1. Harbor介紹

Harbor是由VMware公司中國團隊開發(fā)的一個企業(yè)級Registry項目，可用于搭建企業(yè)內部的容器鏡像倉庫。Harbor在Docker Registry的基礎上增加了企業(yè)用戶所需的權限控制、安全漏洞掃描、日志審核和遠程復制等重要功能，還提供了圖形管理界面及面向國內用戶的中文支持，開源后便迅速業(yè)內流行開來，成為中國云原生用戶的主流容器鏡像倉庫。

2018年7月，Harbor正式進入CNCF(谷歌創(chuàng)辦的云原生基金會，旗下項目包括Kubernetes、Prometheus等世界級產品），并在2020年6月順利畢業(yè)，成為了CNCF首個來自中國的開源項目。

Harbor的架構如下圖所示，其中Core services為Harbor的核心模塊，主要包括UI、token和webhook三個組件。UI提供圖形化界面，輔助用戶管理鏡像；webhook 用于及時 獲取Registry上鏡像狀態(tài)的變化情況，并傳遞給其他模塊；token組件用于提供驗證令牌。

另外，還有Job service用于多個Harbor間的鏡像同步功能，Log collector用于日志收集和審核功能。

除了自身組件外，Harbor也需要使用到一些外部組件，如使用Nginx作為代理、Registry v2作為鏡像存儲、PostgreSQL作為數據庫等等。

harbor的每個組件都是以Docker容器的形式進行部署，可以使用Docker Compose來進行統一管理。

2. 軟硬件要求

(1). 硬件要求

硬件	最低配置	推薦配置
CPU	2CPU	4CPU
內存	4GB	8GB
磁盤	40G	160G

注：硬件配置只是官方提供的一個參考，生產環(huán)境還需要根據實際情況進行容量規(guī)劃。

(2). 軟件要求

軟件	版本
Docker	17.06.0-ce+版或更高版本
Docker Compose	1.18.0或更高
Openssl	首選最新版本

3.Harbor優(yōu)勢

• 基于角色控制：用戶和倉庫都是基于項目進行組織的，而用戶在項目中可以擁有不同的權限。
• 基于鏡像的復制策略：鏡像可以在多個Harbor實例之間進行復制（同步）。
• 支持 LDAP/AD：Harbor 可以集成企業(yè)內部已有的 AD/LDAP（類似數據庫的一張表），用于對已經存在的用戶認證和管理。
• 鏡像刪除和垃圾回收：鏡像可以被刪除，也可以回收鏡像占用的空間。
• 圖形化用戶界面：用戶可以通過瀏覽器來瀏覽，搜索鏡像倉庫以及對項目進行管理。
• 審計管理：所有針對鏡像倉庫的操作都可以被記錄追溯，用于審計管理。
• 支持 RESTful API：RESTful API 提供給管理員對于 Harbor 更多的操控, 使得與其它管理軟件集成變得更容易。
• Harbor和docker registry的關系：Harbor實質上是對docker registry做了封裝，擴展了自己的業(yè)務模板。

4.Harbor的誤區(qū)

• 誤區(qū)一: Harbor是負責存儲容器鏡像的 (Harbor是鏡像倉庫，那么它就應當是存儲鏡像的),其實關于鏡像的存儲，Harbor使用的是官方的docker registry服務去完成，至于registry是用本地存儲或者s3都是可以的，Harbor的功能是在此之上提供用戶權限管理、鏡像復制等功能，提高使用的registry的效率。

• 誤區(qū)二：Harbor鏡像復制是存儲直接復制 (鏡像的復制，很多人以為應該是鏡像分層文件的直接拷貝),其實Harbor鏡像復制采用了一個更加通用、高屋建瓴的做法，通過docker registry 的API去拷貝，這不是省事，這種做法屏蔽了繁瑣的底層文件操作、不僅可以利用現有docker registry功能不必重復造輪子，而且可以解決沖突和一致性的問題。

5.Harbor的幾種安裝方式

Harbor提供以下幾種安裝方式，以適應不同的安裝環(huán)境。

1. 在線安裝：適合初學者快速搭建一個Harbor倉庫，簡單快速，安裝過程需要從官方拉取鏡像，資源包帶online。
2. 離線安裝：適合公司內網環(huán)境，離線安裝包裝載了安裝過程需要的鏡像（自動導入），資源包帶offline。
3. 源碼安裝：適合開發(fā)者對Harbor進行開發(fā)和測試，通過編譯源碼到本地進行安裝，安裝條件較苛刻，需要了解Harbor底層原理和實現方式的，可選擇源碼安裝的方式
4. Heml Chart：通過Heml安裝Harbor到kubernetes集群；
5. Operater安裝： Harbor Operator提供了可深度定制的能力，用戶通過配置頂級 CRD HarborCluster，根據實際需要定義和配置自己的 Harbor 組件。

6.在線安裝

(1).安裝composer

[root@docker ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose% Total    % Received % Xferd  Average Speed   Time    Time     Time  CurrentDload  Upload   Total   Spent    Left  Speed0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100 56.9M  100 56.9M    0     0  7515k      0  0:00:07  0:00:07 --:--:-- 8608k
[root@docker ~]# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[root@docker ~]# chmod +x   /usr/local/bin/docker-compose
[root@docker ~]# docker-compose -v
Docker Compose version v2.23.3
[root@docker ~]# 

(2).配置內核參數,開啟路由轉發(fā)

[root@docker ~]# cat > /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
[root@docker ~]# sysctl -p
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@docker ~]# 

(3).下載安裝包并解壓

[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-online-installer-v2.3.5.tgz
--2023-11-25 11:17:20--  https://github.com/goharbor/harbor/releases/download/v2.3.5/harbor-online-installer-v2.3.5.tgz
正在解析主機 github.com (github.com)... 20.205.243.166
正在連接 github.com (github.com)|20.205.243.166|:443... 已連接。
已發(fā)出 HTTP 請求，正在等待回應... 302 Found
位置：https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/a0e72e1f-a016-4389-a1cb-79923e1716d1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231125T031720Z&X-Amz-Expires=300&X-Amz-Signature=c042a464262142717bb1dec5e7a19755dfe656cfb86c96179620268d5af59115&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.3.5.tgz&response-content-type=application%2Foctet-stream [跟隨至新的 URL]
--2023-11-25 11:17:21--  https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/a0e72e1f-a016-4389-a1cb-79923e1716d1?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231125T031720Z&X-Amz-Expires=300&X-Amz-Signature=c042a464262142717bb1dec5e7a19755dfe656cfb86c96179620268d5af59115&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-online-installer-v2.3.5.tgz&response-content-type=application%2Foctet-stream
正在解析主機 objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.110.133, 185.199.108.133, 185.199.111.133
正在連接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... 已連接。
已發(fā)出 HTTP 請求，正在等待回應... 200 OK
長度：9452 (9.2K) [application/octet-stream]
正在保存至: “harbor-online-installer-v2.3.5.tgz”100%[=======================================================================================================================================================================================================>] 9,452       --.-K/s 用時 0.005s  2023-11-25 11:17:22 (1.90 MB/s) - 已保存 “harbor-online-installer-v2.3.5.tgz” [9452/9452])[root@docker ~]# tar zxvf harbor-online-installer-v2.3.5.tgz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
[root@docker ~]# cd harbor
[root@docker harbor]# 

(4).創(chuàng)建并修改配置文件

• 根據配置文件模板復制為配置文件

cp harbor.yml.tmpl  harbor.yml

• 修改配置文件

vi harbor.yml
hostname: 192.168.40.21  #主機名稱或者IP地址
#https:   #不使用https安全加密端口
#  port: 443
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path

(5).生成各個組件的配置

[root@docker harbor]# ./prepare
prepare base dir is set to /root/harbor
Unable to find image 'goharbor/prepare:v2.3.5' locallyv2.3.5: Pulling from goharbor/prepare
91519930665a: Pull complete 
b8547b4b6d59: Pull complete 
4cfb18ed7c8b: Pull complete 
1f7c4d37aa15: Pull complete 
720465e03cf9: Pull complete 
47bf36709ddf: Pull complete 
7b6689f99a3d: Pull complete 
660d0135472b: Pull complete 
Digest: sha256:b0bad7e35d427d7337fdde85934415e133a9e8dba7dca5c0a0829bd31cd20790
Status: Downloaded newer image for goharbor/prepare:v2.3.5
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[root@docker harbor]# 

(6).安裝Harbor

[root@docker harbor]# ./install.sh --with-trivy  --with-chartmuseum[Step 0]: checking if docker is installed ...Note: docker version: 24.0.7[Step 1]: checking docker-compose is installed ...Note: docker-compose version: 2.23.3[Step 2]: preparing environment ...[Step 3]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /config/trivy-adapter/env
Generated configuration file: /config/chartserver/env
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir[Step 4]: starting Harbor ...
[+] Running 75/30? portal 3 layers [???]      0B/0B      Pulled                                                                                                                                                                                            48.4s ? redis 4 layers [????]      0B/0B      Pulled                                                                                                                                                                                            43.8s ? proxy 2 layers [??]      0B/0B      Pulled                                                                                                                                                                                               2.5s ? chartmuseum 5 layers [?????]      0B/0B      Pulled                                                                                                                                                                                     27.4s ? registry 5 layers [?????]      0B/0B      Pulled                                                                                                                                                                                        34.4s ? registryctl 6 layers [??????]      0B/0B      Pulled                                                                                                                                                                                    44.9s ? core 9 layers [?????????]      0B/0B      Pulled                                                                                                                                                                                        32.4s ? log 7 layers [???????]      0B/0B      Pulled                                                                                                                                                                                           51.9s ? jobservice 5 layers [?????]      0B/0B      Pulled                                                                                                                                                                                      12.8s ? postgresql 12 layers [????????????]      0B/0B      Pulled                                                                                                                                                                             102.6s ? trivy-adapter 6 layers [??????]      0B/0B      Pulled                                                                                                                                                                                  23.0s [+] Running 13/13? Network harbor_harbor              Created                                                                                                                                                                                               0.3s ? Network harbor_harbor-chartmuseum  Created                                                                                                                                                                                               0.2s ? Container harbor-log               Started                                                                                                                                                                                               0.6s ? Container registry                 Started                                                                                                                                                                                               0.0s ? Container redis                    Started                                                                                                                                                                                               0.0s ? Container chartmuseum              Started                                                                                                                                                                                               0.0s ? Container registryctl              Started                                                                                                                                                                                               0.0s ? Container harbor-db                Started                                                                                                                                                                                               0.0s ? Container harbor-portal            Started                                                                                                                                                                                               0.0s ? Container trivy-adapter            Started                                                                                                                                                                                               0.0s ? Container harbor-core              Started                                                                                                                                                                                               0.0s ? Container harbor-jobservice        Started                                                                                                                                                                                               0.0s ? Container nginx                    Started                                                                                                                                                                                               0.0s 
? ----Harbor has been installed and started successfully.----
[root@docker harbor]# 

(7).查看Harbor服務狀態(tài)

[root@docker harbor]# docker-compose   ps
NAME                IMAGE                                  COMMAND                   SERVICE         CREATED         STATUS                   PORTS
chartmuseum         goharbor/chartmuseum-photon:v2.3.5     "./docker-entrypoint…"   chartmuseum     3 minutes ago   Up 3 minutes (healthy)   
harbor-core         goharbor/harbor-core:v2.3.5            "/harbor/entrypoint.…"   core            3 minutes ago   Up 3 minutes (healthy)   
harbor-db           goharbor/harbor-db:v2.3.5              "/docker-entrypoint.…"   postgresql      3 minutes ago   Up 3 minutes (healthy)   
harbor-jobservice   goharbor/harbor-jobservice:v2.3.5      "/harbor/entrypoint.…"   jobservice      3 minutes ago   Up 3 minutes (healthy)   
harbor-log          goharbor/harbor-log:v2.3.5             "/bin/sh -c /usr/loc…"   log             3 minutes ago   Up 3 minutes (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       goharbor/harbor-portal:v2.3.5          "nginx -g 'daemon of…"   portal          3 minutes ago   Up 3 minutes (healthy)   
nginx               goharbor/nginx-photon:v2.3.5           "nginx -g 'daemon of…"   proxy           3 minutes ago   Up 3 minutes (healthy)   0.0.0.0:80->8080/tcp, :::80->8080/tcp
redis               goharbor/redis-photon:v2.3.5           "redis-server /etc/r…"   redis           3 minutes ago   Up 3 minutes (healthy)   
registry            goharbor/registry-photon:v2.3.5        "/home/harbor/entryp…"   registry        3 minutes ago   Up 3 minutes (healthy)   
registryctl         goharbor/harbor-registryctl:v2.3.5     "/home/harbor/start.…"   registryctl     3 minutes ago   Up 3 minutes (healthy)   
trivy-adapter       goharbor/trivy-adapter-photon:v2.3.5   "/home/scanner/entry…"   trivy-adapter   3 minutes ago   Up 3 minutes (healthy)   
[root@docker harbor]# 

(8).登錄Harbor UI界面

在瀏覽器輸入地址：http://192.168.40.21:80
用戶名：admin
密碼：Harbor12345

7.離線安裝

(1).安裝composer

[root@docker ~]# curl -SL https://github.com/docker/compose/releases/download/v2.23.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose% Total    % Received % Xferd  Average Speed   Time    Time     Time  CurrentDload  Upload   Total   Spent    Left  Speed0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100 56.9M  100 56.9M    0     0  7515k      0  0:00:07  0:00:07 --:--:-- 8608k
[root@docker ~]# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
[root@docker ~]# chmod +x   /usr/local/bin/docker-compose
[root@docker ~]# docker-compose -v
Docker Compose version v2.23.3
[root@docker ~]# 

(2).配置內核參數,開啟路由轉發(fā)

[root@docker ~]# cat > /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
[root@docker ~]# sysctl -p
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@docker ~]# 

(3).下載安裝包并解壓

[root@docker ~]# wget https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz
--2023-11-25 12:41:38--  https://github.com/goharbor/harbor/releases/download/v2.9.1/harbor-offline-installer-v2.9.1.tgz
正在解析主機 github.com (github.com)... 20.205.243.166
正在連接 github.com (github.com)|20.205.243.166|:443... 已連接。
已發(fā)出 HTTP 請求，正在等待回應... 302 Found
位置：https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/8bc3aa48-e2a4-4ab6-ae52-3ecf16dfe73a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231125T044154Z&X-Amz-Expires=300&X-Amz-Signature=c953b5e3ba2dd066e4650529b5b303d7e754af2b95fa8ecadf27722575dc2349&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-offline-installer-v2.9.1.tgz&response-content-type=application%2Foctet-stream [跟隨至新的 URL]
--2023-11-25 12:41:54--  https://objects.githubusercontent.com/github-production-release-asset-2e65be/50613991/8bc3aa48-e2a4-4ab6-ae52-3ecf16dfe73a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20231125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20231125T044154Z&X-Amz-Expires=300&X-Amz-Signature=c953b5e3ba2dd066e4650529b5b303d7e754af2b95fa8ecadf27722575dc2349&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=50613991&response-content-disposition=attachment%3B%20filename%3Dharbor-offline-installer-v2.9.1.tgz&response-content-type=application%2Foctet-stream
正在解析主機 objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.108.133, 185.199.110.133, 185.199.111.133
正在連接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.108.133|:443... 失敗：拒絕連接。
正在連接 objects.githubusercontent.com (objects.githubusercontent.com)|185.199.110.133|:443... 已連接。
已發(fā)出 HTTP 請求，正在等待回應... 200 OK
長度：796863822 (760M) [application/octet-stream]
正在保存至: “harbor-offline-installer-v2.9.1.tgz”100%[=======================================================================================================================================================================================================>] 796,863,822 57.0MB/s 用時 18s    2023-11-25 12:42:34 (42.3 MB/s) - 已保存 “harbor-offline-installer-v2.9.1.tgz” [796863822/796863822])
[root@docker ~]# tar -xzvf harbor-offline-installer-v2.9.1.tgz 
harbor/harbor.v2.9.1.tar.gz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl           
[root@docker ~]#  

(4).創(chuàng)建并修改配置文件

• 根據配置文件模板復制為配置文件

cp harbor.yml.tmpl  harbor.yml

• 修改配置文件

vi harbor.yml
hostname: 192.168.40.21   #主機名稱或者IP地址
#https:   #不使用https安全加密端口
#  port: 443
#  certificate: /your/certificate/path
#  private_key: /your/private/key/path

(5).加載Harbor所需的鏡像

[root@docker harbor]# docker load -i harbor.v2.9.1.tar.gz a1dcbad8836c: Loading layer [==================================================>]  40.11MB/40.11MB
4349dad1c75c: Loading layer [==================================================>]  10.89MB/10.89MB
b3619b11127a: Loading layer [==================================================>]  3.584kB/3.584kB
7b38a647487c: Loading layer [==================================================>]   2.56kB/2.56kB
af63cee918f4: Loading layer [==================================================>]  44.69MB/44.69MB
087e0e1d01ed: Loading layer [==================================================>]  45.48MB/45.48MB
Loaded image: goharbor/harbor-jobservice:v2.9.1
7a18cae000bb: Loading layer [==================================================>]  7.873MB/7.873MB
6e8443cb30ea: Loading layer [==================================================>]  4.096kB/4.096kB
7e6f1921b03b: Loading layer [==================================================>]   17.4MB/17.4MB
7ab103a3c9e9: Loading layer [==================================================>]  3.072kB/3.072kB
afdeb50007ba: Loading layer [==================================================>]  32.78MB/32.78MB
0838cfee6fc3: Loading layer [==================================================>]  50.97MB/50.97MB
Loaded image: goharbor/harbor-registryctl:v2.9.1
06a21a75ac76: Loading layer [==================================================>]  10.89MB/10.89MB
7ef38c74aa21: Loading layer [==================================================>]  3.584kB/3.584kB
78e12b1b294b: Loading layer [==================================================>]   2.56kB/2.56kB
7415bb76ee07: Loading layer [==================================================>]  58.23MB/58.23MB
c25cd46ee82a: Loading layer [==================================================>]  5.632kB/5.632kB
1a3de5a9a094: Loading layer [==================================================>]  122.4kB/122.4kB
2d2d193fbdcd: Loading layer [==================================================>]  80.38kB/80.38kB
ee47e7543fea: Loading layer [==================================================>]  59.23MB/59.23MB
6ebe4d7b431b: Loading layer [==================================================>]   2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.9.1
7d9f76d29c1c: Loading layer [==================================================>]  124.4MB/124.4MB
50cb5ae20a44: Loading layer [==================================================>]  3.584kB/3.584kB
59a78c21122c: Loading layer [==================================================>]  3.072kB/3.072kB
6beb01cc5baa: Loading layer [==================================================>]   2.56kB/2.56kB
b09018e5a73f: Loading layer [==================================================>]  3.072kB/3.072kB
c1078fb9f5c7: Loading layer [==================================================>]  3.584kB/3.584kB
59dadef71b1b: Loading layer [==================================================>]  20.48kB/20.48kB
Loaded image: goharbor/harbor-log:v2.9.1
d1de629330a4: Loading layer [==================================================>]  60.48MB/60.48MB
3cb3537a6da7: Loading layer [==================================================>]  173.9MB/173.9MB
a327f18369ed: Loading layer [==================================================>]  25.46MB/25.46MB
3f5c8182a7a2: Loading layer [==================================================>]  63.37MB/63.37MB
a972da56e974: Loading layer [==================================================>]   5.12kB/5.12kB
2fa2fe9c942b: Loading layer [==================================================>]  6.144kB/6.144kB
53214b04b836: Loading layer [==================================================>]  3.072kB/3.072kB
7fde99a5b238: Loading layer [==================================================>]  2.048kB/2.048kB
b985c63bb4f0: Loading layer [==================================================>]   2.56kB/2.56kB
58e8be9a88e4: Loading layer [==================================================>]   7.68kB/7.68kB
Loaded image: goharbor/harbor-db:v2.9.1
64966afbcdad: Loading layer [==================================================>]  10.89MB/10.89MB
7ffad26c4cb7: Loading layer [==================================================>]  27.62MB/27.62MB
ce5f177604e5: Loading layer [==================================================>]  4.608kB/4.608kB
4c46c82379dc: Loading layer [==================================================>]  28.41MB/28.41MB
Loaded image: goharbor/harbor-exporter:v2.9.1
f2d51adf2664: Loading layer [==================================================>]  60.48MB/60.48MB
962114f3c6f4: Loading layer [==================================================>]  110.8MB/110.8MB
fa9bce70fee8: Loading layer [==================================================>]  3.072kB/3.072kB
034a19d4e2af: Loading layer [==================================================>]   59.9kB/59.9kB
ea8a227a5ce4: Loading layer [==================================================>]  61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.9.1
b99018c986e9: Loading layer [==================================================>]  115.1MB/115.1MB
Loaded image: goharbor/nginx-photon:v2.9.1
7e85bea4f9eb: Loading layer [==================================================>]  7.873MB/7.873MB
2d7031c02133: Loading layer [==================================================>]  4.096kB/4.096kB
f2f29a057a0e: Loading layer [==================================================>]  3.072kB/3.072kB
c465d9ffbcae: Loading layer [==================================================>]   17.4MB/17.4MB
e8392e2d1c5c: Loading layer [==================================================>]  18.19MB/18.19MB
Loaded image: goharbor/registry-photon:v2.9.1
0ee5099becd4: Loading layer [==================================================>]  8.424MB/8.424MB
709c954772b5: Loading layer [==================================================>]  4.096kB/4.096kB
4b4592e67634: Loading layer [==================================================>]  3.072kB/3.072kB
db64864bc2d4: Loading layer [==================================================>]  196.4MB/196.4MB
b2e16fced657: Loading layer [==================================================>]  14.21MB/14.21MB
261777ce207b: Loading layer [==================================================>]  211.4MB/211.4MB
Loaded image: goharbor/trivy-adapter-photon:v2.9.1
8bb88f3b5655: Loading layer [==================================================>]  89.16MB/89.16MB
58f41452397c: Loading layer [==================================================>]  65.05MB/65.05MB
56353e1b0c2c: Loading layer [==================================================>]  58.46MB/58.46MB
78dc49080966: Loading layer [==================================================>]  65.54kB/65.54kB
f1e566e1fcc5: Loading layer [==================================================>]   2.56kB/2.56kB
1baf36cc0bfd: Loading layer [==================================================>]  1.536kB/1.536kB
4f36dbd6f970: Loading layer [==================================================>]  12.29kB/12.29kB
0b3526c9e5d6: Loading layer [==================================================>]  5.322MB/5.322MB
e7daf9b6bcbe: Loading layer [==================================================>]  429.1kB/429.1kB
Loaded image: goharbor/prepare:v2.9.1
d0dcb5740755: Loading layer [==================================================>]  115.1MB/115.1MB
a68394b34761: Loading layer [==================================================>]   6.46MB/6.46MB
e47863752870: Loading layer [==================================================>]  245.8kB/245.8kB
eb0d64571e29: Loading layer [==================================================>]  1.233MB/1.233MB
Loaded image: goharbor/harbor-portal:v2.9.1
[root@docker harbor]# 

(6)把配置文件注入到Harbor

[root@docker harbor]# ./prepare 
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
[root@docker harbor]# 

(7).安裝Harbor

[root@docker harbor]# ./install.sh[Step 0]: checking if docker is installed ...Note: docker version: 24.0.7[Step 1]: checking docker-compose is installed ...Note: Docker Compose version v2.21.0[Step 2]: loading Harbor images ...
Loaded image: goharbor/harbor-jobservice:v2.9.1
Loaded image: goharbor/harbor-registryctl:v2.9.1
Loaded image: goharbor/harbor-core:v2.9.1
Loaded image: goharbor/harbor-log:v2.9.1
Loaded image: goharbor/harbor-db:v2.9.1
Loaded image: goharbor/harbor-exporter:v2.9.1
Loaded image: goharbor/redis-photon:v2.9.1
Loaded image: goharbor/nginx-photon:v2.9.1
Loaded image: goharbor/registry-photon:v2.9.1
Loaded image: goharbor/trivy-adapter-photon:v2.9.1
Loaded image: goharbor/prepare:v2.9.1
Loaded image: goharbor/harbor-portal:v2.9.1[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dirNote: stopping existing Harbor instance ...[Step 5]: starting Harbor ...
[+] Running 10/10? Network harbor_harbor        Created                                                                                                                                                                                                     0.4s ? Container harbor-log         Started                                                                                                                                                                                                     0.0s ? Container registryctl        Started                                                                                                                                                                                                     0.0s ? Container redis              Started                                                                                                                                                                                                     0.0s ? Container harbor-portal      Started                                                                                                                                                                                                     0.0s ? Container harbor-db          Started                                                                                                                                                                                                     0.0s ? Container registry           Started                                                                                                                                                                                                     0.0s ? Container harbor-core        Started                                                                                                                                                                                                     0.0s ? Container nginx              Started                                                                                                                                                                                                     0.0s ? Container harbor-jobservice  Started                                                                                                                                                                                                     0.0s 
? ----Harbor has been installed and started successfully.----
[root@docker harbor]# 

(8).查看Harbor服務狀態(tài)

[root@docker harbor]# docker-compose   ps
NAME                IMAGE                                COMMAND                   SERVICE       CREATED          STATUS                    PORTS
harbor-core         goharbor/harbor-core:v2.9.1          "/harbor/entrypoint.…"   core          47 seconds ago   Up 45 seconds (healthy)   
harbor-db           goharbor/harbor-db:v2.9.1            "/docker-entrypoint.…"   postgresql    47 seconds ago   Up 46 seconds (healthy)   
harbor-jobservice   goharbor/harbor-jobservice:v2.9.1    "/harbor/entrypoint.…"   jobservice    47 seconds ago   Up 36 seconds (healthy)   
harbor-log          goharbor/harbor-log:v2.9.1           "/bin/sh -c /usr/loc…"   log           47 seconds ago   Up 46 seconds (healthy)   127.0.0.1:1514->10514/tcp
harbor-portal       goharbor/harbor-portal:v2.9.1        "nginx -g 'daemon of…"   portal        47 seconds ago   Up 46 seconds (healthy)   
nginx               goharbor/nginx-photon:v2.9.1         "nginx -g 'daemon of…"   proxy         47 seconds ago   Up 45 seconds (healthy)   0.0.0.0:80->8080/tcp, :::80->8080/tcp
redis               goharbor/redis-photon:v2.9.1         "redis-server /etc/r…"   redis         47 seconds ago   Up 46 seconds (healthy)   
registry            goharbor/registry-photon:v2.9.1      "/home/harbor/entryp…"   registry      47 seconds ago   Up 46 seconds (healthy)   
registryctl         goharbor/harbor-registryctl:v2.9.1   "/home/harbor/start.…"   registryctl   47 seconds ago   Up 46 seconds (healthy)   
[root@docker harbor]# 

(9).登錄Harbor UI界面

在瀏覽器輸入地址：http://192.168.40.21:80
用戶名：admin
密碼：Harbor12345

8.相關命令

(1).停止所有Hoabor

stop不會刪除鏡像和容器 down則反之

docker compose -f /root/harbor/docker-compose.yml stop

docker compose -f /root/harbor/docker-compose.yml down

(2).啟動所有Harbor

start不會創(chuàng)建所需要的鏡像和容器 up則反之

docker compose -f /root/harbor/docker-compose.yml start

docker compose -f /root/harbor/docker-compose.yml up

(3).卸載Harbor

trivy-adapter       goharbor/trivy-adapter-photon   v2.3.5              5c0212e98070        133MB
[root@docker harbor]# docker compose -f /root/harbor/docker-compose.yml down
[+] Running 13/13? Container trivy-adapter            Removed                                                                                                                                                                                               0.0s ? Container chartmuseum              Removed                                                                                                                                                                                               0.0s ? Container harbor-jobservice        Removed                                                                                                                                                                                               0.0s ? Container registryctl              Removed                                                                                                                                                                                               0.0s ? Container nginx                    Removed                                                                                                                                                                                               0.0s ? Container harbor-portal            Removed                                                                                                                                                                                               0.0s ? Container harbor-core              Removed                                                                                                                                                                                               0.0s ? Container registry                 Removed                                                                                                                                                                                               0.0s ? Container redis                    Removed                                                                                                                                                                                               0.0s ? Container harbor-db                Removed                                                                                                                                                                                               0.0s ? Container harbor-log               Removed                                                                                                                                                                                               0.0s ? Network harbor_harbor              Removed                                                                                                                                                                                               0.4s ? Network harbor_harbor-chartmuseum  Removed                                                                                                                                                                                               0.2s 
[root@docker harbor]# docker compose images
CONTAINER           REPOSITORY          TAG                 IMAGE ID            SIZE
[root@docker harbor]# rm -rf /root/harbor
[root@docker harbor]# rm -rf /root/harbor-online-installer-v2.3.5.tgz 
[root@docker harbor]#