此篇文档为生产系统K8S环境迁移服务，在全部文档中编号为3,harbo环境准备

软件下载

wget https://github.com/goharbor/harbor/releases/download/v2.1.0/harbor-offline-installer-v2.1.0.tgz

操作

tar zxfv harbor-offline-installer-v2.1.0.tgz

cp -r harbor /server/src/harbor-2.1.0

ln -s /server/src/harbor-2.1.0 /server/harbor

cd  /server/harbor

cp harbor.yml.tmpl harbor.yml

软链操作是在工作过程中的一个技巧，方便版本控制，升级等

修改配置文件harbor.yml

标准文件内容过多，只贴出修改部分

hostname: harbor.ylls.com
 
 port: 28089
 
 
 harbor_admin_password: Harbor12345
 
 # Harbor DB configuration
database:
  # The password for the root user of Harbor DB. Change this before any    production use.
  password: root123
  
  
  data_volume: /server/data/harbor
  
  # Log configurations
log:
  # options are debug, info, warning, error, fatal
  level: info
  # configs for logs in local storage
  local:
    # Log files are rotated log_rotate_count times before being removed.   If count is 0, old versions are removed rather than rotated.
    rotate_count: 50
    # Log files are rotated only if they grow bigger than log_rotate_size  bytes. If size is followed by k, the size is assumed to be in kilobytes.
    # If the M is used, the size is in megabytes, and if G is used, the    size is in gigabytes. So size 100, size 100k, size 100M and size 100G
    # are all valid.
    rotate_size: 200M
    # The directory on your host that store log
    location: /server/log/harbor
    

安装

sh install.sh

在/etc/docker/daemon.json中添加一条 "insecure-registries": ["harbor.ylls.com"] 表示用http登陆harbor

nginx 配置

 server {
        listen     80;
        server_name   harbor.ylls.com;
        rewrite ^(.*)$ https://${server_name}$1 permanent;
     }



 server {
        listen 443 ssl;
        server_name harbor.ylls.com;
        client_max_body_size 1000m;
        ssl_certificate   /server/nginx/conf/certs/nginx.pem;
        ssl_certificate_key  /server/nginx/conf/certs/nginx-key.pem;
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout 10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        location / {

        proxy_pass http://127.0.0.1:28089;
        proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
       }


}  

bind 配置

在bind的ylls.com.zone文件中添加记录

 $TTL 1D
@       IN SOA  ylls.com. email.com. (
                                        1       ; serial
                                        1D      ; refresh
                                        1H      ; retry
                                        1W      ; expire
                                        3H )    ; minimum
                IN  NS   master
test  IN  A    172.17.0.2
harbor    A    172.27.10.10

serial 前滚一个序号（+1）

后续操作与测试

进入Harbor管理界面，添加一个仓库base

docker login habro.ylls.com

Username:admin

Password:Harbor12345

docker tag d3967b3ba9a8 harbor.ylls.com/base/centos:7

docker push harbor.ylls.com/base/centos:7