基于ARM编译安装docker-harbor
一、编译内核
此举是为了保证redis镜像可以正常启动
1.安装依赖
yum -y install gcc bc gcc-c++ ncurses ncurses-devel cmake elfutils-libelf-devel openssl-devel
2.下载解压
tar -zxvf linux-4.14.1.tar.gz
cd linux-4.14.1
3.清理内核目录
make mrproper
4.修改内核参数
make menuconfig
#选择Kernel Features --> Page szie
#完成之后,会在目录下生成.config文件
5.注释.config文件中的参数CONFIG_SYSTEM_TRUSTED_KEYS
vim .config
#CONFIG_SYSTEM_TRUSTED_KEYS
#CONFIG_SYSTEM_TRUSTED_KEYS 参数前面添加#,将参数这行注释掉
6.编译内核
make -j50
make modules_install
make install
7.生成系统启动引导配置参数
grub2-mkconfig -o /boot/grub2/grub.cfg
8.修改默认内核启动项
cat /boot/grub2/grub.cfg | grep menuentry
grub2-set-default 'CentOS Linux (4.14.1) 7 (AltArch)'
9.重启并验证
reboot
uname -r
getconf PAGESIZE
二、安装harbor
1.签发证书
mkdir /data/ssl -p
cd /data/ssl
pwd
openssl genrsa -out ca.key 3072
openssl req -new -x509 -days 3650 -key ca.key -out ca.pem
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CH
State or Province Name (full name) []:BJ
Locality Name (eg, city) [Default City]:BJ
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
openssl genrsa -out harbor.key 3072
openssl req -new -key harbor.key -out harbor.csr
Country Name (2 letter code) [XX]:CH
State or Province Name (full name) []:BJ
Locality Name (eg, city) [Default City]:BJ
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:harbor
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
openssl x509 -req -in harbor.csr -CA ca.pem -CAkey ca.key -CAcreateserial -out harbor.pem -days 3650
openssl x509 -noout -text -in harbor.pem
2安装
wget https://download.docker.com/linux/centos/docker-ce.repo -P /etc/yum.repos.d
yum install -y docker-ce
systemctl start docker
systemctl enable docker
yum install -y epel-release
yum install -y docker-compose --enablerepo=epel
wget https://codeload.github.com/goharbor/harbor/tar.gz/refs/tags/v1.9.1
tar -xvf v1.9.1
cd harbor-1.9.1/
vim make/harbor.yml
hostname: harbor
https:
# https port for harbor, default is 443
port: 443
# The path of cert and key files for nginx
certificate: /data/ssl/harbor.pem
private_key: /data/ssl/harbor.key
#可修改其中参数,如:主机名、https、数据库密码等。
- 将将 photon:2.0 修改为 photon:3.0( photon:2.0不支持arm )
find ./ -type f|grep "Dockerfile$"|grep -v "\.D"|xargs sed -i "s#photon:2.0#photon:3.0#g"
vim Makefile
82 BUILDBIN=true
100 REGISTRYVERSION=v2.7.1
#修改以上行内容
- 修改make/photon/Makefile的bug
vim make/photon/Makefile
187 @chmod 655 $(DOCKERFILEPATH_REG)/binary/bin/registry && $(DOCKERBUILD) -f $(DOCKERFILEPATH_REG)/$(DOCKERFILENAME_REG)
#registry 前加bin
- 修改make/photon/registry/Dockerfile的bug
vim make/photon/registry/Dockerfile
14 COPY ./make/photon/registry/binary/bin/registry /usr/bin
- 修改make/photon/registryctl/Dockerfile的bug
vim make/photon/registryctl/Dockerfile
12 COPY ./make/photon/registry/binary/bin/registry /usr/bin
yum install -y git
docker pull golang:1.12.12
make install GOBUILDIMAGE=golang:1.12.12 VERSIONTAG=v1.9.1 PKGVERSIONTAG=v1.9.1 UIVERSIONTAG=v1.9.1
报错:
error: RPC failed; result=35, HTTP code = 0报错:error: RPC failed; result=35, HTTP code = 0
处理:
git config --global http.postBuffer 20M #如果不行加大
make package_offline GOBUILDIMAGE=golang:1.12.12 VERSIONTAG=v1.9.1 PKGVERSIONTAG=v1.9.1 UIVERSIONTAG=v1.9.1
tar -xvf harbor-offline-installer-v1.9.1.tgz && cd harbor
sh install.sh
#如果报错就将其它已经启动容器删除
#修改hosts并登录
https://harbor/
#默认账号密码
账号:admin
密码:Harbor12345
三、上传镜像
1.docker配置
vim /etc/docker/daemon.json
#加入harbor的ip
"insecure-registries":["192.168.0.58"],
systemctl daemon-reload && systemctl restart docker
2.登录harbor
docker login 192.168.0.58
Username:admin
Password: Harbor12345
3.上传镜像
#下载并打tag
docker pull centos:7.9.2009
docker tag centos:latest 192.168.0.58/library/centos:7.9.2009
#上传镜像
docker push 192.168.0.58/library/centos:7.9.2009
#删除原来打包好的镜像
docker rmi 192.168.0.58/library/centos:7.9.2009
#拉取镜像
docker pull 192.168.0.58/library/centos:7.9.2009