Deployment of Docker private warehouse

Keywords: Linux Docker Database Nginx Vmware

I. Harbor

Harbor is an open-source enterprise Docker Registry project of VMware company
(1) Harbor's strengths:

Role based control;
Mirror based replication strategy;
Support LDAP / AD;
Image deletion and garbage collection;
Graphic UI;

(2) Harbor Architecture Composition:
1. Proxy: a front-end reverse proxy uniformly accepts requests from the browser and Docker clients, and forwards the requests to different back-end services.
2. Registry: store the Docker image and process the docker push/pull command.
3. Core services: the core functions of Harbor, including UI, webhook and token services.
4. Database: provides database services for core services.
5. Log collector: collect logs of other components for future analysis.

2, Advantages of private warehouse:

In fact, the original source of the image of the private library is downloaded from the public library. However, why don't all enterprises directly use the image required by the public library to download? It is allowed to use registry to build the local private warehouse, which has the advantages that the public library does not have:
1. Save network bandwidth. For each image, you don't need to go to the central warehouse to download, you just need to download from the private warehouse;
2. Provide image resource utilization. For the image used within the company, it is pushed to the local private warehouse for use by relevant personnel within the company.
Next, you can build a private docker warehouse:

(1) Install related packages:

install harbor: 
[root@localhost abc]# tar zvxf harbor-offline-installer-v1.2.2.tgz -C /usr/local/
//To install docker compose:
[root@localhost abc]# cp docker-compose /usr/bin/
//Copy the docker compose command to the directory / bin /. After the system recognizes it, you can use the docker compose command directly.

(2) Modify the harbor.cfg configuration file:

(3) Start

[root@localhost local]# cd harbor/
[root@localhost harbor]# ls
common                     docker-compose.yml     harbor.v1.2.2.tar.gz  NOTICE
docker-compose.clair.yml   harbor_1_1_0_template            prepare
docker-compose.notary.yml  harbor.cfg             LICENSE               upgrade
[root@localhost harbor]# sh /usr/local/harbor/ / / enable

(4) To see if both the mirror and the container are started:

docker images      //View mirroring
docker ps -a       //View container
docker-compose ps  //View container

(5) Verification: access with browser
The user name, password and other information can be found in the file harbor.cfg. If they are not modified, the default is:
User name: admin
Password: Harbor 12345

(6) Create image manually (click "+ project"): create a project named myproject KGC:

(7) After the image is created, go back to the console and log in and push the image locally through through the docker command:

docker login -u admin -p Harbor12345

(8) Download an image from the public database and upload it to the private database:

[root@localhost harbor]# Docker pull mirrors / / download images
[root@localhost harbor]# Docker tag cirros / myproject KGC / cirros: V1 / / image change label

(9) Upload the image just labeled to the private library

[root@localhost harbor]# docker push

(10) After uploading, we can see the image in Harbor:

(11) Open a virtual machine as the client, connect Harbor to upload and download images:
1. First, modify the / usr/lib/systemd/system/docker.service configuration file, associate with the private library, and add the following code (be sure to add, otherwise an error will be reported):


2, loading

systemctl daemon-reload    //heavy load
systemctl restart docker   //restart

3. Login

docker login -u admin -p Harbor12345

4. Now we can download the existing image in the private library on this client:

docker pull

5. Or download an image from the public database, label it, and upload it to the private database:

[root@localhost ~]# docker pull cirros
[root@localhost ~]# docker tag cirros:latest
[root@localhost ~]# docker push

6. At this time, you can find another image uploaded in Harbor:

7. We can also download our commonly used images, label them and upload them to the private library:

[root@localhost ~]# docker pull nginx
[root@localhost ~]# docker tag nginx:latest
[root@localhost ~]# docker push

8. At this point, Harbor will have a new image:

3, Manage private bank:

[root@localhost harbor]# Docker compose down - V / / close all containers

[root@localhost harbor]# docker-compose up -d

Add user: user management - > create user (note password needs upper case + lower case)

[root@localhost ~]# docker logout
[root@localhost ~]# docker login

Posted by williamZanelli on Sun, 12 Jan 2020 19:27:25 -0800