安装harbor 镜像仓库

最新推荐文章于 2025-06-28 08:16:11 发布

discsthnew

最新推荐文章于 2025-06-28 08:16:11 发布

阅读量1.4k

点赞数

CC 4.0 BY-SA版权

分类专栏： kubernetes 文章标签： kubernetes harbor

本文链接：https://blog.youkuaiyun.com/mailjoin/article/details/79679922

kubernetes 专栏收录该内容

20 篇文章

订阅专栏

本文详细介绍了如何使用Kubernetes部署Harbor私有仓库的过程，包括安装包下载、配置文件编辑、资源创建及访问等关键步骤。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

donwload pkg

http://harbor.orientsoft.cn/harbor-1.2.0/harbor-offline-installer-v1.2.0.tgz

wget http://harbor.orientsoft.cn/harbor-1.2.0/harbor-offline-installer-v1.2.0.tgz
tar xf harbor-*.tgz
cd harbor

git clone https://github.com/vmware/harbor.git
将`make`目录下的`kubernetes` 拷贝至 harbor目录下
[root@walker-1 harbor-v1.2.0]# ls
common                    docker-compose.notary.yml  harbor_1_1_0_template  harbor.v1.2.0.tar.gz  kubernetes  NOTICE   upgrade
docker-compose.clair.yml  docker-compose.yml         harbor.cfg             install.sh            LICENSE     prepare

下载好安装包后，载入harbor的docker镜像。

docker load -i harbor.v1.2.0.tar.gz

Configure

1. 编辑`harbor.cfg`

```
## Configuration file of Harbor

#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname = harbor.exmple.com:31883

#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol = http

#The password for the root user of mysql db, change this before any production use.
db_password = hello123

...
```

如果采用ingress的方式方式，则应将hostname设为域名形式。
31883 为ingress的http Nodeport 端口

2. 生成配置文件

    ./k8s_prepare

3. 编辑`kubernetes/registry.deploy.yaml`

    spec:
      containers:
      - name: registry-app
        image: vmware/registry:2.6.2-photon
        #image: registry:2.5.0
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 5000
        - containerPort: 5001
        volumeMounts:
        - name: config
          mountPath: /etc/docker/registry
        - name: storage
          mountPath: /storage

将/etc/registry 改为 /etc/docker/registry

4. 编辑`kubernetes/registry.cm.yaml`

auth:
  token:
    issuer: harbor-token-issuer
    realm: http://harbor.example.com:31883/service/token
    rootcertbundle: /etc/docker/registry/root.crt
    service: harbor-registry

将/etc/registry/root.crt 改为 /etc/docker/registry/root.crt

5. 创建

[root@walker-1 kubernetes]# cat create.sh 
# create harbor namespace
kubectl create ns harbor

# create pv & pvc
kubectl apply -f ./pv/log.pv.yaml
kubectl apply -f ./pv/registry.pv.yaml
kubectl apply -f ./pv/storage.pv.yaml
kubectl apply -f ./pv/log.pvc.yaml
kubectl apply -f ./pv/registry.pvc.yaml
kubectl apply -f ./pv/storage.pvc.yaml

# create config map
kubectl apply -f ./jobservice/jobservice.cm.yaml
kubectl apply -f ./mysql/mysql.cm.yaml
kubectl apply -f ./registry/registry.cm.yaml
kubectl apply -f ./ui/ui.cm.yaml
kubectl apply -f ./adminserver/adminserver.cm.yaml

# create service
kubectl apply -f ./jobservice/jobservice.svc.yaml
kubectl apply -f ./mysql/mysql.svc.yaml
kubectl apply -f ./registry/registry.svc.yaml
kubectl apply -f ./ui/ui.svc.yaml
kubectl apply -f ./adminserver/adminserver.svc.yaml

# create k8s deployment
kubectl apply -f ./registry/registry.deploy.yaml
kubectl apply -f ./mysql/mysql.deploy.yaml
kubectl apply -f ./jobservice/jobservice.deploy.yaml
kubectl apply -f ./ui/ui.deploy.yaml
kubectl apply -f ./adminserver/adminserver.deploy.yaml

# create k8s ingress
# kubectl apply -f ./ingress.yaml

为了方便管理和查看，将harbor放入harbor namespace中

6. 访问

[root@walker-1 kubernetes]# kubectl get po -n harbor
NAME                           READY     STATUS    RESTARTS   AGE
adminserver-67d98fb8d6-lhtp5   1/1       Running   0          3h
jobservice-767cf6c4d5-4xmcn    1/1       Running   0          3h
mysql-d4b97c58-hqtwj           1/1       Running   0          3h
registry-6cd6f994-7qnxm        1/1       Running   0          1h
ui-5bdfd85f59-q55wr            1/1       Running   0          3h

确保pod运行正常后，打开浏览器，使用harbor.example.com:31883来访问UI

需要将域名写入到hosts文件中

页面如下所示：

7. 删除

[root@walker-1 kubernetes]# cat delete.sh 
# create pv & pvc
kubectl delete -f ./pv/log.pv.yaml
kubectl delete -f ./pv/registry.pv.yaml
kubectl delete -f ./pv/storage.pv.yaml
kubectl delete -f ./pv/log.pvc.yaml
kubectl delete -f ./pv/registry.pvc.yaml
kubectl delete -f ./pv/storage.pvc.yaml

# create config map
kubectl delete -f ./jobservice/jobservice.cm.yaml
kubectl delete -f ./mysql/mysql.cm.yaml
kubectl delete -f ./registry/registry.cm.yaml
kubectl delete -f ./ui/ui.cm.yaml
kubectl delete -f ./adminserver/adminserver.cm.yaml

# create service
kubectl delete -f ./jobservice/jobservice.svc.yaml
kubectl delete -f ./mysql/mysql.svc.yaml
kubectl delete -f ./registry/registry.svc.yaml
kubectl delete -f ./ui/ui.svc.yaml
kubectl delete -f ./adminserver/adminserver.svc.yaml

# create k8s deployment
kubectl delete -f ./registry/registry.deploy.yaml
kubectl delete -f ./mysql/mysql.deploy.yaml
kubectl delete -f ./jobservice/jobservice.deploy.yaml
kubectl delete -f ./ui/ui.deploy.yaml
kubectl delete -f ./adminserver/adminserver.deploy.yaml

# create k8s ingress
# kubectl delete -f ./ingress.yaml


# delete harbor namespace
kubectl delete ns harbor