docker private warehouse

Keywords: Linux Docker Database Vmware

Introduction to Harbor

Deploying the Docker Compose service on which Harbor depends
Deploy Harbor Service
Harbor Daily Operations Management
Harbor Management Life Cycle

Harbor is an open source enterprise Docker Registry project for VMware

Advantages of Harbor

Role-based Control
 Mirror-based replication strategies
 Support for LDAP/AD
 Image deletion and garbage collection
 Graphic UI
 Unified acceptance of browser, Docker client requests through a front-end reverse proxy and forwarding requests to different services on the back-end
 Responsible for storing Docker images and handling docker push/pull commands
Core services
 Core features of Harbor, including UI,webhook,token services
 Provide database services for core service
Log collector
 Responsible for collecting log s for other components for future analysis

Docker Private Warehouse Architecture Topology

Users request access to Core services through the Proxy reverse proxy. The UI provides a web interface, token token. The server will give you a serial number after your first login. Next time you log in directly, you need to download the image information, attributes, all stored in the later database, and then retrieve the image from the registry private repository through the webhook callback.This series of operations is stored in the log.

------------------------------------------ Build harbor private warehouse-----------------------------------

harbor is deployed as multiple docker containers, so it can be deployed on any distribution of linux that supports docker
 We also need the docker-compose orchestration tool, which performs operations on multiple docker containers
[root@localhost ~]# mount.cifs // /abc/
Password for root@//  
[root@localhost ~]# cd /abc/
[root@localhost abc]# ls  docker-compose
[root@localhost abc]# cp docker-compose /usr/local/bin/

[root@localhost abc]# tar zxvf harbor-offline-installer-v1.2.2.tgz -C /usr/local/

[root@localhost abc]# cd /usr/local/
[root@localhost local]# ls
bin  etc  games  harbor  include  lib  lib64  libexec  sbin  share  src
[root@localhost local]# cd harbor/
[root@localhost harbor]# ls
common                     docker-compose.yml     harbor.v1.2.2.tar.gz  NOTICE
docker-compose.clair.yml   harbor_1_1_0_template            prepare
docker-compose.notary.yml  harbor.cfg             LICENSE               upgrade

hostname =

#Open Private Warehouse
[root@localhost harbor]# sh /usr/local/harbor/

[root@localhost harbor]# docker-compose ps

#If everything works, you can open a browser to access the administration page at
//The default username password is admin, Harbor12345

Let's start by creating a project where our type of mirror can be placed

#We upload images locally
[root@localhost harbor]# docker login -u admin -p Harbor12345

[root@localhost harbor]# docker pull cirros

[root@localhost harbor]# docker tag cirros
[root@localhost harbor]# docker images
REPOSITORY                  TAG                 IMAGE ID            CREATED             SIZE       v1                  bc94bceaae77        12 months ago       10.3MB
cirros                      latest              bc94bceaae77        12 months ago       10.3MB

[root@localhost harbor]# docker push
The push refers to repository []
abbd6d6ac643: Pushed 
75b99987219d: Pushed 
0cc237193a30: Pushed 
v1: digest: sha256:96137d51e0e46006243fa2403723eb47f67818802d1175b5cde7eaa7f19446bd size: 943

We check the web interface to see if the image was uploaded successfully

#Remote client uploads mirror to private repository
#Remote login error
[root@localhost ~]# docker login -u admin -p Harbor12345
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get dial tcp connect: connection refused
#We want to specify the private warehouse columns
[root@localhost ~]# vim /usr/lib/systemd/system/docker.service 
14 ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry --containerd=/run/contai    nerd/containerd.sock

[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl restart docker

[root@localhost ~]# docker login -u admin -p Harbor12345

#Remote download of mirror for private repository
[root@localhost ~]# docker pull

#Remote upload mirror to private repository
[root@localhost ~]# docker push
The push refers to repository []
abbd6d6ac643: Layer already exists 
75b99987219d: Layer already exists 
0cc237193a30: Layer already exists 
v2: digest: sha256:96137d51e0e46006243fa2403723eb47f67818802d1175b5cde7eaa7f

Web page validation

#Close harbor private warehouse

[root@localhost harbor]# docker-compose down -v

[root@localhost harbor]# ./prepare 

#Open Private Warehouse
[root@localhost harbor]# docker-compose up -d

Create User

#We use the user we just created to log in to the private repository
[root@localhost harbor]# docker login
Username: chen

We joined a user in the project

If you want to remove the service container while preserving the mirror database/database

docker-compose down -v

To redeploy, remove all data from the harbor service container

rm-rf /data/database/ /data/registry/

Posted by sirfartalot on Mon, 13 Jan 2020 16:19:25 -0800