本文章介绍kubernetes上部署harbor服务,且最终以http访问harbor

参考:https://github.com/goharbor/harbor-helm

部署方式

1、下载项目代码(master主机执行)

1
git clone https://gitee.com/yushanjin/kubernetes-harbor

2、提前创建本地目录,并修改权限(harbor主机执行)

1
2
3
4
5
6
7
8
mkdir -p /data/harbor/registry-data
mkdir -p /data/harbor/trivy-data
mkdir -p /data/harbor/job-logs
mkdir -p /data/harbor/psc
mkdir -p /data/harbor/chartmuseum-data
mkdir -p /data/harbor/redis-data
mkdir -p /data/harbor/database-data
chmod 777 -R /data/harbor

3、进入harbor目录,修改core.yaml配置文件,如下字段:(master主机执行)

EXT_ENDPOINT: “http://192.168.56.129:30002"

192.168.56.129为nodeIP

4、给harbor主机打标签(master主机执行,目的是强制将harbor服务部署到harbor主机上)

1
kubectl label nodes {{harbor节点名称}} app=harbor

5、返回harbor目录上一级,执行如下命令,创建harbor服务,待以下服务正常即可(master主机执行)

1
kubectl apply -f harbor

image

6、浏览器登录harbor(http://nodeIP:30002, 用户名/密码:admin/Harbor12345)

image

7、验证可以push镜像(任一主机均可)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
root@ubuntu-002:~# cat /etc/docker/daemon.json 
{
  "insecure-registries": ["192.168.56.129:30002"]
}

root@ubuntu-002:~# systemctl restart docker

root@ubuntu-002:~# docker login 192.168.56.129:30002
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

root@ubuntu-002:~# docker tag mysql:5.7 http://192.168.56.129:30002/zjlab/mysql:5.7

zjlab为提前在harbor创建的project名字

root@ubuntu-002:~# docker push 192.168.56.129:30002/zjlab/mysql:5.7
The push refers to repository [192.168.56.129:30002/zjlab/mysql]
bbf075073d31: Pushed 
0774d1a514a9: Pushed 
60b9eaeaaabc: Pushed 
06e3384a2b84: Pushed 
98d98806c8ac: Pushed 
0394a41efa73: Pushed 
c484a3b6d841: Pushed 
6d23902c2a54: Pushed 
74c86dffd46f: Pushed 
ef4a33cee7a0: Pushed 
cb42413394c4: Pushed 
5.7: digest: sha256:45ad5952e4f304d39aedb02caf7e0afc30a310e66f7ab60af8acf20fd4a0f54c size: 2621