1. 개요
2. 다운로드
홈페이지 : https://github.com/goharbor/harbor/releases
$ wget https://storage.googleapis.com/harbor-releases/release-1.9.0/harbor-online-installer-v1.9.0.tgz --2019-09-30 23:17:36-- https://storage.googleapis.com/harbor-releases/release-1.9.0/harbor-online-installer-v1.9.0.tgz Resolving storage.googleapis.com (storage.googleapis.com)... 172.217.161.80, 2404:6800:4004:81b::2010 Connecting to storage.googleapis.com (storage.googleapis.com)|172.217.161.80|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 8396 (8.2K) [application/x-tar] Saving to: ‘harbor-online-installer-v1.9.0.tgz’ harbor-online-installer-v1.9.0.tgz 100%[==================================================================================================================>] 8.20K --.-KB/s in 0s 2019-09-30 23:17:42 (78.8 MB/s) - ‘harbor-online-installer-v1.9.0.tgz’ saved [8396/8396]
파일을 확인한다.
$ ls -tlr total 32 -rwxr-xr-x 1 ubuntu ubuntu 1748 Sep 19 05:59 prepare -rwxr-xr-x 1 ubuntu ubuntu 5088 Sep 19 05:59 install.sh -rw-r--r-- 1 ubuntu ubuntu 5805 Sep 19 05:59 harbor.yml -rw-r--r-- 1 ubuntu ubuntu 11347 Sep 19 05:59 LICENSE
3. 설치 시작
install.sh 실행한다.
$ ./install.sh ➜ Please set hostname and other necessary attributes in harbor.yml first. DO NOT use localhost or 127.0.0.1 for hostname, because Harbor needs to be accessed by external clients. Please set --with-notary if needs enable Notary in Harbor, and set ui_url_protocol/ssl_cert/ssl_cert_key in harbor.yml bacause notary must run under https. Please set --with-clair if needs enable Clair in Harbor Please set --with-chartmuseum if needs enable Chartmuseum in Harbor
-> 이 메시지가 나오면 harbor.yml에서 호스트명 변경
$ ./install.sh [Step 0]: checking installation environment ... Note: docker version: 18.09.7 ✖ Need to install docker-compose(1.18.0+) by yourself first and run this script again.
-> 이 메시지가 나오면 docker-compose를 설치
$ ./install.sh [Step 0]: checking installation environment ... Note: docker version: 18.09.7 Note: docker-compose version: 1.24.1 [Step 1]: preparing environment ... prepare base dir is set to /home/ubuntu/harbor/harbor docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.39/containers/create: dial unix /var/run/docker.sock: connect: permission denied. See 'docker run --help'.
-> 이 메시지가 나오면 sudo로 실행
$ sudo ./install.sh [Step 0]: checking installation environment ... Note: docker version: 18.09.7 Note: docker-compose version: 1.24.1 [Step 1]: preparing environment ... prepare base dir is set to /home/ubuntu/harbor/harbor Unable to find image 'goharbor/prepare:v1.9.0' locally v1.9.0: Pulling from goharbor/prepare a1fd40743af1: Pull complete 2abd879a065c: Pull complete 97e2250cf3db: Pull complete 4aa32a250145: Pull complete a9edf7ed2d3d: Pull complete 9960c7e0f209: Pull complete c3f6c5fd4eca: Pull complete Digest: sha256:3ab709e7f62dac42b729535a13a7fba6fed92071bab75b5ba7f1bb26a59db20f Status: Downloaded newer image for goharbor/prepare:v1.9.0 Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml Generated and saved secret to file: /secret/keys/secretkey Generated certificate, key file: /secret/core/private_key.pem, cert file: /secret/registry/root.crt Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir
4. 확인
브라우저로 http://로 접속한다. (80번 포트임)
로그인 정보는 harbor.yml에 들어있다.
5. HTTPS 설정
애초에 harbor.yml에 https 설정을 했으면 상관없는데 이미 설치가 완료된 상태에서 https를 설정하는 방법이다.
5.1. harbor.yml 수정
(물론 key는 이미 생성되어 있는 상태임)
https: port: 443 certificate: /home/ubuntu/key/server.crt private_key: /home/ubuntu/key/server.key
5.2. prepare 실행
$ sudo ./prepare prepare base dir is set to /home/ubuntu/harbor Generated configuration file: /config/log/logrotate.conf Generated configuration file: /config/log/rsyslog_docker.conf Generated configuration file: /config/nginx/nginx.conf Generated configuration file: /config/core/env Generated configuration file: /config/core/app.conf Generated configuration file: /config/registry/config.yml Generated configuration file: /config/registryctl/env Generated configuration file: /config/db/env Generated configuration file: /config/jobservice/env Generated configuration file: /config/jobservice/config.yml loaded secret from file: /secret/keys/secretkey Generated configuration file: /compose_location/docker-compose.yml Clean up the input dir
5.3. docker compose down
$ sudo docker-compose down -v Stopping nginx ... done Stopping harbor-jobservice ... done Stopping harbor-core ... done Stopping registryctl ... done Stopping redis ... done Stopping harbor-portal ... done Stopping registry ... done Stopping harbor-db ... done Stopping harbor-log ... done Removing nginx ... done Removing harbor-jobservice ... done Removing harbor-core ... done Removing registryctl ... done Removing redis ... done Removing harbor-portal ... done Removing registry ... done Removing harbor-db ... done Removing harbor-log ... done Removing network harbor_harbor
5.4. docker compuse up
$ sudo docker-compose up -d Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating harbor-portal ... done Creating harbor-db ... done Creating registry ... done Creating registryctl ... done Creating redis ... done Creating harbor-core ... done Creating harbor-jobservice ... done Creating nginx ... done
6. docker push
6.1. docker login
$ sudo docker login ip-172-31-8-20:443 Username: kasey88 Password: WARNING! Your password will be stored unencrypted in /home/ubuntu/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
6.2. docker tag
$ sudo docker tag appscan:0.1 ip-172-31-8-20:443/kasey88/apps:0.1
6.3. docker push
$ sudo docker push ip-172-31-8-20:443/kasey88/apps:0.1
docker images
로 확인한다.
$ sudo docker images REPOSITORY TAG IMAGE ID CREATED SIZE apps 0.1 f80dee56d41e 17 hours ago 90.8MB ip-172-31-8-20:443/kasey88/apps 0.1 f80dee56d41e 17 hours ago 90.8MB