标签:tin error 管理 安装 target nerd nta his 防火墙
Docker--Harbor私有仓库 Docker--Harbor私有仓库
Harbor很重要 阿里云的镜像仓库必须掌握
#一.//查看Docker-Compose版本判断安装是否是成功
chmod +x docker-compose
cp docker-compose /usr/local/bin/
docker-compose -v
"由于Harbor镜像仓库的镜像管理要用到compose所以compose是预安装环境"
#二.//部署Harbor服务
1.下载Harbor安装程序
tar zxvf harbor-offline-installer-v1.2.2.tgz -C /usr/local
2. 配置Harbor参数文件并启动
vim /usr/local/harbor/harbor.cfg
//5 hostname = 192.168.100.200
sh install.sh
页面登陆 192.168.100.200
本地服务登陆docker login -u admin -p Harbor12345 http://127.0.0.1
3.本地上传镜像
[root@docker01 harbor]# docker tag nginx:latest 127.0.0.1/accp/nginx:v1
[root@docker01 harbor]# docker push 127.0.0.1/accp/nginx
//页面查看 192.168.100.200 能够查看到镜像
4.远程客户端登陆,尝试上传镜像
[root@localhost ~]# docker login -u admin -p Harbor12345 http://192.168.100.200
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://192.168.100.200/v2/: dial tcp 192.168.100.200:443: connect: connection refused
会报443错误,这是因为harbor是基于http 80而不是httpds
解决方法:
[root@localhost ~]# vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 192.168.100.200 --containerd=/run/containerd/containerd.sock
[root@localhost ~]# systemctl daemon-reload "重新加载系统程序"
[root@localhost ~]# systemctl restart docker.service "重启服务"
[root@localhost ~]# docker login -u admin -p Harbor12345 http://192.168.100.200
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
[root@localhost ~]# docker pull centos:7
[root@localhost ~]# docker tag centos:7 192.168.100.200/accp/centos7:v1
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
192.168.100.200/accp/centos7 v1 7e6257c9f8d8 6 weeks ago 203MB
centos 7 7e6257c9f8d8 6 weeks ago 203MB
[root@localhost ~]# docker push 192.168.100.200/accp/centos7
5.服务端拉取镜像
[root@docker01 ~]# docker pull 192.168.100.200/accp/centos7:v1
Error response from daemon: Get https://192.168.100.200/v2/: dial tcp 192.168.100.200:443: connect: connection refused
[root@docker01 ~]# docker pull 127.0.0.1/accp/centos7:v1
//会在harbor页面显示下载次数1次
6.创建用户管理项目
"用户管理,新建成员zhangsan"
[root@localhost ~]# docker logout http://192.168.100.200
[root@localhost ~]# docker login -u zhangsan -p Harbor12345 http://192.168.100.200
"客户端测试登陆"
7.报错总结
//报错:
docker-compose up -d
Creating network "harbor_harbor" with the default driver
ERROR:Failed to Setup IP tables: Unable to enable SKIP DNAT rule: (iptables failed:jptables
--wait-t nat-I DOCKER -i br-25094fc09b3c -j RETURN:jptables: No chain/target/match by that
name.
(exit status 1))
//解决:关闭防火墙后,docker需要重启
systemctl restart docker
docker-compose up -daemon
8.Harbor 容器的关闭与启动
docker-compose up -d "所有容器启动"
docker-compose down -v "所有Harbor容器停止,但保留数据镜像"
[root@docker01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1/accp/nginx v1 7e4d58f0e5f3 13 days ago 133MB
nginx latest 7e4d58f0e5f3 13 days ago 133MB
127.0.0.1/accp/centos7 v1 7e6257c9f8d8 6 weeks ago 203MB
vmware/harbor-log v1.2.2 36ef78ae27df 2 years ago 200MB
vmware/harbor-jobservice v1.2.2 e2af366cba44 2 years ago 164MB
vmware/harbor-ui v1.2.2 39efb472c253 2 years ago 178MB
vmware/harbor-adminserver v1.2.2 c75963ec543f 2 years ago 142MB
vmware/harbor-db v1.2.2 ee7b9fa37c5d 2 years ago 329MB
vmware/nginx-photon 1.11.13 6cc5c831fc7f 2 years ago 144MB
vmware/registry 2.6.2-photon 5d9100e4350e 3 years ago 173MB
vmware/postgresql 9.6.4-photon c562762cbd12 3 years ago 225MB
vmware/clair v2.0.1-photon f04966b4af6c 3 years ago 297MB
vmware/harbor-notary-db mariadb-10.1.10 64ed814665c6 3 years ago 324MB
vmware/notary-photon signer-0.5.0 b1eda7d10640 3 years ago 156MB
vmware/notary-photon server-0.5.0 6e2646682e3c 3 years ago 157MB
photon 1.0 e6e4e4a2ba1b 4 years ago 128MB
标签:tin error 管理 安装 target nerd nta his 防火墙
原文地址:https://blog.51cto.com/14625831/2548607