小薛博客

Appearance

16、阿里云镜像仓库ACR和Harbor

1、阿里云镜像仓库

1、进入阿里云控制台

https://cr.console.aliyun.com/cn-hangzhou/instances

2、新建命名空间

image-20250729115506411

3、新建镜像仓库

image-20250729115612182

4、登录阿里云Docker Registry

sh
docker login --username=xueqimiao registry.cn-hangzhou.aliyuncs.com

image-20250729115755271

5、将镜像推送到Registry

sh
$ docker tag [ImageId] registry.cn-hangzhou.aliyuncs.com/xx_blog/xx-springboot:[镜像版本号]
$ docker push registry.cn-hangzhou.aliyuncs.com/xx_blog/xx-springboot:[镜像版本号]
sh
[root@xx-blog ~]# docker images
REPOSITORY           TAG       IMAGE ID       CREATED          SIZE
xx-spring-boot-web   v1        2155d2ca31fa   12 minutes ago   192MB
xx-springboot        v1        82132e652235   56 minutes ago   546MB
[root@xx-blog ~]# docker tag 82132e652235 registry.cn-hangzhou.aliyuncs.com/xx_blog/xx-springboot:v1
[root@xx-blog ~]# docker push registry.cn-hangzhou.aliyuncs.com/xx_blog/xx-springboot:v1

image-20250729120029225

6、拉取镜像

sh
docker pull registry.cn-hangzhou.aliyuncs.com/xx_blog/xx-springboot:[镜像版本号]

2、安装与卸载Docker Compose

sh
sudo curl -L "https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose

# 可以进这里看版本
https://github.com/docker/compose/releases/

sudo chmod +x /usr/local/bin/docker-compose

docker-compose --version 

# 如果是使用的 curl 方式来安装的
sudo rm /usr/local/bin/docker-compose
sh
# 如果上述安装不了,可以手动下载
https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-Linux-x86_64

# 将已下载的Docker Compose二进制文件复制到/usr/local/bin目录中。您可以使用sudo命令来拷贝,确保文件有执行权限
sudo cp docker-compose-linux-x86_64 /usr/local/bin/docker-compose

# 为docker-compose文件添加执行权限
sudo chmod +x /usr/local/bin/docker-compose

docker-compose --version

3、Harbor仓库

https://github.com/goharbor/harbor

1、安装

1、下载在线安装包

sh
wget https://github.com/goharbor/harbor/releases/download/v2.4.3/harbor-online-installer-v2.4.3.tgz

2、解压

sh
tar -zxvf harbor-online-installer-v2.4.3.tgz

3、进入目录修改配置文件

sh
cd harbor/
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
sh
# 修改 hostname 为自己的ip
hostname: 112.74.160.27
sh
# 修改端口
http:
  port: 8081
sh
# 不启用https 注释掉以下内容

# https related config
#https:
  # https port for harbor, default is 443
  #  port: 443
  # The path of cert and key files for nginx
  # certificate: /your/certificate/path
  # private_key: /your/private/key/path
sh
# 修改密码
harbor_admin_password: Harbor12345
sh
# 修改卷目录
data_volume: /data/harbor

4、执行脚本

sh
./prepare
./install.sh

image-20230919095108918

2、登录仓库

记得开放8081端口

sh
# 手动输入密码
docker login 112.74.160.27:8081 -u "admin"

# 命令形式输入密码
docker login 112.74.160.27:8081 -u "admin" -p "Harbor12345"
# 会提示警告
WARNING! Using --password via the CLI is insecure. Use --password-stdin.

export REGISTRY=112.74.160.27:8081
export DOCKER_USER_VAR=admin
export DOCKER_PWD_VAR=Harbor12345

echo "$DOCKER_PWD_VAR" | docker login $REGISTRY -u "$DOCKER_USER_VAR" --password-stdin
echo "Harbor12345" | docker login 112.74.160.27:8081 -u "admin" --password-stdin

docker login -u admin -p Harbor12345 112.74.160.27:8081

Error response from daemon: Get "https://112.74.160.27:8081/v2/": http: server gave HTTP response to HTTPS client

在不使用SSL证书的情况下继续使用HTTP访问Harbor,可以在Docker客户端上使用 --insecure-registry 选项来忽略证书检查。这不是一个安全的做法,应仅用于测试或开发目的。生产环境自行购买证书使用https。

sh
vim /etc/docker/daemon.json

{
    "registry-mirrors": [
        "https://0vmzj3q6.mirror.aliyuncs.com",
        "https://docker.m.daocloud.io",
        "https://mirror.baidubce.com",
        "https://dockerproxy.com",
        "https://mirror.iscas.ac.cn",
        "https://huecker.io",
        "https://dockerhub.timeweb.cloud",
        "https://noohub.ru",
        "https://vlgh0kqj.mirror.aliyuncs.com"
    ],
    "insecure-registries": ["112.74.160.27:8081"]
}

systemctl daemon-reload
systemctl restart docker
sh
# 重新测试登录
echo "Harbor12345" | docker login 112.74.160.27:8081 -u "admin" --password-stdin

Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

3、新建仓库

http://112.74.160.27:8081/

1、新建项目

image-20250729133523224

测试环境可以直接使用公开

image-20230919110507405

image-20230919110548038

4、推送镜像

1、打标签

sh
docker tag SOURCE_IMAGE[:TAG] 112.74.160.27:8081/xx-blog/REPOSITORY[:TAG]
docker tag xx-springboot:v1 112.74.160.27:8081/xx-blog/xx-springboot:v1

2、推送镜像

sh
docker push 112.74.160.27:8081/xx-blog/REPOSITORY[:TAG]
docker push 112.74.160.27:8081/xx-blog/xx-springboot:v1

image-20250729134627698

4、拉取镜像

sh
docker pull 112.74.160.27:8081/xx-blog/xx-springboot:v1