安装harbor

举报
Nick Qiu 发表于 2020/10/23 12:55:46 2020/10/23
【摘要】 前言本文介绍如何安装harbor操作步骤下载离线安装包: https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.5.2.tgz,解压文件tar xvf harbor-offline-installer-v1.5.2.tgz配置harbor.cfg;hostname必须带端口,如hostname =...

前言

本文介绍如何安装harbor

操作步骤

tar xvf harbor-offline-installer-v1.5.2.tgz
  • 配置harbor.cfg;

hostname必须带端口,如hostname = 58.2.204.146:6110

email 配置

email_identity = 

email_server = smtp.angle.com
email_server_port = 25email_username = projects@sangle.com
email_password = pro
email_from = project <projects@angle.com>
email_ssl = falseemail_insecure = false
  • 配置 Harbor 监听端口 docker-compose.yml

  proxy:
    image: vmware/nginx-photon:v1.5.2
    container_name: nginx
    restart: always
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    ports:
      - 6110:80
      - 6111:443
      - 6112:4443
    depends_on:
      - mysql
      - registry
      - ui
      - log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "proxy"
  • 运行install.sh 开始安装Harbor;

harbor.cfg参数详细说明

参数类型

配置参数在文件 harbor.cfg内.

该文件中有2类参数,必须参数,和选填参数;

必须参数:这些参数是必须配置的,如果重新配置这些参数,需要重新执行install.sh

选配参数:这些参数不是必须填写的,我么可以设置成为默认参数,在WEB启动之后我们可以在UI界面中设置,该类参数只有第一次运行的时候会生效;

参数说明

Required parameters:
  • hostname: The target host's hostname, which is used to access the UI and the registry service. It should be the IP address or the fully qualified domain name (FQDN) of your target machine, e.g., 192.168.1.10 or reg.yourdomain.comDo NOT use localhost or 127.0.0.1 for the hostname - the registry service needs to be accessible by external clients!

  • ui_url_protocol: (http or https. Default is http) The protocol used to access the UI and the token/notification service. If Notary is enabled, this parameter has to be https. By default, this is http. To set up the https protocol, refer to Configuring Harbor with HTTPS Access.

  • db_password: The root password for the MySQL database used for db_authChange this password for any production use!

  • max_job_workers: (default value is 3) The maximum number of replication workers in job service. For each image replication job, a worker synchronizes all tags of a repository to the remote destination. Increasing this number allows more concurrent replication jobs in the system. However, since each worker consumes a certain amount of network/CPU/IO resources, please carefully pick the value of this attribute based on the hardware resource of the host.

  • customize_crt: (on or off. Default is on) When this attribute is on, the prepare script creates private key and root certificate for the generation/verification of the registry's token. Set this attribute to off when the key and root certificate are supplied by external sources. Refer to Customize Key and Certificate of Harbor Token Service for more info.

  • ssl_cert: The path of SSL certificate, it's applied only when the protocol is set to https

  • ssl_cert_key: The path of SSL key, it's applied only when the protocol is set to https

  • secretkey_path: The path of key for encrypt or decrypt the password of a remote registry in a replication policy.

  • log_rotate_count: Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.

  • log_rotate_size: Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes. If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G are all valid.

Optional parameters
  • Email settings: These parameters are needed for Harbor to be able to send a user a "password reset" email, and are only necessary if that functionality is needed. Also, do note that by default SSL connectivity is not enabled - if your SMTP server requires SSL, but does not support STARTTLS, then you should enable SSL by setting email_ssl = true. Setting email_insecure = true if the email server uses a self-signed or untrusted certificate. For a detailed description about "email_identity" please refer to rfc2595

  • harbor_admin_password: The administrator's initial password. This password only takes effect for the first time Harbor launches. After that, this setting is ignored and the administrator's password should be set in the UI. Note that the default username/password are admin/Harbor12345 .

更多详细参数可见GITHUB 网站


【版权声明】本文为华为云社区用户翻译文章,如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容, 举报邮箱:cloudbbs@huaweicloud.com
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。