标签:pwd red 文件 Opens 私钥 open jobs des starting
简介:实现harbor的https,用于数据加密传输,官方文档:https://github.com/vmware/harbor/blob/master/docs/configure_https.md
用两台服务器,一台harbor服务器,一台业务服务器作为harbor的测试机
制作CA私钥和自签名CA证书
[root@node1 ~]#mkdir mkdir -pv /usr/local/src/harbor/certs/
[root@node1 ~]#cd mkdir -pv /usr/local/src/harbor/certs/
[root@node1 certs]#openssl genrsa -out /usr/local/src/harbor/certs/harbor-ca.key
[root@node1 cetrs]# openssl req -x509 -new -nodes -key /usr/local/src/harbor/certs/harbor-ca.key -subj "/CN=harbor.linux.com" -days 7120 -out /usr/local/src/harbor/certs/harbor-ca.crt查看证书文件
[root@node1 certs]#ll
总用量 8
-rw-r--r-- 1 root root 1107 7月 11 08:43 harbor-ca.crt
-rw-r--r-- 1 root root 1679 7月 11 08:42 harbor-ca.key编辑harbor配置文件,添加证书
[root@node1 ~]#vim /usr/local/src/harbor/harbor.cfg
21:customize_crt = on
24:ssl_cert = /usr/local/src/harbor/certs/harbor-ca.crt
25:ssl_cert_key = /usr/local/src/harbor/certs/harbor-ca.key
28:secretkey_path = /usr/local/src/harbor/certs/创建目录
[root@node1 ~]#mkdir -pv /etc/docker/certs.d/harbor.linux.com/
[root@node1 ~]#cp /usr/local/src/harbor/certs/harbor-ca.crt /etc/docker/certs.d/harbor.linux.com/启动harbor
[root@node1 harbor]#pwd
/usr/local/src/harbor
[root@node1 harbor]#docker-compose start
Starting log ... done
Starting registry ... done
Starting registryctl ... done
Starting postgresql ... done
Starting adminserver ... done
Starting core ... done
Starting portal ... done
Starting redis ... done
Starting jobservice ... done
Starting proxy ... done配置harbor测试机
[root@node2 ~]#mkdir -pv /etc/docker/certs.d/harbor.linux.com/
[root@node2 ~]#scp 192.168.8.134:/usr/local/src/harbor/certs/harbor-ca.crt /etc/docker/certs.d/harbor.linux.com/上传测试
[root@node2 ~]#docker tag alpine:latest harbor.linux.com/kubernetes/alpine
[root@node2 ~]#docker push harbor.linux.com/kubernetes/alpine标签:pwd red 文件 Opens 私钥 open jobs des starting
原文地址:https://blog.51cto.com/14163901/2420251
