Difference between revisions of "Documentations"
(Created page with "* OpenStack User Guide * GPU-Cluster(Docker)3.0 User Guide * HowToEditWikiPages") |
Chentianjia (Talk | contribs) (怎样使用Harbor技术文档) |
||
| Line 2: | Line 2: | ||
* [[GPU-Cluster(Docker)3.0 User Guide]] | * [[GPU-Cluster(Docker)3.0 User Guide]] | ||
* [[HowToEditWikiPages]] | * [[HowToEditWikiPages]] | ||
| + | |||
| + | Docker 镜像仓库harbor快速部署和使用 | ||
| + | |||
| + | = 什么是Harbor? = | ||
| + | |||
| + | Harbor是VMware公司最近开源的企业级Docker Registry项目, 其目标是帮助用户迅速搭建一个企业级的Docker registry服务。它以Docker公司开源的registry为基础,提供了管理UI, 基于角色的访问控制(Role Based Access Control),AD/LDAP集成、以及审计日志(Audit logging) 等企业用户需求的功能,同时还原生支持中文。Harbor的每个组件都是以Docker容器的形式构建的,使用Docker Compose来对它进行部署。 | ||
| + | |||
| + | = Harbor安装 = | ||
| + | |||
| + | 首先。。一定要用pip安装docker-compose | ||
| + | pip在/root/chenTJ里面的get-pip.py | ||
| + | |||
| + | python get-pip.py即可 | ||
| + | |||
| + | git clone https://github.com/vmware/harbor | ||
| + | |||
| + | find / -name harbor.cfg | ||
| + | |||
| + | 修改 hostname 10.1.0.136 | ||
| + | |||
| + | 这里面还需要改ldap | ||
| + | |||
| + | #The url for an ldap endpoint. | ||
| + | ldap_url = ldap://10.1.0.201/ | ||
| + | |||
| + | #A user's DN who has the permission to search the LDAP/AD server. | ||
| + | #If your LDAP/AD server does not support anonymous search, you should configure this DN and ldap_search_pwd. | ||
| + | #ldap_searchdn = cn=Manager,dc=iiis,dc=co | ||
| + | |||
| + | #the password of the ldap_searchdn | ||
| + | ldap_search_pwd = XXXXX | ||
| + | |||
| + | #The base DN from which to look up a user in LDAP/AD | ||
| + | ldap_basedn = ou=users,dc=iiis,dc=co | ||
| + | |||
| + | #Search filter for LDAP/AD, make sure the syntax of the filter is correct. | ||
| + | #ldap_filter = (objectClass=inetOrgPerson) | ||
| + | |||
| + | # The attribute used in a search to match a user, it could be uid, cn, email, sAMAccountName or other attributes depending on your LDAP/AD | ||
| + | ldap_uid = cn | ||
| + | |||
| + | #the scope to search for users, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE | ||
| + | ldap_scope = 3 | ||
| + | |||
| + | 如果要用https 要在ui_url_protocol = http 改成https | ||
| + | |||
| + | 然后如图所示 | ||
| + | |||
| + | [[Imageforharbor:Imageforharbor1.png]] | ||
| + | |||
| + | [[Imageforharbor:Imageforharbor2.png]] | ||
| + | |||
| + | /root/harbor/harbor | ||
| + | |||
| + | ./prepare | ||
| + | |||
| + | docker-compose up -d | ||
| + | |||
| + | 就安装完毕了 | ||
| + | |||
| + | = 配置Harbor pull跟push = | ||
| + | |||
| + | 在 /usr/lib/systemd/system/docker.service 配置 | ||
| + | |||
| + | ExecStart=/usr/bin/dockerd -s overlay -g /data/docker --insecure-registry 10.1.1.4 -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock | ||
| + | |||
| + | 添加--insecure-registry 10.1.0.136 | ||
| + | |||
| + | == push == | ||
| + | |||
| + | docker images找到相关的镜像sudo docker pull ubuntu:14.04 | ||
| + | |||
| + | 或者用docker login 10.1.0.136 -u ldap账号 -p ldap密码 | ||
| + | |||
| + | docker tag ubuntu 10.1.0.136/test/ubuntu | ||
| + | |||
| + | docker push 10.1.0.136/test/ubuntu | ||
| + | |||
| + | == pull == | ||
| + | |||
| + | 在10.1.0.138 | ||
| + | |||
| + | docker login 10.1.0.136 -u ldap账号 -p ldap密码 | ||
| + | |||
| + | docker pull 10.1.0.136/library/ubuntu:14.04 | ||
| + | |||
| + | = Harbor界面管理 = | ||
| + | |||
| + | 在浏览器登录http://10.1.0.136/dashboard | ||
| + | |||
| + | 账号密码可以用ldap的即可 | ||
| + | |||
| + | 就可以看到如下内容 | ||
| + | |||
| + | [[Imageforharbor:Imageforharbor3.png]] | ||
| + | |||
| + | 参考文献: | ||
| + | |||
| + | http://www.tuicool.com/articles/z2ANb2U | ||
| + | |||
| + | https://github.com/vmware/harbor/blob/master/docs/user_guide.md | ||
Revision as of 11:03, 21 November 2016
Docker 镜像仓库harbor快速部署和使用
Contents
什么是Harbor?
Harbor是VMware公司最近开源的企业级Docker Registry项目, 其目标是帮助用户迅速搭建一个企业级的Docker registry服务。它以Docker公司开源的registry为基础,提供了管理UI, 基于角色的访问控制(Role Based Access Control),AD/LDAP集成、以及审计日志(Audit logging) 等企业用户需求的功能,同时还原生支持中文。Harbor的每个组件都是以Docker容器的形式构建的,使用Docker Compose来对它进行部署。
Harbor安装
首先。。一定要用pip安装docker-compose pip在/root/chenTJ里面的get-pip.py
python get-pip.py即可
git clone https://github.com/vmware/harbor
find / -name harbor.cfg
修改 hostname 10.1.0.136
这里面还需要改ldap
- The url for an ldap endpoint.
ldap_url = ldap://10.1.0.201/
- A user's DN who has the permission to search the LDAP/AD server.
- If your LDAP/AD server does not support anonymous search, you should configure this DN and ldap_search_pwd.
- ldap_searchdn = cn=Manager,dc=iiis,dc=co
- the password of the ldap_searchdn
ldap_search_pwd = XXXXX
- The base DN from which to look up a user in LDAP/AD
ldap_basedn = ou=users,dc=iiis,dc=co
- Search filter for LDAP/AD, make sure the syntax of the filter is correct.
- ldap_filter = (objectClass=inetOrgPerson)
- The attribute used in a search to match a user, it could be uid, cn, email, sAMAccountName or other attributes depending on your LDAP/AD
ldap_uid = cn
- the scope to search for users, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE
ldap_scope = 3
如果要用https 要在ui_url_protocol = http 改成https
然后如图所示
Imageforharbor:Imageforharbor1.png
Imageforharbor:Imageforharbor2.png
/root/harbor/harbor
./prepare
docker-compose up -d
就安装完毕了
= 配置Harbor pull跟push =
在 /usr/lib/systemd/system/docker.service 配置
ExecStart=/usr/bin/dockerd -s overlay -g /data/docker --insecure-registry 10.1.1.4 -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock
添加--insecure-registry 10.1.0.136
push
docker images找到相关的镜像sudo docker pull ubuntu:14.04
或者用docker login 10.1.0.136 -u ldap账号 -p ldap密码
docker tag ubuntu 10.1.0.136/test/ubuntu
docker push 10.1.0.136/test/ubuntu
pull
在10.1.0.138
docker login 10.1.0.136 -u ldap账号 -p ldap密码
docker pull 10.1.0.136/library/ubuntu:14.04
Harbor界面管理
在浏览器登录http://10.1.0.136/dashboard
账号密码可以用ldap的即可
就可以看到如下内容
Imageforharbor:Imageforharbor3.png
参考文献:
http://www.tuicool.com/articles/z2ANb2U
https://github.com/vmware/harbor/blob/master/docs/user_guide.md
