1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

# install docker
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce
systemctl enable docker
systemctl start docker

# install docker-compose
yum install -y epel-release
yum install -y docker-compose

1
2
3

cd /opt
wget https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.6.1.tgz
tar xf harbor-offline-installer-v1.6.1.tgz && cd harbor

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22

mkdir certs && cd certs

openssl req -newkey rsa:4096 -nodes -keyout domain.key -x509 -days 3650 -out domain.crt
Generating a 4096 bit RSA private key
...........................................................................................++
.......................++
writing new private key to 'domain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Beijing
Locality Name (eg, city) []:Beijing
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:reg.localregistry.com
Email Address []:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

pwd
/opt/harbor
ls certs/
domain.crt  domain.key

grep hostname harbor.cfg 
#The IP address or hostname to access admin UI and registry service.
hostname = reg.localregistry.com

grep ssl_cert harbor.cfg
ssl_cert = /opt/harbor/certs/domain.crt
ssl_cert_key = /opt/harbor/certs/domain.key

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

./prepare 
Generated and saved secret to file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/ui/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/ui/app.conf
Generated certificate, key file: ./common/config/ui/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.

./install.sh

1

echo "/usr/bin/docker-compose -f /opt/harbor/docker-compose.yml up -d" >> /etc/rc.d/rc.local

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18

mkdir -p /etc/docker/certs.d/localregistry.com
cp certs/domain.crt /etc/docker/certs.d/localregistry.com/
cp certs/domain.crt /etc/pki/ca-trust/source/anchors/localregistry.com.crt
update-ca-trust
systemctl stop docker
systemctl start docker

grep localregistry /etc/hosts
192.168.0.130   reg.localregistry.com

docker login reg.localregistry.com
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14

mkdir -p /etc/docker/certs.d/localregistry.com
cp certs/domain.crt /etc/docker/certs.d/localregistry.com/
cp certs/domain.crt /etc/ssl/certs/localregistry.com.crt
update-ca-certificates
systemctl stop docker
systemctl start docker

grep localregistry /etc/hosts
192.168.0.130   reg.localregistry.com

docker login reg.localregistry.com
Username: admin
Password:
Login Succeeded