Harbor 2.6.2安装
一,安装docker
要求1.17以上版本
链接:https://cloud.tencent.com/developer/article/1701451
下载安装包
$ wget https://github.com/goharbor/harbor/releases/download/v2.1.0/harbor-offline-installer-v2.1.0.tgz
# 上传到服务器后,解压压缩包
$ tar -xf harbor-offline-installer-v2.1.0.tgz修改harbor配置
进到harbor-offline-installer-v2.1.0.tgz 解压后的目录, 从harbor.yml.tmpl复制一份harbor.yml
$ cp harbor.yml.tmpl harbor.yml
$ vim harbor.yml
# Configuration file of Harbor
# 此处定义为harbor的域名或者IP,注意不能定义为 localhost、127.0.0.1
hostname: harbor.domin.com
# http related config
http:
# port for http, default is 80\. If https enabled, this port will redirect to https port
port: 80
# 这里把https注释掉(根据自己实际需求配置)
# https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/path
# 如果要启用外部代理,请取消去掉external_url的注释,当它启用时,hostname将不再使用
# 因为我们还会给harbor接入反向代理,所以此处去掉external_url的注释
external_url: https://harbor.domin.com
•
# harbor admin账户的初始密码(建议修改)
harbor_admin_password: Harbor12345
•
# 因为我们会使用外部postgres数据库,所以此处此database的配置可以忽略
database:
password: root123
max_idle_conns: 50
max_open_conns: 1000
•
# 默认harbor数据存储目录
# 注意:虽然本次部署会使用oss作为registry的外部存储,但是data_volume字段不要注释掉
data_volume: /data/harbor-storage
•
# 更改镜像存储位置,本地的话不用配置直接用,本次部署中使用了阿里云的oss作为后端存储
# 去掉storage注释,配置oss 可参考:https://docs.docker.com/registry/configuration/#storage
•
storage:
cache:
layerinfo: redis
oss:
accesskeyid: 填写你的具有阿里云oss权限账户的RAM的AccessKey ID
accesskeysecret: 填写你的具有阿里云oss权限账户的RAM的AccessKey Secret
region: 地域节点 # EndPoint, 如cn-shenzhen
endpoint: Bucket 域名 #[bucket].[region].aliyuncs.com 或者 当 internal=true, [bucket].[region]-internal.aliyuncs.com
internal:
secure: true # 指定是否通过ssl传输数据到bucket
bucket: Bucket 名称
rootdirectory: 指定oss下面某路径作为存储目录
# 保持默认配置
trivy:
ignore_unfixed: false
skip_update: false
insecure: false
# 保持默认配置
jobservice:
max_job_workers: 10
# 保持默认配置
notification:
# Maximum retry count for webhook job
webhook_job_max_retry: 10
# 保持默认配置
chart:
absolute_url: disabled
# 日志配置,根据自己需求进行修改
log:
level: info
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
_version: 2.2.0
•
# 使用外部数据库,需要把external_database的注释取消,进行配置, 注意需要在postgres数据库中将registry、clair的数据库预先创建
external_database:
harbor:
host: harbor_db_host
port: harbor_db_port
db_name: harbor_db_name
username: harbor_db_username
password: harbor_db_password
ssl_mode: disable
max_idle_conns: 2
max_open_conns: 0
clair:
host: clair_server_db_host
port: clair_server_db_port
db_name: clair_server_db_name
username: clair_server_db_username
password: clair_server_db_password
ssl_mode: disable
# notary_signer:
# host: notary_signer_db_host
# port: notary_signer_db_port
# db_name: notary_signer_db_name
# username: notary_signer_db_username
# password: notary_signer_db_password
# ssl_mode: disable
# notary_server:
# host: notary_server_db_host
# port: notary_server_db_port
# db_name: notary_server_db_name
# username: notary_server_db_username
# password: notary_server_db_password
# ssl_mode: disable
•
# 如果使用外部redis的情况下,需要将external_redis的注释去掉
external_redis:
host: redis:6379
password:
registry_db_index: 1
jobservice_db_index: 2
chartmuseum_db_index: 3
trivy_db_index: 5
idle_timeout_seconds: 30Last updated