Public and private repositories:
speed: The public warehouse runs through the public network, which is slow; The private warehouse runs through the internal network, that is, the local area network;
security: public warehouses are stored on public hard disks. Private warehouses are stored on their own server hard disks.
the most authoritative but slower:
https://hub.docker.com/
log in first:
$ docker login -usmallsoup
Password:
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeededdocker tag zookeeper:3.5 smallsoup/zookeeper:3.5
docker push smallsoup/zookeeper:3.5
private warehouse:
use the registry provided by docker to build a private warehouse locally:
docker pull registry:2.5.2
docker run -d -p 5000:5000 registry:2.5.2
docker tag zookeeper:3.5 localhost:5000/zookeeper:3.5
docker push zookeeper:3.5 localhost:5000/zookeeper:3.5because security is not set, you can directly push it up.
Because it is a local repository, the pull speed is very fast.
[root@localhost micro-service]# docker pull localhost:5000/zookeeper:3.5
3.5: Pulling from zookeeper
Digest: sha256:3474ec46da9db9dc27a431f9645a2df9c91d5b969f591fe0ccd4c40f2bfd1579
Status: Image is up to date for localhost:5000/zookeeper:3.5However, this private warehouse cannot meet our needs. In case the private warehouse server fails on the production line, other servers cannot take over. In addition, there is no page for easy management.
harbor in the industry mainly provides Dcoker Registry management UI, which can be based on role access control, AD/LDAP integration, log review and other functions. It fully supports Chinese and is very suitable for production environments.
harbor private warehouse construction
github address:
https://github.com/goharbor/harbor/releases
https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.5.3.tgz
this link is too slow, you can download it here:
http://harbor.orientsoft.cn/
the following harbor versions are harbor-offline-installer-v1.5.0.tgz
decompress:
tar -zxf harbor-offline-installer-v1.5.0.tgz[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-adminserver ...
Creating redis ... error
Creating harbor-db ...
Creating registry ...
Creating harbor-adminserver ... done
ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use
Creating harbor-db ... done
Creating registry ... done
Creating harbor-ui ... done
Creating nginx ... done
ERROR: for redis Cannot create container for service redis: b'Conflict. The container name "/redis" is already in use by container "c3813d66ccad284d3529227fabf3d5c19cb991237de8d3e72fc470ffd2cbfa99". You have to remove (or rename) that container to be able to reuse that name.'
ERROR: Encountered errors while bringing up the project.The preceding error is reported during installation because the server already has a container name named redis and the same name as the redis container to be installed in harbor. You need to rename the existing redis container name micro-service-redis:
$ docker ps -a --filter name=redis
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3813d66ccad hub.c.163.com/public/redis:2.8.4 "/run.sh" 2 days ago Up 42 hours 0.0.0.0:6379->6379/tcp redis
$ docker rename redis micro-service-redis
$ docker ps -aq --filter name=redis
c3813d66ccad
$ docker ps -a --filter name=redis
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3813d66ccad hub.c.163.com/public/redis:2.8.4 "/run.sh" 2 days ago Up 42 hours 0.0.0.0:6379->6379/tcp micro-service-redis[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating harbor-db ... done
Creating harbor-adminserver ... done
Creating registry ... done
Creating harbor-ui ... done
Creating harbor-jobservice ...
Creating nginx ...
ERROR: for harbor-jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: for nginx UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: for jobservice UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: for proxy UnixHTTPConnectionPool(host='localhost', port=None): Read timed out. (read timeout=60)
ERROR: An HTTP request took too long to complete. Retry with --verbose to obtain debug information.
If you encounter this issue regularly because of slow network conditions, consider setting COMPOSE_HTTP_TIMEOUT to a higher value (current value: 60).The above error is reported again, which may be caused by network problems. Try again./install:
[Step 4]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating redis ... done
Creating harbor-db ... done
Creating harbor-adminserver ... done
Creating registry ... done
Creating harbor-ui ... done
Creating nginx ... done
Creating harbor-jobservice ... done
----Harbor has been installed and started successfully.----
Now you should be able to visit the admin portal at http://hub.smallsoup.com.
For more details, please visit https://github.com/vmware/harbor .successful.
You can access the IP address of the harbor Deployment Server: Port 80 mapped to the host in docker-compose.yml;
the username is admin and the password is harbor_admin_password in harbor.cfg:
you can create a private repository micro-service:
in the system management-> User management dialog box that appears, add a user, click the project created in the previous step->> member->> Create member, and set permissions.
Project Administrator: has the pull, push, and other project management permissions;
developer: has the pull and push permissions;
visitor: only the pull permission is allowed.
Of the item various micro-service image push to harbor micro-service project:
$ docker images |grep -v "vmware"
REPOSITORY TAG IMAGE ID CREATED SIZE
api-gateway-zuul latest 8a814cf9bb65 23 hours ago 476MB
course-service latest 673d4501353e 23 hours ago 462MB
course-edge-service latest 854d5d8bddaa 23 hours ago 484MB
message-thrift-python-service latest 4317a76b387e 24 hours ago 926MB
user-edge-service latest ff07d54a02ba 25 hours ago 469MB
user-thrift-service latest 02dd6fd0f239 26 hours ago 456MB
python-base latest 81ad8926a9d9 26 hours ago 926MB
zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB
smallsoup/zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB
localhost:5000/zookeeper 3.5 c41e1dcd86e4 2 weeks ago 128MB
elasticsearch latest 5acf0e8da90b 2 weeks ago 486MB
registry 2.5.2 96ca477b7e56 3 weeks ago 37.8MB
registry 2 2e2f252f3c88 3 weeks ago 33.3MB
python 3.6 4f13b7f2138e 4 weeks ago 918MB
openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB
mysql latest 6a834f03bd02 4 weeks ago 484MB
hub.c.163.com/public/redis 2.8.4 4888527e1254 2 years ago 190MBtag:
docker tag openjdk:8-jre 192.168.1.103:80/micro-service/openjdk:8-jre$ docker images |grep -v "vmware" | grep open
openjdk 7-jre e4c851ec3393 4 weeks ago 329MB
192.168.1.103:80/micro-service/openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB
openjdk 8-jre 66bf39162ea7 4 weeks ago 443MB$ docker push 192.168.1.103:80/micro-service/openjdk:8-jre
The push refers to repository [192.168.1.103:80/micro-service/openjdk]
Get https://192.168.1.103:80/v2/: http: server gave HTTP response to HTTPS clientpush error. By default, the http protocol is used, that is, the ui_url_protocol value in harbor.cfg. https is troublesome. You need to generate a certificate. For more information, see:
set Https for Harbor
http://gapme.cn/2017/10/25/harbor-ui-https/
for the time being, http is used.
Solution to the preceding error:
in the/etc/docker/directory, create the daemon.json file. Write to the file:
{
"insecure-registries": [
"hub.smallsoup.com:80",
"192.168.1.103:80"
]
}systemctl restart docker
after docker restarts,./install or docker-compose down;docker-compose up -d restart harbor.
push basic images and Service images to the repository:
digression:
during installation, port 80 is mapped to Port 8081 of the host. Many problems are encountered during push (port 80 connection rejection is reported, which is probably the issue
https://github.com/goharbor/harbor/issues/192), found a lot of data, but still gave up, finally mapped to the host port 80, push everything OK.
It is troublesome to set hosts and PORT forwarding to push by using a domain name. The IP:PORT method is used as follows:
delete a tag with a domain name:
docker rmi -f hub.smallsoup.com:80/micro-service/openjdk:8-jrethe original text was released on October 6, 2018.
Author: Small Bowl soup
this article comes from "my small Bowl soup", a partner of Yunqi community. For more information, please pay attention to "my small Bowl soup"
Start Building Today with a Free Trial to 50+ Products
Learn and experience the power of Alibaba Cloud.
Sign Up Now
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
- About About
- About Alibaba Cloud
- Pricing Models
- Products
- Customers
- Partners
- Startups
- Apsara Conference
- Alibaba Cloud Summit
- Explore Explore
- China Gateway
- ICP License Support
- Getting Started
- Blog
- Marketplace
- Training & Certification