1、設定fqdn
# 設定hostname 為kube-master
hostnamectl set-hostname kube-master
vi /etc/hosts # 網域名稱解析
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.31.10 kube-master.com kube-master
[root@kube-master harbor]# hostname -f
kube-master.harbor.com
[root@kube-master harbor]#
[root@kube-master harbor]# hostname
kube-master
#offline
wget
tar -xvf tar -xvf harbor-offline-installer-v1.8.2-rc1.tgz
#online:
hostname: kube-master.harbor.com
4、安裝docker和docker-compose
sudo yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine
sudo yum-config-manager --add-repo
sudo yum-config-manager --enable docker-ce-nightly
sudo yum-config-manager --enable docker-ce-test
sudo yum-config-manager --disable docker-ce-nightly
sudo yum install docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
sudo docker run hello-world
sudo curl -l " -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
執行完畢就可以通過網頁登陸
但是不能docker login kube-master.com出現問題
error response from daemon: get dial tcp 192.168.31.10:443: connect: connection refused
原因是docker預設是https協議,需要啟動,當然不啟動可以通過新增
6、新增證書啟動https
openssl genrsa -out ca.key 4096
openssl req -x509 -new -nodes -sha512 -days 3650 \
-subj "/c=tw/st=****ei/l=****ei/o=example/ou=personal/cn=kube-master.com" \
-key ca.key \
-out ca.crt
openssl genrsa -out kube-master.com.key 4096
openssl req -sha512 -new \
-subj "/c=tw/st=****ei/l=****ei/o=example/ou=personal/cn=kube-master.com" \
-key kube-master.com.key \
-out kube-master.com.csr
cat > v3.ext <<-eof
authoritykeyidentifier=keyid,issuer
basicconstraints=ca:false
keyusage = digitalsignature, nonrepudiation, keyencipherment, dataencipherment
extendedkeyusage = serverauth
subjectaltname = @alt_names
[alt_names]
dns.1=kube-master.com
dns.2=kube-master
dns.3=kube-master
eofopenssl x509 -req -sha512 -days 3650 \
-extfile v3.ext \
-ca ca.crt -cakey ca.key -cacreateserial \
-in kube-master.com.csr \
-out kube-master.com.crt
mkdir /data/cert -p
cp kube-master.com.crt kube-master.com.key /data/cert/
openssl x509 -inform pem -in kube-master.com.crt -out kube-master.com.cert
mkdir /etc/docker/certs.d/kube-master.com -p
cp kube-master.com.cert kube-master.com.key ca.crt /etc/docker/certs.d/kube-master.com/
private_key: /data/cert/kube-master.com.key8、重新配置,並重啟docker-compose
./prepare
docker-compose down -v
docker-compose up -d
docker login kube-master.com ok
網頁輸入 ok
10、如果希望在別的主機上登入需要設定host解析,linux設定開頭說過,windows設定如下:
修改c:\windows\system32\drivers\etc\hosts的許可權後
修改檔案內容
192.168.31.12 kube-master.com
然後開啟cmd,執行ipconfig /flushdns
執行完之後能看到成功提示,然後在網頁開啟即可
11、push&pull example
拷貝證書到你想要部署的機器上 /etc/docker/certs.d/kube-master..com/
Docker映象倉庫 Harbor
docker run net host name cg registry d p 5000 5000 v home docker mnt registry var lib registry registry 2 1 安裝pip wget python get pip.py 2 安裝docker co...
docker映象倉庫Harbor搭建
環境準備 2 docker 3 docker compose 4 harbor 安裝docker 和 docker compose就不多說了,自己自己去網上搜尋教程 wget 解壓tar zxvf harbor offline installer v1.1.2.tgz 解壓縮之後,進入目錄下會看到 ...
Docker搭建harbor私有倉庫
sudo curl l s uname m o usr local bin docker compose sudo chmod x usr local bin docker compose docker compose version3 解壓harbor 自簽https證書方式生產環境不用 不用自簽...