Docker之jenkins部署harbor在harbor中完成部署

1、harbor作用

Harbor允許用戶用命令行工具對容器鏡像及其他Artifact進(jìn)行推送和拉取，并提供了圖形管理界面幫助用戶查閱和刪除這些Artifact。在Harbor 2.0版本中，除容器鏡像外，Harbor對符合OCI規(guī)范的Helm Chart、CNAB、OPA Bundle等都提供了更多的支持。另外，Harbor為管理員提供了豐富的管理功能，特別是作為開源軟件，隨著版本的迭代，很多社區(qū)用戶的反饋和貢獻(xiàn)被吸收進(jìn)來以便更好地適應(yīng)。

2、harbor下載

https://github.com/goharbor/harbor/releases/tag/v2.8.3

3、安裝

將里面的harbor.yml.temp 復(fù)制一份變成harbor.yml文件，然后修改下面幾個(gè)

# Configuration file of Harbor# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: harbor.ycz.com # 這里改，之后在etc/host中新增# http related config
http:# port for http, default is 80. If https enabled, this port will redirect to https portport: 8000 # 這里改# https related config
#https: # 注釋# https port for harbor, default is 443# port: 443 # 注釋# The path of cert and key files for nginx# certificate: /your/certificate/path# private_key: /your/private/key/path# # Uncomment following will enable tls communication between all harbor 

啟動(dòng)

sudo ./install.sh [Step 0]: checking if docker is installed ...Note: docker version: 24.0.2[Step 1]: checking docker-compose is installed ...Note: Docker Compose version v2.19.1[Step 2]: loading Harbor images ...
+Loaded image: goharbor/registry-photon:v2.8.3
Loaded image: goharbor/notary-server-photon:v2.8.3
Loaded image: goharbor/notary-signer-photon:v2.8.3
Loaded image: goharbor/harbor-log:v2.8.3
Loaded image: goharbor/redis-photon:v2.8.3
Loaded image: goharbor/harbor-jobservice:v2.8.3
Loaded image: goharbor/prepare:v2.8.3
Loaded image: goharbor/harbor-core:v2.8.3
Loaded image: goharbor/harbor-registryctl:v2.8.3
Loaded image: goharbor/nginx-photon:v2.8.3
Loaded image: goharbor/trivy-adapter-photon:v2.8.3
Loaded image: goharbor/harbor-portal:v2.8.3
Loaded image: goharbor/harbor-db:v2.8.3
Loaded image: goharbor/harbor-exporter:v2.8.3[Step 3]: preparing environment ...[Step 4]: preparing harbor configs ...
prepare base dir is set to /Users/mac/docker/harbor
WARNING:root:WARNING: HTTP protocol is insecure. Harbor will deprecate http protocol in the future. Please make sure to upgrade to https
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dirNote: stopping existing Harbor instance ...[Step 5]: starting Harbor ...
[+] Running 10/10? Network harbor_harbor        Created                                                                  0.1s ? Container harbor-log         Started                                                                  0.7s ? Container registryctl        Started                                                                  1.4s ? Container harbor-portal      Started                                                                  1.5s ? Container harbor-db          Started                                                                  1.5s ? Container redis              Started                                                                  1.8s ? Container registry           Started                                                                  1.8s ? Container harbor-core        Started                                                                  2.0s ? Container nginx              Started                                                                  2.5s ? Container harbor-jobservice  Started                                                                  2.5s 
? ----Harbor has been installed and started successfully.----

4、訪問

默認(rèn)密碼時(shí) admin Harbor12345

5、新增一個(gè)倉庫，隨便取名字

6、docker隨便弄一個(gè)鏡像試試能不能上傳到倉庫上

將mytest的重命名了，命名方式為 harbor地址/項(xiàng)目名/鏡像名:版本

macdeMacBook-Pro:harbor mac$ docker tag 84fd17f590f0 harbor.ycz.com:8000/repo/mytest:latest
macdeMacBook-Pro:harbor mac$ docker images
REPOSITORY                                                TAG                                                                          IMAGE ID       CREATED          SIZE
mytest                                                    latest                                                                       84fd17f590f0   32 minutes ago   558MB
harbor.ycz.com:8000/repo/mytest                           latest                                                                       84fd17f590f0   32 minutes ago   558MB

push上去，發(fā)現(xiàn)沒有權(quán)限

macdeMacBook-Pro:~ mac$ docker push harbor.ycz.com:8000/repo/mytest:latest
The push refers to repository [harbor.ycz.com:8000/repo/mytest]
0eeca62d60e3: Preparing 
508262fdcf74: Preparing 
99417f399c4c: Preparing 
6b5aaff44254: Preparing 
53a0b163e995: Preparing 
b626401ef603: Waiting 
9b55156abf26: Waiting 
293d5db30c9f: Waiting 
03127cdb479b: Waiting 
9c742cd6c7a5: Waiting 
unauthorized: unauthorized to access repository: repo/mytest, action: push: unauthorized to access repository: repo/mytest, action: push

登陸之后再push

macdeMacBook-Pro:~ mac$ docker login -u admin -p Harbor12345 harbor.ycz.com:8000
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Login Succeeded
macdeMacBook-Pro:~ mac$ docker push harbor.ycz.com:8000/repo/mytest:latest
The push refers to repository [harbor.ycz.com:8000/repo/mytest]
0eeca62d60e3: Pushed 
508262fdcf74: Pushed 
99417f399c4c: Pushed 
6b5aaff44254: Pushed 
53a0b163e995: Pushed 
b626401ef603: Pushed 
9b55156abf26: Pushed 
293d5db30c9f: Pushed 
03127cdb479b: Pushed 
9c742cd6c7a5: Pushed 
latest: digest: sha256:68fa7d0fef4a2c8286cf195a6a7566f58f86349c5e04829f84083feae31eee99 size: 2421

成功

將剛剛push之前的harbor.ycz.com:8000/repo/mytest:latest刪了，之后再從repo中拉取試試看

macdeMacBook-Pro:~ mac$ docker pull harbor.ycz.com:8000/repo/mytest:latest
latest: Pulling from repo/mytest
Digest: sha256:68fa7d0fef4a2c8286cf195a6a7566f58f86349c5e04829f84083feae31eee99
Status: Downloaded newer image for harbor.ycz.com:8000/repo/mytest:latest
harbor.ycz.com:8000/repo/mytest:latestWhat's Next?View summary of image vulnerabilities and recommendations → docker scout quickview harbor.ycz.com:8000/repo/mytest:latest

7、將原來的jenkins項(xiàng)目構(gòu)建docker中改成這樣

docker build -t mytest /var/jenkins_home/workspace/test
docker login -u admin -p Harbor12345 harbor.ycz.com:8000
docker tag mytest:latest harbor.ycz.com:8000/repo/mytest:latest
docker push harbor.ycz.com:8000/repo/mytest:latest

成功構(gòu)建

成功push到harbor

8、需要在harbor服務(wù)器中編寫docker構(gòu)建的代碼

1. 告知服務(wù)器拉取哪個(gè)鏡像
2. 判斷當(dāng)前的服務(wù)器是否在進(jìn)行，需要?jiǎng)h除
3. 如果目標(biāo)服務(wù)器已經(jīng)存在當(dāng)前的鏡像，需要?jiǎng)h除
4. 目標(biāo)服務(wù)器拉取harbor上的鏡像
5. 將拉取下來的鏡像運(yùn)行成容器

vi deploy.sh

harbor_addr=$1
harbor_repo=$2
project=$3
version=$4
container_port=$5
host_port=$6imageName=$harbor_addr/$harbor_repo/$project:$versionecho $imageNamecontainerId=`docker ps -a | grep ${project} | awk '{print $1}'`echo $containerIdif [ "$containerId" != "" ] ; thendocker stop $containerIddocker rm $containerId
fitag=`docker images | grep ${project} | awk  '{print $2}'`echo $tagif [[ "$tag"  =~ "$version" ]] ; thendocker rmi $imageName
fidocker login -u admin -p Harbor12345 $harbor_addrdocker pull $imageNamedocker run -d -p $host_port:$container_port --name $project $imageNameecho "SUCCESS"

9、jenkins構(gòu)建

到這里修改目標(biāo)的host

再修改jenkins的構(gòu)建

![在這里插入圖片描述](https://img-blog.csdnimg.cn/ccedeb6db6e646a5bceb580d7f742706.png

成功