1.安装docker[rootharbor ~]# cat /etc/yum.repos.d/docker.repo EOF [docker] name docker baseurl https://mirrors.aliyun.com/docker-ce/linux/rhel/9.6/x86_64/stable/ gpgcheck 0 EOF [rootharbor ~]# dnf install docker-ce-3:28.5.2-1.el9 -y [rootharbor ~]# echo br_netfilter /etc/modules-load.d/docker_mod.conf [rootharbor ~]# modprobe -a br_netfilter [rootharbor ~]# vim /etc/sysctl.d/docker.conf net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1 [rootharbor ~]# sysctl --system [rootharbor ~]# vim /lib/systemd/system/docker.service ExecStart/usr/bin/dockerd -H fd:// --containerd/run/containerd/containerd.sock --iptablestrue [rootharbor ~]# systemctl daemon-reload [rootharbor ~]# systemctl enable --now docker2.生成key[rootharbor ~]# mkdir /data/certs -p [rootharbor ~]# mkdir /data/certs -p [rootharbor ~]# openssl req -newkey rsa:4096 \ -nodes -sha256 -keyout /data/certs/timinglee.org.key \ -addext subjectAltName DNS:reg.timinglee.org \ -x509 -days 365 -out /data/certs/timinglee.org.crt You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Shannxi Locality Name (eg, city) [Default City]:Xian Organization Name (eg, company) [Default Company Ltd]:kubernetes Organizational Unit Name (eg, section) []:harbor Common Name (eg, your name or your servers hostname) []:reg.timinglee.org Email Address []:admintiminglee.org3.编辑harbor配置文件[rootharbor ~]# tar zxf harbor-offline-installer-v2.5.4.tgz -C /opt/ [rootharbor ~]# cd /opt/harbor/ [rootharbor harbor]# ls common.sh harbor.v2.5.4.tar.gz harbor.yml.tmpl install.sh LICENSE prepare [rootharbor harbor]# cp harbor.yml.tmpl harbor.yml [rootharbor harbor]# vim harbor.yml certificate: /data/certs/timinglee.org.crt private_key: /data/certs/timinglee.org.key harbor_admin_password: lee [rootharbor harbor]# ./install.sh --with-chartmuseum4.启动并验证[rootharbor harbor]# mkdir /etc/docker/certs.d/reg.timinglee.org/ -p [rootharbor harbor]# cp /data/certs/timinglee.org.crt /etc/docker/certs.d/reg.timinglee.org/ca.crt [rootharbor harbor]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.200 harbor reg.timinglee.org [rootharbor harbor]# systemctl restart docker [rootharbor harbor]# docker compose up -d [rootharbor harbor]# docker login reg.timinglee.org -u admin Password: WARNING! Your credentials are stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/go/credential-store/ Login Succeeded如果启动失败docker compose ps查看服务状态如果服务不齐全·说明安装失败用./install重新安装
构建harbor镜像仓库
发布时间:2026/5/20 2:16:04
1.安装docker[rootharbor ~]# cat /etc/yum.repos.d/docker.repo EOF [docker] name docker baseurl https://mirrors.aliyun.com/docker-ce/linux/rhel/9.6/x86_64/stable/ gpgcheck 0 EOF [rootharbor ~]# dnf install docker-ce-3:28.5.2-1.el9 -y [rootharbor ~]# echo br_netfilter /etc/modules-load.d/docker_mod.conf [rootharbor ~]# modprobe -a br_netfilter [rootharbor ~]# vim /etc/sysctl.d/docker.conf net.bridge.bridge-nf-call-iptables 1 net.bridge.bridge-nf-call-ip6tables 1 net.ipv4.ip_forward 1 [rootharbor ~]# sysctl --system [rootharbor ~]# vim /lib/systemd/system/docker.service ExecStart/usr/bin/dockerd -H fd:// --containerd/run/containerd/containerd.sock --iptablestrue [rootharbor ~]# systemctl daemon-reload [rootharbor ~]# systemctl enable --now docker2.生成key[rootharbor ~]# mkdir /data/certs -p [rootharbor ~]# mkdir /data/certs -p [rootharbor ~]# openssl req -newkey rsa:4096 \ -nodes -sha256 -keyout /data/certs/timinglee.org.key \ -addext subjectAltName DNS:reg.timinglee.org \ -x509 -days 365 -out /data/certs/timinglee.org.crt You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ., the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:Shannxi Locality Name (eg, city) [Default City]:Xian Organization Name (eg, company) [Default Company Ltd]:kubernetes Organizational Unit Name (eg, section) []:harbor Common Name (eg, your name or your servers hostname) []:reg.timinglee.org Email Address []:admintiminglee.org3.编辑harbor配置文件[rootharbor ~]# tar zxf harbor-offline-installer-v2.5.4.tgz -C /opt/ [rootharbor ~]# cd /opt/harbor/ [rootharbor harbor]# ls common.sh harbor.v2.5.4.tar.gz harbor.yml.tmpl install.sh LICENSE prepare [rootharbor harbor]# cp harbor.yml.tmpl harbor.yml [rootharbor harbor]# vim harbor.yml certificate: /data/certs/timinglee.org.crt private_key: /data/certs/timinglee.org.key harbor_admin_password: lee [rootharbor harbor]# ./install.sh --with-chartmuseum4.启动并验证[rootharbor harbor]# mkdir /etc/docker/certs.d/reg.timinglee.org/ -p [rootharbor harbor]# cp /data/certs/timinglee.org.crt /etc/docker/certs.d/reg.timinglee.org/ca.crt [rootharbor harbor]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.200 harbor reg.timinglee.org [rootharbor harbor]# systemctl restart docker [rootharbor harbor]# docker compose up -d [rootharbor harbor]# docker login reg.timinglee.org -u admin Password: WARNING! Your credentials are stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/go/credential-store/ Login Succeeded如果启动失败docker compose ps查看服务状态如果服务不齐全·说明安装失败用./install重新安装
)
)
