Specify the IP address of the harbor server [root@dockerB ~]# systemctl daemon-reload 
[root@dockerB ~]# systemctl restart docker //Restart the docker service [root@dockerB ~]# docker login -u admin -p Harbor12345 192.168.1.1
//Log in to harbor server WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded //Login successful[root@dockerB ~]# docker pull 192.168.1.1/test/centos:7
//Download the image for testing [root@dockerB ~]# docker images //Make sure the image has been downloaded REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.1.1/test/centos 7 5e35e350aded 5 weeks ago 203MB