接入Harbor私有倉庫
阿新 • • 發佈:2022-05-20
專案組現在需要接入CI/CD,其中就包括接入Harbor,本文將記錄如何在CentOS7.6
機器上完成接入Harbor。
前期工作:首先需要在Harbor上開具賬號,建立相應專案(當前專案為imagetest
)。
設定Docker
預設開發機已完成Docker安裝:
# docker version Client: Docker Engine - Community Version: 20.10.16 API version: 1.41 Go version: go1.17.10 Git commit: aa7e414 Built: Thu May 12 09:19:45 2022 OS/Arch: linux/amd64 Context: default Experimental: true Server: Docker Engine - Community Engine: Version: 20.10.16 API version: 1.41 (minimum version 1.12) Go version: go1.17.10 Git commit: f756502 Built: Thu May 12 09:18:08 2022 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.6.4 GitCommit: 212e8b6fa2f44b9c21b2798135fc6fb7c53efc16 runc: Version: 1.1.1 GitCommit: v1.1.1-0-g52de29d docker-init: Version: 0.19.0 GitCommit: de40ad0
在/etc/docker/daemon.json
檔案中(如果沒有daemon.json檔案,則自行建立此檔案)寫入如下資訊:
{
"insecure-registries": ["192.168.38.91:8090"]
}
檔案中的
192.168.38.91:8090
為Harbor的部署地址。
設定完成後,需要重啟Docker,執行以下命令即可:
# systemctl daemon-reload
# systemctl restart docker
登入Harbor
完成Docker設定後,需要手動執行登入命令,以便確認Docker接入Harbor。
# docker login 192.168.38.91:8090 Authenticating with existing credentials... WARNING! Your password will be stored unencrypted in /root/.docker/config.json. Configure a credential helper to remove this warning. See https://docs.docker.com/engine/reference/commandline/login/#credentials-store Login Succeeded
推送映象
登陸完成後,即可在開發機上打包映象並推送至Harbor。
# 以下命令是Harbor推薦命令,我們可參照完成
# 192.168.38.91:8090/imagetest/是映象標記固定字首,若未設定此字首,映象將會被嘗試推送至docker.io
# 在專案中標記映象:
docker tag SOURCE_IMAGE[:TAG] 192.168.38.91:8090/imagetest/REPOSITORY[:TAG]
# 推送映象到當前專案:
docker push 192.168.38.91:8090/imagetest/REPOSITORY[:TAG]
在示例專案(Java專案)中建立Dockerfile,具體如下所示:
FROM openjdk:11.0.15-jdk
VOLUME /tmp
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone \
&& mkdir -p /opt/app/log
ARG JAR_FILE=*.jar
COPY ${JAR_FILE} /opt/app/app.jar
WORKDIR /opt/app/
ENTRYPOINT ["java","-Xms1g", "-Xmx1g","-verbose:gc", \
"-Xlog:gc,gc+ref=debug,gc+heap=debug,gc+age=trace:file=/opt/app/log/gc_%p.log:tags,uptime,time,level", \
"-Xlog:safepoint:file=/opt/app/log/safepoint_%p.log:tags,uptime,time,level", \
"-XX:+HeapDumpOnOutOfMemoryError", "-XX:HeapDumpPath=/opt/app/log/network-capability.hprof", \
"-XX:ErrorFile=/opt/app/log/hs_error_pid%p.log", "-XX:-OmitStackTraceInFastThrow", "-jar","/app.jar"]
執行以下命令完成映象打包和推送:
# 打包映象,並新增TAG:`192.168.38.91:8090/imagetest/demo:0.1`
docker build -t 192.168.38.91:8090/imagetest/demo:0.1 .
# 推送映象
docker push 192.168.38.91:8090/imagetest/demo:0.1
檢查Harbor倉庫,即可發現映象完成推送。