前往小程序,Get更优阅读体验!
立即前往
首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >k8s学习记录02

k8s学习记录02

作者头像
jeremyxu
发布2019-03-13 15:00:48
4450
发布2019-03-13 15:00:48
举报
文章被收录于专栏:jeremy的技术点滴

部署镜像仓库harbor

官方文档中写得很清楚,这里简单概括一下:

代码语言:javascript
复制
# 克隆git项目
$ git clone https://github.com/vmware/harbor
$ cd harbor/contrib/helm/harbor

# Download external dependent charts
$ helm dependency update

# 编辑部分配置项
$ vim values.yml
......
externalDomain: harbor.local
......
    # 因为我本机的traefik ingress未开启TLS的endpoint,这里设置不自动跳转至https
    ingress.kubernetes.io/ssl-redirect: "false"
......

# 使用helm安装
$ helm install . --debug --name harbor-release -f values.yaml

过一会儿使用命令helm status harbor-release查看下部署的状态:

代码语言:javascript
复制
$ helm status harbor-release
......
==> v1/Pod(related)
NAME                                                  READY  STATUS   RESTARTS  AGE
harbor-release-postgresql-66f5477d9c-4wncj            1/1    Running  0         8m
harbor-release-harbor-clair-55f6d7899d-hm8cx          1/1    Running  1         8m
harbor-release-harbor-jobservice-878896998-glbvw      1/1    Running  4         8m
harbor-release-harbor-notary-server-6ccddbcd98-knk2n  1/1    Running  0         8m
harbor-release-harbor-notary-signer-5f4df97cd5-2vbb8  1/1    Running  0         8m
harbor-release-harbor-ui-5bbf974497-skpnr             1/1    Running  3         8m
harbor-release-redis-master-0                         1/1    Running  0         8m
harbor-release-harbor-adminserver-0                   1/1    Running  1         8m
harbor-release-harbor-mysql-0                         1/1    Running  0         8m
harbor-release-harbor-notary-db-0                     1/1    Running  0         8m
harbor-release-harbor-registry-0                      1/1    Running  0         8m
......
NOTES:

Please wait for several minutes for Harbor deployment to complete.
Then follow the steps below to use Harbor.

1. Add the Harbor CA certificate to Docker by executing the following command:

  sudo mkdir -p /etc/docker/certs.d/harbor.local
  kubectl get secret \
    --namespace default harbor-release-harbor-ingress \
    -o jsonpath="{.data.ca\.crt}" | base64 --decode | \
    sudo tee /etc/docker/certs.d/harbor.local/ca.crt

2. Get Harbor admin password by executing the following command:

  kubectl get secret --namespace default harbor-release-harbor-adminserver -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 --decode; echo

3. Add DNS resolution entry for Harbor FQDN harbor.local to K8s Ingress Controller IP on DNS Server or in file /etc/hosts.
   Add DNS resolution entry for Notary FQDN notary-harbor.local to K8s Ingress Controller IP on DNS Server or in file /etc/hosts.

4. Access Harbor UI via https://harbor.local

5. Login Harbor with Docker CLI:

  docker login harbor.local

这里有几个提示:

  1. harbor-release-harbor-ingress 中导出data.ca.crt,并导入到docker的证书目录中,这样docker就会信任该镜像仓库
  2. 通过kubectl get secret --namespace default harbor-release-harbor-adminserver -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 --decode; echo 命令可以得到harbor的管理员密码
  3. 要添加两个域名映射harbor.localnotary-harbor.local,本机开发的话,把这两个域名指向127.0.0.1就可以了

/etc/hosts文件中配上两个域名的映射,然后在浏览器中直接访问http://harbor.local,页面很快显示出来了,管理员登录凭证为admin/Harbor12345

OVER

参考

  1. https://github.com/vmware/harbor/tree/master/contrib/helm/harbor
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2018-05-21,如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体同步曝光计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
目录
  • 部署镜像仓库harbor
  • 参考
相关产品与服务
容器镜像服务
容器镜像服务(Tencent Container Registry,TCR)为您提供安全独享、高性能的容器镜像托管分发服务。您可同时在全球多个地域创建独享实例,以实现容器镜像的就近拉取,降低拉取时间,节约带宽成本。TCR 提供细颗粒度的权限管理及访问控制,保障您的数据安全。
领券
问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档