Public and private warehouses:
Speed: The public warehouse connects to the public network and the speed is slow. Private warehouse is the internal network, namely LAN;
Security: public warehouse stored on public hard disk; Private repositories exist on their own server hard drives.
Public warehouse:
The most authoritative, but slower:
*https://hub.docker.com/*
First login:
$ docker login -usmallsoup
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login SucceededCopy the code
Label and push image to hub repository:
Docker Push Smallsoup/Zookeeper :3.5Copy the code
Push succeeded, you can see it on the hub:
A private warehouse:
Build a private warehouse locally with Registry provided by Docker:
Docker pull Registry :2.5.2 Docker run -d -p 55:5000 Registry :2.5.2 Docker Tag Zookeeper :3.5 Localhost: 5000 / zookeeper: 3.5 docker push zookeeper: 3.5 localhost: 5000 / zookeeper: 3.5Copy the code
Security is not set, so it can be pushed directly.
Because it is a local warehouse, pull is very fast.
[root @ localhost micro - service] # docker pull localhost: 5000 / zookeeper: 3.5 3.5: Pulling the from zookeeper Digest: sha256:3474ec46da9db9dc27a431f9645a2df9c91d5b969f591fe0ccd4c40f2bfd1579 Status: The Image is the up to date for localhost: 5000 / zookeeper: 3.5Copy the code
But this private warehouse can not meet our needs, the production line tens of thousands of private warehouse server failure, other servers can not take over. Again, there are no pages that are easy to manage.
Harbor appears in the industry, mainly provides Dcoker Registry management UI, can be based on role access control, AD/LDAP integration, log audit and other functions, fully support Chinese, very suitable for production environment.
Harbor private warehouse construction
Making address:
*https://github.com/goharbor/harbor/releases*
Download address:
* * https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.5.3.tgz
This link is too slow and can be downloaded here:
*http://harbor.orientsoft.cn/*
The following version of Harbor is harbor-offline-Installer-v1.5.0. TGZ
First decompress:
Tar - ZXF harbor - offline installer - v1.5.0. TGZCopy the code
CFG and docker-comemage. yml can be modified before installing./install if special Settings are required
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-adminserver ...
Creating redis ... error
Creating harbor-db ...
Creating registry ...
Creating harbor-adminserver ... done
ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use
Creating harbor-db ... done
Creating registry ... done
Creating harbor-ui ... done
Creating nginx ... done
ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use by container "c3813d66ccad284d3529227fabf3d5c19cb991237de8d3e72fc470ffd2cbfa99". You have to remove (or rename) that container to be able to reuse that name.'
ERROR: Encountered errors while bringing up the project.Copy the code
Update harbor ‘s update harbor’ s update harbor ‘s update harbor’ s update harbor ‘s update harbor’ s update harbor ‘s update harbor’ s update Harbor
$ docker ps -a --filter name=redis CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3813d66ccad Hub.c.163.com/public/redis:2.8.4 "/ run. Sh" 2 days line Up 42 hours 0.0.0.0:6379 - > 6379 / TCP redis $docker rename redis micro-service-redis $ docker ps -aq --filter name=redis c3813d66ccad $ docker ps -a --filter name=redis CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c3813d66ccad hub.c.163.com/public/redis:2.8.4 "/ run. Sh 2 days" line Up to 42 hours 0.0.0.0:6379-6379 / TCP micro - service - > redisCopy the code
Then re-execute./install
[Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating redis ... done Creating harbor-db ... done Creating harbor-adminserver ... done Creating registry ... done Creating harbor-ui ... done Creating harbor-jobservice ... Creating nginx ... ERROR: for harbor-jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for nginx UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: for proxy UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60) ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information. If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higCopy the code
Error: The error may be caused by a network problem.
[Step 4]: starting Harbor ... Creating network "harbor_harbor" with the default driver Creating harbor-log ... done Creating redis ... done Creating harbor-db ... done Creating harbor-adminserver ... done Creating registry ... done Creating harbor-ui ... done Creating nginx ... done Creating harbor-jobservice ... Done stocking ----Harbor has been installed and started successfully.---- Now you should be able to visit the admin portal at http://hub.smallsoup.com. For more details, please visit https://github.com/vmware/harbor .Copy the code
A success.
You can access harbor deployment server IP: docker-comemess. yml 80 mapped to the host port;
The username is admin and the password is harborAdminPassword in harbor. CFG.
You can create a private repository micro-service:
In System Administration -> User Management, add a user, then click on the project created in the previous step ->> Member -> Create a member and set permissions.
Project manager: have pull, push and other project management rights;
Developers: have pull and push permissions;
Visitors: Only have the pull permission.
Visitor: Only PUL
Push each micro-service image of the project into harbor micro-service project:
$ docker images |grep -v "vmware" REPOSITORY TAG IMAGE ID CREATED SIZE api-gateway-zuul latest 8a814cf9bb65 23 hours ago 476MB course-service latest 673d4501353e 23 hours ago 462MB course-edge-service latest 854d5d8bddaa 23 hours ago 484MB message-thrift-python-service latest 4317a76b387e 24 hours ago 926MB user-edge-service latest ff07d54a02ba 25 hours ago 469MB user-thrift-service latest 02dd6fd0f239 26 hours ago 456MB python-base latest 81ad8926a9d9 26 hours ago 926MB Zookeeper 3.5c41e1dcd86e4 2 weeks ago 128MB smallsoup/ Zookeeper 3.5c41e1dcd86e4 2 weeks ago 128MB Localhost :5000/ Zookeeper 3.5c41e1dCD86e4 2 weeks ago 128MB ElasticSearch latest 5ACf0e8DA90b 2 weeks ago 486MB registry 2.5.2 96CA477b7e56 3 weeks ago 37.8MB Registry 2 2e2f252F3C88 3 weeks ago 33.3MB Python 3.6 4f13b7f2138e 4 weeks ago 918MB openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB mysql latest 6a834f03bd02 4 weeks ago 484MB Hub.c.163.com/public/redis 2.8.4 4888527 e1254 2 years line 190 MBCopy the code
Tag:
Docker tag its: 8 - jre 192.168.1.103:80 / micro - service/its: 8 - jreCopy the code
View mirror:
$ docker images |grep -v "vmware" | grep open openjdk 7-jre e4c851ec3393 4 weeks ago 329MB 192.168.1.103:80/micro-service/ openJDK 8-jre 66bf39162ea7 4 weeks ago 441 MB OpenJDKCopy the code
Push the mirror:
$docker push 192.168.1.103:80/micro-service/ openJDK :8-jre The push refers to repository [192.168.1.103:80 / micro - service/its] Get https://192.168.1.103:80/v2/: HTTP: server gave HTTP response to HTTPS clientCopy the code
Push an error. Because the default protocol is HTTP, that is, the UIURlProtocol value in harbor.cfg. HTTPS is troublesome and requires certificate generation. For details, see:
Set Https for Harbor
*http://gapme.cn/2017/10/25/harbor-ui-https/*
I’ll use HTTP for the moment.
Solutions to the above errors:
Create a daemon.json file in /etc/docker-/. Write in the file:
{"insecure-registries": ["hub.smallsoup.com:80", "192.168.1.103:80"]}Copy the code
Restart the docker:
systemctl restart dockerCopy the code
Docker-compose down: docker-compose down: docker-compose down: docker-compose down: docker-compose down: docker-compose down: docker-compose down Docker-compose up -d restarts harbor.
Push base images and individual service images to the library:
An aside:
During the installation process, port 80 was mapped to port 8081 of the host computer, and there were many problems when pushing (an error was reported that port 80 connection was rejected, which is probably this issue
https://github.com/goharbor/harbor/issues/192), find a lot of information, or to give up, the last port 80 is mapped to the host machine, push all ok.
Because it is troublesome to set hosts and PORT forwarding by using domain name, IP:PORT is used above:
Delete domain name tags:
docker rmi -f hub.smallsoup.com:80/micro-service/openjdk:8-jreCopy the code
Harbor can also reply [2] in the background of the public account with small series wechat request.
This public number provides CSDN download service for free, massive IT learning resources, if you are ready to enter the IT pit, inspirational to become an excellent program monkey, then these resources are suitable for you, including but not limited to Java, GO, Python, SpringCloud, ELK, embedded, big data, interview materials, front-end resources. At the same time, we have set up a technical exchange group, in which there are many big wigs who will share technical articles from time to time. If you want to learn and improve together, you can reply [2] on the background of the public account. We invite the technical exchange group to learn and improve each other for free, and we will share programming IT related resources from time to time.
Scan code attention, wonderful content for the first time to push to you