安装harbor
前言
本文介绍如何安装harbor
操作步骤
tar xvf harbor-offline-installer-v1.5.2.tgz
配置harbor.cfg;
hostname必须带端口,如hostname = 58.2.204.146:6110
email 配置
email_identity = email_server = smtp.angle.com email_server_port = 25email_username = projects@sangle.com email_password = pro email_from = project <projects@angle.com> email_ssl = falseemail_insecure = false
配置 Harbor 监听端口 docker-compose.yml
proxy: image: vmware/nginx-photon:v1.5.2 container_name: nginx restart: always volumes: - ./common/config/nginx:/etc/nginx:z networks: - harbor ports: - 6110:80 - 6111:443 - 6112:4443 depends_on: - mysql - registry - ui - log logging: driver: "syslog" options: syslog-address: "tcp://127.0.0.1:1514" tag: "proxy"
运行install.sh 开始安装Harbor;
harbor.cfg参数详细说明
参数类型
配置参数在文件 harbor.cfg内.
该文件中有2类参数,必须参数,和选填参数;
必须参数:这些参数是必须配置的,如果重新配置这些参数,需要重新执行install.sh
选配参数:这些参数不是必须填写的,我么可以设置成为默认参数,在WEB启动之后我们可以在UI界面中设置,该类参数只有第一次运行的时候会生效;
参数说明
Required parameters:
hostname: The target host's hostname, which is used to access the UI and the registry service. It should be the IP address or the fully qualified domain name (FQDN) of your target machine, e.g.,
192.168.1.10
orreg.yourdomain.com
. Do NOT uselocalhost
or127.0.0.1
for the hostname - the registry service needs to be accessible by external clients!ui_url_protocol: (http or https. Default is http) The protocol used to access the UI and the token/notification service. If Notary is enabled, this parameter has to be https. By default, this is http. To set up the https protocol, refer to Configuring Harbor with HTTPS Access.
db_password: The root password for the MySQL database used for db_auth. Change this password for any production use!
max_job_workers: (default value is 3) The maximum number of replication workers in job service. For each image replication job, a worker synchronizes all tags of a repository to the remote destination. Increasing this number allows more concurrent replication jobs in the system. However, since each worker consumes a certain amount of network/CPU/IO resources, please carefully pick the value of this attribute based on the hardware resource of the host.
customize_crt: (on or off. Default is on) When this attribute is on, the prepare script creates private key and root certificate for the generation/verification of the registry's token. Set this attribute to off when the key and root certificate are supplied by external sources. Refer to Customize Key and Certificate of Harbor Token Service for more info.
ssl_cert: The path of SSL certificate, it's applied only when the protocol is set to https
ssl_cert_key: The path of SSL key, it's applied only when the protocol is set to https
secretkey_path: The path of key for encrypt or decrypt the password of a remote registry in a replication policy.
log_rotate_count: Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.
log_rotate_size: Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes. If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G are all valid.
Optional parameters
Email settings: These parameters are needed for Harbor to be able to send a user a "password reset" email, and are only necessary if that functionality is needed. Also, do note that by default SSL connectivity is not enabled - if your SMTP server requires SSL, but does not support STARTTLS, then you should enable SSL by setting email_ssl = true. Setting email_insecure = true if the email server uses a self-signed or untrusted certificate. For a detailed description about "email_identity" please refer to rfc2595
email_server = smtp.mydomain.com
email_server_port = 25
email_identity =
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin sample_admin@mydomain.com
email_ssl = false
email_insecure = false
harbor_admin_password: The administrator's initial password. This password only takes effect for the first time Harbor launches. After that, this setting is ignored and the administrator's password should be set in the UI. Note that the default username/password are admin/Harbor12345 .
更多详细参数可见GITHUB 网站
- 点赞
- 收藏
- 关注作者
评论(0)