云原生Kubernetes: K8S 1.29版本 部署Harbor

2024-05-03 07:52
文章标签 云原生 部署 kubernetes 版本 k8s harbor 1.29

本文主要是介绍云原生Kubernetes: K8S 1.29版本 部署Harbor,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!

目录

一、实验

1.环境

2.Linux 部署docker compose

3.证书秘钥配置

4.K8S 1.29版本 部署Harbor

5.K8S 1.29版本 使用Harbor

二、问题

1.docker 登录harbor失败

一、实验

1.环境

(1)主机

表1 主机

主机架构版本IP备注
masterK8S master节点1.29.0192.168.204.8

node1K8S node节点1.29.0192.168.204.9
node2K8S node节点1.29.0192.168.204.10已部署Kuboard

(2)master节点查看集群

1)查看node
kubectl get node2)查看node详细信息
kubectl get node -o wide

(3)查看pod

[root@master ~]# kubectl get pod -A

(4) 访问Kuboard

http://192.168.204.10:30080/kuboard/cluster

查看节点

(5)查看docker版本

docker -v

master节点

node1节点

node2节点

2.Linux 部署docker compose

(1) 查阅

https://github.com/docker/compose/releases

最新版为v2.27.0

(2) 下载

https://github.com/docker/compose/releases/download/v2.27.0/docker-compose-linux-x86_64

(3) 查看

[root@master ~]# ls | grep docker

(4)移动并更名为docker-compose

[root@master ~]# mv docker-compose-linux-x86_64 /usr/bin/docker-compose

(5)为二进制文件添加可执行权限

[root@master ~]# chmod +x /usr/bin/docker-compose

(6)查看docker-compse版本

[root@master ~]# docker-compose version

 3.证书秘钥配置

(1)确认openssl

[root@master harbor]# rpm -q openssl

(2)创建文件夹用于存放生成的证书秘钥文件

[root@master ~]# mkdir -p /harbor/certs/

(3) 生成私钥

[root@master ~]# openssl genrsa -out ca.key 4096

(4)证书秘钥与IP绑定

openssl req -x509 -new -nodes -sha512 -days 3650 \-subj "/C=CN/ST=Nanjing/L=Nanjing/O=example/OU=Personal/CN=192.168.204.8" \-key ca.key \-out ca.crt

(5)移动证书位置并查看

[root@master ~]# mv ca* /harbor/certs
[root@master ~]# ls /harbor/certs/

4.K8S 1.29版本 部署Harbor

(1) 查阅

https://github.com/goharbor/harbor/releases

最新版为v2.10.2

(2) 下载

https://github.com/goharbor/harbor/releases/download/v2.10.2/harbor-offline-installer-v2.10.2.tgz

(3)查看

[root@master ~]# ls | grep harbor

(4)解压

[root@master ~]# tar xf harbor-offline-installer-v2.10.2.tgz

(6)进入目录并查看

[root@master ~]# cd harbor/
[root@master harbor]# ls

(7) 修改名称

[root@master harbor]# mv harbor.yml.tmpl harbor.yml

(8)监听端口

8800与8443没有被占用

[root@master harbor]# netstat -antlp | grep 8800
[root@master harbor]# netstat -antlp | grep 8443

(9)修改配置文件

[root@master harbor]# vim harbor.yml 


hostname域名修改为要安装harbor的服务器的ip
http端口修改为8800
https端口修改为8443
certificate: 证书路径修改为/harbor/certs/ca.crt
private_key: 秘钥路径修改为/harbor/certs/ca.key
harbor_admin_password: 默认Harbor密码,不修改,就用默认的Harbor12345
data_value: 修改为/data/harbor

修改前:

修改后:

(10)Docker  Hub查看镜像

docker pull goharbor/prepare:v2.10.2

(11)拉取镜像

 node2

[root@node2 ~]# docker pull goharbor/prepare:v2.10.2

(12) 导出镜像

[root@node2 ~]# docker save -o prepare.tar goharbor/prepare:v2.10.2

(13)复制Docker镜像到master节点

[root@node2 ~]# scp prepare.tar root@master:~

(14)master节点导入Docker镜像

[root@master ~]# docker load -i prepare.tar

(15)执行预备脚本

[root@master harbor]# ./prepare

(16) 执行安装脚本

[root@master harbor]# ./install.sh [Step 0]: checking if docker is installed ...Note: docker version: 24.0.7[Step 1]: checking docker-compose is installed ...Note: Docker Compose version v2.21.0[Step 2]: loading Harbor images ...
a8840e4ae316: Loading layer [==================================================>]  21.63MB/21.63MB
515f0ee642d6: Loading layer [==================================================>]  173.8MB/173.8MB
7e1a15fa7f7c: Loading layer [==================================================>]   25.5MB/25.5MB
4cd39a5aa67d: Loading layer [==================================================>]  18.27MB/18.27MB
3daae6a42996: Loading layer [==================================================>]   5.12kB/5.12kB
e23a6fbc3acf: Loading layer [==================================================>]  6.144kB/6.144kB
87a67eef40a6: Loading layer [==================================================>]  3.072kB/3.072kB
5439373f0cf5: Loading layer [==================================================>]  2.048kB/2.048kB
44c50cb14a57: Loading layer [==================================================>]   2.56kB/2.56kB
e343431b8ac0: Loading layer [==================================================>]   7.68kB/7.68kB
Loaded image: goharbor/harbor-db:v2.10.2
a7437080fdff: Loading layer [==================================================>]  17.16MB/17.16MB
89c54c70338a: Loading layer [==================================================>]  3.584kB/3.584kB
927d190fe457: Loading layer [==================================================>]   2.56kB/2.56kB
dab52f006605: Loading layer [==================================================>]  44.92MB/44.92MB
abc8dcfeeb98: Loading layer [==================================================>]  45.71MB/45.71MB
Loaded image: goharbor/harbor-jobservice:v2.10.2
9343d1011e8e: Loading layer [==================================================>]  21.63MB/21.63MB
d8aa785c45d8: Loading layer [==================================================>]  110.6MB/110.6MB
af30438adf19: Loading layer [==================================================>]  3.072kB/3.072kB
046baf104eef: Loading layer [==================================================>]   59.9kB/59.9kB
b4bf035573f1: Loading layer [==================================================>]  61.95kB/61.95kB
Loaded image: goharbor/redis-photon:v2.10.2
1a53aa673223: Loading layer [==================================================>]  14.15MB/14.15MB
e3ef818740f3: Loading layer [==================================================>]  4.096kB/4.096kB
f51244ac7c03: Loading layer [==================================================>]  3.072kB/3.072kB
971632584e63: Loading layer [==================================================>]   17.4MB/17.4MB
0cfb29c07835: Loading layer [==================================================>]  18.19MB/18.19MB
Loaded image: goharbor/registry-photon:v2.10.2
9fb8de59ccbd: Loading layer [==================================================>]  130.9MB/130.9MB
b0a99212add7: Loading layer [==================================================>]  3.584kB/3.584kB
c63a00cfdba3: Loading layer [==================================================>]  3.072kB/3.072kB
ea1dbece5b3a: Loading layer [==================================================>]   2.56kB/2.56kB
3c735fb3805e: Loading layer [==================================================>]  3.072kB/3.072kB
1b257c0b8709: Loading layer [==================================================>]  3.584kB/3.584kB
6bb174e7db78: Loading layer [==================================================>]  20.48kB/20.48kB
Loaded image: goharbor/harbor-log:v2.10.2
ea9d3f5fbb0c: Loading layer [==================================================>]  121.2MB/121.2MB
b88bdbd268ea: Loading layer [==================================================>]  6.532MB/6.532MB
a6a0154f827a: Loading layer [==================================================>]  246.8kB/246.8kB
664d5baa31ef: Loading layer [==================================================>]  1.477MB/1.477MB
Loaded image: goharbor/harbor-portal:v2.10.2
fe6dfc816265: Loading layer [==================================================>]  17.16MB/17.16MB
c8d1d3bbdf04: Loading layer [==================================================>]  3.584kB/3.584kB
a95b761bfdbe: Loading layer [==================================================>]   2.56kB/2.56kB
c3c092020a00: Loading layer [==================================================>]  58.96MB/58.96MB
75c8aba5c8aa: Loading layer [==================================================>]  5.632kB/5.632kB
84bdcacb7f37: Loading layer [==================================================>]  123.4kB/123.4kB
c80d23d5cead: Loading layer [==================================================>]  80.38kB/80.38kB
fb9a83422043: Loading layer [==================================================>]  59.95MB/59.95MB
17416c18f4d3: Loading layer [==================================================>]   2.56kB/2.56kB
Loaded image: goharbor/harbor-core:v2.10.2
6a65c62b44a3: Loading layer [==================================================>]  14.15MB/14.15MB
50d4a017d046: Loading layer [==================================================>]  4.096kB/4.096kB
b00285e03979: Loading layer [==================================================>]   17.4MB/17.4MB
bd20c4f45bc4: Loading layer [==================================================>]  3.072kB/3.072kB
cdef8cae2c49: Loading layer [==================================================>]  32.77MB/32.77MB
8c8e4274f70f: Loading layer [==================================================>]  50.95MB/50.95MB
Loaded image: goharbor/harbor-registryctl:v2.10.2
acbecb34a764: Loading layer [==================================================>]  17.16MB/17.16MB
478163dbc994: Loading layer [==================================================>]  27.56MB/27.56MB
4ec3465523a2: Loading layer [==================================================>]  4.608kB/4.608kB
07fb78bc4c52: Loading layer [==================================================>]  28.35MB/28.35MB
Loaded image: goharbor/harbor-exporter:v2.10.2
113051e862a0: Loading layer [==================================================>]  121.2MB/121.2MB
Loaded image: goharbor/nginx-photon:v2.10.2
2716f555462f: Loading layer [==================================================>]  14.67MB/14.67MB
d4471d1781eb: Loading layer [==================================================>]  4.096kB/4.096kB
2b9cfa166f1f: Loading layer [==================================================>]  3.072kB/3.072kB
4943bbb50494: Loading layer [==================================================>]  209.9MB/209.9MB
1f70ad7459fb: Loading layer [==================================================>]  17.45MB/17.45MB
c6de541f3b98: Loading layer [==================================================>]  228.1MB/228.1MB
Loaded image: goharbor/trivy-adapter-photon:v2.10.2
Loaded image: goharbor/prepare:v2.10.2[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...
prepare base dir is set to /root/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dirNote: stopping existing Harbor instance ...[Step 5]: starting Harbor ...
[+] Running 10/10✔ Network harbor_harbor        Created                                                                                                                                      0.1s ✔ Container harbor-log         Started                                                                                                                                      0.0s ✔ Container registry           Started                                                                                                                                      0.1s ✔ Container registryctl        Started                                                                                                                                      0.1s ✔ Container harbor-portal      Started                                                                                                                                      0.1s ✔ Container harbor-db          Started                                                                                                                                      0.1s ✔ Container redis              Started                                                                                                                                      0.1s ✔ Container harbor-core        Started                                                                                                                                      0.0s ✔ Container nginx              Started                                                                                                                                      0.0s ✔ Container harbor-jobservice  Started                                                                                                                                      0.0s 
✔ ----Harbor has been installed and started successfully.----

(17) 查看harbor相关容器

[root@master harbor]# docker ps | grep  goharbor

(18)docker-compose命令显示其管理的harbor容器

[root@master harbor]# docker-compose -f docker-compose.yml ps

(19)访问harbor

https://192.168.204.8:8443/

选高级

继续访问

弹出界面

(20)登录

账号:admin
密码:Harbor12345

成功进入系统

5. K8S 1.29版本 使用Harbor

(1) 创建私有项目

(2) 查看

目前项目为空

(3) 创建公开项目

(4)再次查看

目前项目为空

(5)Docker配置Harbor(所有节点)

1)修改
vim /etc/docker/daemon.json
……"insecure-registries": ["https://192.168.204.8:8443"]
……2)重新加载配置
systemctl daemon-reload3)重启服务
systemctl restart dockersystemctl restart cri-docker

修改前:

修改后:

这里以node1节点为例

[root@node1 ~]# systemctl status cri-docker

(6)docker 登录harbor并推送镜像到公开项目

node1节点

[root@node1 ~]# docker login 192.168.204.8:8443 -u admin -p Harbor12345

拉取镜像

打标签

[root@node1 ~]# docker tag alpine:latest 192.168.204.8:8443/devops02/alpine:20240502

推送镜像到公开项目

[root@node1 ~]# docker push 192.168.204.8:8443/devops02/alpine:20240502

查看

删除本地镜像

[root@node1 ~]# docker rmi -f 192.168.204.8:8443/devops02/alpine:20240502

拉取harbor仓库的镜像

[root@node1 ~]# docker pull 192.168.204.8:8443/devops02/alpine:20240502

(7)docker 登录harbor并推送镜像到私有项目

打标签

[root@node1 ~]# docker tag alpine:latest 192.168.204.8:8443/devops01/alpine:20240502

推送镜像到私有项目

[root@node1 ~]# docker push 192.168.204.8:8443/devops01/alpine:20240502

查看

删除本地镜像

[root@node1 ~]# docker rmi -f 192.168.204.8:8443/devops01/alpine:20240502

拉取harbor仓库的镜像

[root@node1 ~]# docker pull 192.168.204.8:8443/devops01/alpine:20240502

(8) 登出账号

[root@node1 ~]# docker logout 192.168.204.8

(9)其他方式的harbor部署

可以参考本人博客:

Docker容器与虚拟化技术:Harbor私有仓库部署与迁移-CSDN博客

云原生Kubernetes:K8S集群使用带凭证的harbor仓库-CSDN博客

二、问题

1.docker 登录harbor失败

(1)报错

Error response from daemon: Get "https://192.168.204.8:8443/v2/": tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead

(2)原因分析

未重启docker。

(3)解决方法

重启docker:

[root@node1 ~]# systemctl restart docker

成功:

这篇关于云原生Kubernetes: K8S 1.29版本 部署Harbor的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!


http://www.chinasem.cn/article/956221

相关文章

MySQL 主从复制部署及验证(示例详解)

MySQL 主从复制部署及验证(示例详解)

《MySQL主从复制部署及验证(示例详解)》本文介绍MySQL主从复制部署步骤及学校管理数据库创建脚本,包含表结构设计、示例数据插入和查询语句,用于验证主从同步功能,感兴趣的朋友一起看看吧... 目录mysql 主从复制部署指南部署步骤1.环境准备2. 主服务器配置3. 创建复制用户4. 获取主服务器状态5
阅读更多...
golang程序打包成脚本部署到Linux系统方式

golang程序打包成脚本部署到Linux系统方式

《golang程序打包成脚本部署到Linux系统方式》Golang程序通过本地编译(设置GOOS为linux生成无后缀二进制文件),上传至Linux服务器后赋权执行,使用nohup命令实现后台运行,完... 目录本地编译golang程序上传Golang二进制文件到linux服务器总结本地编译Golang程序
阅读更多...
如何在Ubuntu 24.04上部署Zabbix 7.0对服务器进行监控

如何在Ubuntu 24.04上部署Zabbix 7.0对服务器进行监控

《如何在Ubuntu24.04上部署Zabbix7.0对服务器进行监控》在Ubuntu24.04上部署Zabbix7.0监控阿里云ECS服务器,需配置MariaDB数据库、开放10050/1005... 目录软硬件信息部署步骤步骤 1:安装并配置mariadb步骤 2:安装Zabbix 7.0 Server
阅读更多...
java实现docker镜像上传到harbor仓库的方式

java实现docker镜像上传到harbor仓库的方式

《java实现docker镜像上传到harbor仓库的方式》:本文主要介绍java实现docker镜像上传到harbor仓库的方式,具有很好的参考价值,希望对大家有所帮助,如有错误或未考虑完全的地... 目录1. 前 言2. 编写工具类2.1 引入依赖包2.2 使用当前服务器的docker环境推送镜像2.2
阅读更多...
k8s上运行的mysql、mariadb数据库的备份记录(支持x86和arm两种架构)

k8s上运行的mysql、mariadb数据库的备份记录(支持x86和arm两种架构)

《k8s上运行的mysql、mariadb数据库的备份记录(支持x86和arm两种架构)》本文记录在K8s上运行的MySQL/MariaDB备份方案,通过工具容器执行mysqldump,结合定时任务实... 目录前言一、获取需要备份的数据库的信息二、备份步骤1.准备工作(X86)1.准备工作(arm)2.手
阅读更多...
使用jenv工具管理多个JDK版本的方法步骤

使用jenv工具管理多个JDK版本的方法步骤

《使用jenv工具管理多个JDK版本的方法步骤》jenv是一个开源的Java环境管理工具,旨在帮助开发者在同一台机器上轻松管理和切换多个Java版本,:本文主要介绍使用jenv工具管理多个JD... 目录一、jenv到底是干啥的?二、jenv的核心功能(一)管理多个Java版本(二)支持插件扩展(三)环境隔
阅读更多...
MySQL版本问题导致项目无法启动问题的解决方案

MySQL版本问题导致项目无法启动问题的解决方案

《MySQL版本问题导致项目无法启动问题的解决方案》本文记录了一次因MySQL版本不一致导致项目启动失败的经历,详细解析了连接错误的原因,并提供了两种解决方案:调整连接字符串禁用SSL或统一MySQL... 目录本地项目启动报错报错原因:解决方案第一个:第二种:容器启动mysql的坑两种修改时区的方法:本地
阅读更多...
conda安装GPU版pytorch默认却是cpu版本

conda安装GPU版pytorch默认却是cpu版本

《conda安装GPU版pytorch默认却是cpu版本》本文主要介绍了遇到Conda安装PyTorchGPU版本却默认安装CPU的问题,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的... 目录一、问题描述二、网上解决方案罗列【此节为反面方案罗列!!!】三、发现的根本原因[独家]3.1 p
阅读更多...
Redis指南及6.2.x版本安装过程

Redis指南及6.2.x版本安装过程

《Redis指南及6.2.x版本安装过程》Redis是完全开源免费的,遵守BSD协议,是一个高性能(NOSQL)的key-value数据库,Redis是一个开源的使用ANSIC语言编写、支持网络、... 目录概述Redis特点Redis应用场景缓存缓存分布式会话分布式锁社交网络最新列表Redis各版本介绍旧
阅读更多...
IIS 7.0 及更高版本中的 FTP 状态代码

IIS 7.0 及更高版本中的 FTP 状态代码

《IIS7.0及更高版本中的FTP状态代码》本文介绍IIS7.0中的FTP状态代码,方便大家在使用iis中发现ftp的问题... 简介尝试使用 FTP 访问运行 Internet Information Services (IIS) 7.0 或更高版本的服务器上的内容时,IIS 将返回指示响应状态的数字代
阅读更多...

Copyright China编程 23002807@qq.com

沪ICP备2023033072号-2