Harbor部署文档

安装docker

a)docker17.12.0-ce下载链接: https://pan.baidu.com/s/1oxAwdjcLxt91Fh2YdZB5dQ 提取码: 34d1
包含下述相关依赖包rpm包：

b)启动docker所需的docker-compose下载链接：https://pan.baidu.com/s/1WBMMLn2g15daXE0JDr0wMg 提取码: 6rz3
1)进入a)所下的rpm包文件夹中，执行下述命令

1	`rpm -ivh *.rpm --nodeps --force`

–nodeps就是安装时不检查依赖关系，比如你这个rpm需要A，但是你没装A，这样你的包就装不上，用了–nodeps你就能装上了。–force就是强制安装，比如你装过这个rpm的版本1，如果你想装这个rpm的版本2，就需要用–force强制安装
2)修改docker-compose权限,并移动到/usr/bin目录下

1 2	`chmod +x docker-compose mv docker-compose /usr/bin`

3)在/etc目录下创建docker文件夹，并在docker文件夹下编写daemon.json文件

mkdir /etc/docker
vim /etc/docker/daemon.json

cat /etc/docker/daemon.json
{
  "registry-mirrors":["https://registry.docker-cn.com"],
  "insecure-registries":["0.0.0.0/0"]
}

4)启动docker,并设置开机自启动

1 2	`systemctl start docker systemctl enable docker`

5)验证,输入docker info,若出现下图所示,则安装成功

安装harbor

安装包下载链接： https://pan.baidu.com/s/1HSgc0gaK_40LBhouERC3cg 提取码: gftp
1)解压

1	`tar -zxvf harbor-offline-installer-v1.4.0.tgz`

解压后的文件夹里包含下图所示文件

2)修改harbor配置文件

1	`vim harbor.cfg`

3)启动harbor

1 2	`./prepare 更新一下配置文件 ./install`

4)验证
查看启动的容器的健康状态：

1	`docker ps`

本机登录harbor仓库：

1	`docker login harbor仓库IP`

harbor外挂mysql、redis数据库

1)首先需要在mysql客户端新建一个registry数据库,并执行下述sql语句：

create table access (
  access_id int NOT NULL AUTO_INCREMENT,
  access_code char(1),
  comment varchar (30),
  primary key (access_id)
);
insert into access (access_code, comment) values
('M', 'Management access for project'),
('R', 'Read access for project'),
('W', 'Write access for project'),
('D', 'Delete access for project'),
('S', 'Search access for project');

create table role (
  role_id int NOT NULL AUTO_INCREMENT,
  role_mask int DEFAULT 0 NOT NULL,
  role_code varchar(20),
  name varchar (20),
  primary key (role_id)
  );
insert into role (role_code, name) values
  ('MDRWS', 'projectAdmin'),
  ('RWS', 'developer'),
  ('RS', 'guest');

create table user (
  user_id int NOT NULL AUTO_INCREMENT,
  username varchar(255),
  email varchar(255),
  password varchar(40) NOT NULL,
  realname varchar (255) NOT NULL,
  comment varchar (30),
  deleted tinyint (1) DEFAULT 0 NOT NULL,
  reset_uuid varchar(40) DEFAULT NULL,
  salt varchar(40) DEFAULT NULL,
  sysadmin_flag tinyint (1),
  creation_time timestamp NOT NULL default CURRENT_TIMESTAMP,
  update_time timestamp NOT NULL default CURRENT_TIMESTAMP,
  primary key (user_id),
  UNIQUE (username),
  UNIQUE (email)
 );
 insert into user (username, email, password, realname, comment, deleted, sysadmin_flag, creation_time, update_time) values ('admin', 'admin@example.com', '', 'system admin', 'admin user',0, 1, NOW(), NOW()),('anonymous','anonymous@example.com', '', 'anonymous user', 'anonymous user', 1, 0, NOW(), NOW());

create table project (
   project_id int NOT NULL AUTO_INCREMENT,
   owner_id int NOT NULL,
   name varchar (255) NOT NULL,
   creation_time timestamp NOT NULL default CURRENT_TIMESTAMP,
   update_time timestamp NOT NULL default CURRENT_TIMESTAMP,
   deleted tinyint (1) DEFAULT 0 NOT NULL,
   primary key (project_id),
   FOREIGN KEY (owner_id) REFERENCES user(user_id),
   UNIQUE (name)
  );
insert into project (owner_id, name, creation_time, update_time) values
 (1, 'library', NOW(), NOW());

create table project_member (
  project_id int NOT NULL,
  user_id int NOT NULL,
  role int NOT NULL,
  creation_time timestamp NOT NULL default CURRENT_TIMESTAMP,
  update_time timestamp NOT NULL default CURRENT_TIMESTAMP,
  PRIMARY KEY (project_id, user_id),
  FOREIGN KEY (role) REFERENCES role(role_id),
  FOREIGN KEY (project_id) REFERENCES project(project_id),
  FOREIGN KEY (user_id) REFERENCES user(user_id)
);
insert into project_member (project_id, user_id, role, creation_time, update_time) values(1, 1, 1, NOW(), NOW());

create table project_metadata (
  id int NOT NULL AUTO_INCREMENT,
  project_id int NOT NULL,
  name varchar(255) NOT NULL,
  value varchar(255),
  creation_time timestamp default CURRENT_TIMESTAMP,
  update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  deleted tinyint (1) DEFAULT 0 NOT NULL,
  PRIMARY KEY (id),
  CONSTRAINT unique_project_id_and_name UNIQUE (project_id,name),
  FOREIGN KEY (project_id) REFERENCES project(project_id)
);
insert into project_metadata (id, project_id, name, value, creation_time, update_time, deleted) values
(1, 1, 'public', 'true', NOW(), NOW(), 0);

create table access_log (
   log_id int NOT NULL AUTO_INCREMENT,
   username varchar (255) NOT NULL,
   project_id int NOT NULL,
   repo_name varchar (256),
   repo_tag varchar (128),
   GUID varchar(64),
   operation varchar(20) NOT NULL,
   op_time timestamp NOT NULL default CURRENT_TIMESTAMP,
   primary key (log_id),
   INDEX pid_optime (project_id, op_time)
);

create table repository (
  repository_id int NOT NULL AUTO_INCREMENT,
  name varchar(255) NOT NULL,
  project_id int NOT NULL,
  description text,
  pull_count int DEFAULT 0 NOT NULL,
  star_count int DEFAULT 0 NOT NULL,
  creation_time timestamp default CURRENT_TIMESTAMP,
  update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  primary key (repository_id),
  UNIQUE (name)
);

create table replication_policy (
   id int NOT NULL AUTO_INCREMENT,
   name varchar(256),
   project_id int NOT NULL,
   target_id int NOT NULL,
   enabled tinyint(1) NOT NULL DEFAULT 1,
   description text,
   deleted tinyint (1) DEFAULT 0 NOT NULL,
   cron_str varchar(256),
   filters varchar(1024),
   replicate_deletion tinyint (1) DEFAULT 0 NOT NULL,
   start_time timestamp NULL,
   creation_time timestamp default CURRENT_TIMESTAMP,
   update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
   PRIMARY KEY (id)
);

create table replication_target (
   id int NOT NULL AUTO_INCREMENT,
   name varchar(64),
   url varchar(64),
   username varchar(255),
   password varchar(128),
   target_type tinyint(1) NOT NULL DEFAULT 0,
   insecure tinyint(1) NOT NULL DEFAULT 0,
   creation_time timestamp default CURRENT_TIMESTAMP,
   update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
   PRIMARY KEY (id)
  );

 create table replication_job (
   id int NOT NULL AUTO_INCREMENT,
   status varchar(64) NOT NULL,
   policy_id int NOT NULL,
   repository varchar(256) NOT NULL,
   operation  varchar(64) NOT NULL,
   tags   varchar(16384),
   creation_time timestamp default CURRENT_TIMESTAMP,
   update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
   PRIMARY KEY (id),
   INDEX policy (policy_id),
   INDEX poid_uptime (policy_id, update_time)
  );

create table replication_immediate_trigger (
   id int NOT NULL AUTO_INCREMENT,
   policy_id int NOT NULL,
   namespace varchar(256) NOT NULL,
   on_push tinyint(1) NOT NULL DEFAULT 0,
   on_deletion tinyint(1) NOT NULL DEFAULT 0,
   creation_time timestamp default CURRENT_TIMESTAMP,
   update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
   PRIMARY KEY (id)
 );

create table img_scan_job (
  id int NOT NULL AUTO_INCREMENT,
  status varchar(64) NOT NULL,
  repository varchar(256) NOT NULL,
  tag   varchar(128) NOT NULL,
  digest varchar(128),
  creation_time timestamp default CURRENT_TIMESTAMP,
  update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  PRIMARY KEY (id)
);

create table img_scan_overview (
  id int NOT NULL AUTO_INCREMENT,
  image_digest varchar(128) NOT NULL,
  scan_job_id int NOT NULL,
  severity int NOT NULL default 0,
  components_overview varchar(2048),
  details_key varchar(128),
  creation_time timestamp default CURRENT_TIMESTAMP,
  update_time timestamp default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  PRIMARY KEY(id),
  UNIQUE(image_digest)
);

create table clair_vuln_timestamp (
  id int NOT NULL AUTO_INCREMENT,
  namespace varchar(128) NOT NULL,
  last_update timestamp NOT NULL,
  PRIMARY KEY(id),
  UNIQUE(namespace)
);

create table properties (
   id int NOT NULL AUTO_INCREMENT,
   k varchar(64) NOT NULL,
   v varchar(128) NOT NULL,
   PRIMARY KEY(id),
   UNIQUE (k)
);

CREATE TABLE IF NOT EXISTS `alembic_version` (
`version_num` varchar(32) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
insert into alembic_version values ('1.4.0');

2)修改harbor配置文件

1 2	`vim harbor.cfg ./db_host 搜索数据库配置项`

3)重启harbor服务

1
2
3

docker-compose down
./prepare
./install --ha

4)验证

harbor出现的问题（一）

当用dcoker ps查看harbor容器的状态时，发现为unheathly,此时用docker-compose down关闭出错
先用systemctl restart docker 命令重启docker;
若重启docker一直卡住不动，那就需要删除/var/lib下的docker目录（记住要先备份）;
2)若执行删除命令无法删除docker的目录

1
2
3

[root@master shell]# rm -rf /var/lib/docker
rm: 无法删除
"/var/lib/docker/overlay/50f73bfd98368e3d9f47aac7d23ae12b514ade1c283b88013995b12a5f238860/merged": 设备或资源忙

3)这是因为网络共享挂载导致无法删除，首先找到挂载的位置，然后取消挂载后，就可以删除。

1
2
3

[root@master shell]# cat /proc/mounts |grep "docker"
/dev/mapper/centos-root /var/lib/docker/overlay xfs rw,seclabel,relatime,attr2,inode64,noquota 0 0
overlay /var/lib/docker/overlay/50f73bfd98368e3d9f47aac7d23ae12b514ade1c283b88013995b12a5f238860/merged overlay rw,seclabel,relatime,lowerdir=/var/lib/docker/overlay/a764e1d503861296ffe63f9f3e20ccd440b12abbaceb5ba49ddac8640b1aad96/root,upperdir=/var/lib/docker/overlay/50f73bfd98368e3d9f47aac7d23ae12b514ade1c283b88013995b12a5f238860/upper,workdir=/var/lib/docker/overlay/50f73bfd98368e3d9f47aac7d23ae12b514ade1c283b88013995b12a5f238860/work 0 0

4）取消挂载

1	`umount /var/lib/docker/overlay/50f73bfd98368e3d9f47aac7d23ae12b514ade1c283b88013995b12a5f238860/merged`

5）再次查看

1 2	`[root@master shell]# cat /proc/mounts \|grep "docker" /dev/mapper/centos-root /var/lib/docker/overlay xfs rw,seclabel,relatime,attr2,inode64,noquota 0 0`

6）取消挂载

1	`[root@master shell]# umount /var/lib/docker/overlay`

7）现在删除一般可以正常删除。若cat /proc/mounts |grep “docker” 没有输出挂载信息,且提示/var/lib/docker/devicemapper不能删除，device or resource busy ,此时就需要重启机器,强制取消挂载
8）重启docker

1	`[root@master shell]# systemctl restart docker`