文章插图
| 总结/Edison Zhou
上一篇我们自己通过编写Dockerfile来编译部署一个ASP.NET MVC应用程序到Windows Container,这一篇我们来试着将.NET 4.x的镜像推送到harbor私有镜像仓库 。
1 准备工作
假设有两台服务器,这里我使用的是阿里云ECS:
Node1:Windows Server 2019,Docker Client
Node2:CentOS 7.5,Harbor
其中,Node1作为客户端,主要用来推送镜像到harbor镜像仓库 和 从harbor拉取镜像运行容器实例 。Node2作为服务端,主要用来运行harbor镜像仓库对企业内部提供容器镜像服务 。
2 搭建Harbor镜像仓库
Why Harbor?
因为Harbor是目前最流行的企业级私有容器镜像仓库之一,而且它同时支持Linux Container 和 Windows Container 的镜像,使得它比较符合我的需求 。
快速搭建过程
我们在Node2(CentOS)上来快速地基于Harbor搭建一个私有镜像仓库 。
step1.安装docker compose
# curl -L https://github.com/docker/compose/releases/download/1.26.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose# chmod +x /usr/local/bin/docker-compose# docker-compose -version
step2.下载并解压harbor离线安装包# wget https://github.com/vmware/harbor/releases/download/v1.10.1/harbor-offline-installer-v1.10.1.tgz# tar xvf harbor-offline-installer-v1.10.1.tgz
step3.修改harbor.yml配置,主要修改hostname 和 admin初始密码,注释掉https的配置(生产环境建议开启https,这里只做快速演示) 。# Configuration file of Harbor# The IP address or hostname to access admin UI and registry service.# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.hostname: 47.108.111.236# http related confighttp:# port for http, default is 80. If https enabled, this port will redirect to https portport: 80# https related config# https:# https port for harbor, default is 443# port: 443# The path of cert and key files for nginx# certificate: /your/certificate/path# private_key: /your/private/key/path# Uncomment external_url if you want to enable external proxy# And when it enabled the hostname will no longer used# external_url: https://reg.mydomain.com:8433# The initial password of Harbor admin# It only works in first time to install harbor# Remember Change the admin password from UI after launching Harbor.harbor_admin_password: EDC@123456# Harbor DB configurationdatabase:# The password for the root user of Harbor DB. Change this before any production use.password: root123456# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.max_idle_conns: 50# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.# Note: the default number of connections is 100 for postgres.max_open_conns: 100# The default data volumedata_volume: /data# Harbor Storage settings by default is using /data dir on local filesystem# Uncomment storage_service setting If you want to using external storage# storage_service:## ca_bundle is the path to the custom root ca certificate, which will be injected into the truststore## of registry's and chart repository's containers.This is usually needed when the user hosts a internal storage with self signed certificate.#ca_bundle:## storage backend, default is filesystem, options include filesystem, azure, gcs, s3, swift and oss## for more info about this configuration please refer https://docs.docker.com/registry/configuration/#filesystem:#maxthreads: 100## set disable to true when you want to disable registry redirect#redirect:#disabled: false# Clair configurationclair:# The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.updaters_interval: 12jobservice:# Maximum number of job workers in job servicemax_job_workers: 10notification:# Maximum retry count for webhook jobwebhook_job_max_retry: 10chart:# Change the value of absolute_url to enabled can enable absolute url in chartabsolute_url: disabled# Log configurationslog:# options are debug, info, warning, error, fatallevel: info# configs for logs in local storagelocal:# Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated.rotate_count: 50# Log files are rotated only if they grow bigger than log_rotate_size bytes. If size is followed by k, the size is assumed to be in kilobytes.# If the M is used, the size is in megabytes, and if G is used, the size is in gigabytes. So size 100, size 100k, size 100M and size 100G# are all valid.rotate_size: 200M# The directory on your host that store loglocation: /var/log/harbor# Uncomment following lines to enable external syslog endpoint.# external_endpoint:## protocol used to transmit log to external endpoint, options is tcp or udp#protocol: tcp## The host of external endpoint#host: localhost## Port of external endpoint#port: 5140#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!_version: 1.10.0# Uncomment external_database if using external database.# external_database:#harbor:#host: harbor_db_host#port: harbor_db_port#db_name: harbor_db_name#username: harbor_db_username#password: harbor_db_password#ssl_mode: disable#max_idle_conns: 2#max_open_conns: 0#clair:#host: clair_db_host#port: clair_db_port#db_name: clair_db_name#username: clair_db_username#password: clair_db_password#ssl_mode: disable#notary_signer:#host: notary_signer_db_host#port: notary_signer_db_port#db_name: notary_signer_db_name#username: notary_signer_db_username#password: notary_signer_db_password#ssl_mode: disable#notary_server:#host: notary_server_db_host#port: notary_server_db_port#db_name: notary_server_db_name#username: notary_server_db_username#password: notary_server_db_password#ssl_mode: disable# Uncomment external_redis if using external Redis server# external_redis:#host: redis#port: 6379#password:## db_index 0 is for core, it's unchangeable#registry_db_index: 1#jobservice_db_index: 2#chartmuseum_db_index: 3#clair_db_index: 4# Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.# uaa:#ca_file: /path/to/ca# Global proxy# Config http proxy for components, e.g. http://my.proxy.com:3128# Components doesn't need to connect to each others via http proxy.# Remove component from `components` array if want disable proxy# for it. If you want use proxy for replication, MUST enable proxy# for core and jobservice, and set `http_proxy` and `https_proxy`.# Add domain to the `no_proxy` field, when you want disable proxy# for some special registry.proxy:http_proxy:https_proxy:# no_proxy endpoints will appended to 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-serverno_proxy:components:- core- jobservice- clair
以上关于本文的内容,仅作参考!温馨提示:如遇健康、疾病相关的问题,请您及时就医或请专业人士给予相关指导!
「四川龙网」www.sichuanlong.com小编还为您精选了以下内容,希望对您有所帮助:
- 2 传统.NET 4.x应用容器化
- 4 传统.NET 4.x应用容器化
- 5 传统.NET 4.x应用容器化
- 强健骨骼 经常抖抖身体
- 正月十三,传说是阎王最讨厌的一天,忌3事、吃5食,老传统别丢了
- 2021年大寒节气民间传统饮食 应该怎样养生
- 2021年立春节气由来简介 有哪些民间传统活动
- 传统钓打窝的说法
- 花架子什么意思?传统武术是花架子吗
- 我国首个入选世界非遗的中国传统节日