(DK) HARBOR 구성

728x90

(DK) Docker Install

Docker Install sudo apt-get update sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dear..

huntedhappy.tistory.com

CERTIFICATE 생성

openssl genrsa -out ca.key 4096


openssl req -x509 -new -nodes -sha512 -days 3650 \
 -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=10.253.107.253" \
 -key ca.key \
 -out ca.crt
 
 
openssl genrsa -out yourdomain.com.key 4096
 
openssl req -sha512 -new \
    -subj "/C=CN/ST=Beijing/L=Beijing/O=example/OU=Personal/CN=10.253.107.253" \
    -key yourdomain.com.key \
    -out yourdomain.com.csr
	
cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1=*.vcf.local
#DNS.2=hostname
IP.1=10.253.107.253
#IP.2=10.253.107.253
EOF
	
openssl x509 -req -sha512 -days 3650 \
    -extfile v3.ext \
    -CA ca.crt -CAkey ca.key -CAcreateserial \
    -in yourdomain.com.csr \
    -out yourdomain.com.crt
	
	
openssl x509 -inform PEM -in yourdomain.com.crt -out yourdomain.com.cert
	
cp yourdomain.com.cert /etc/docker/certs.d/yourdomain.com/
cp yourdomain.com.key /etc/docker/certs.d/yourdomain.com/
cp ca.crt /etc/docker/certs.d/yourdomain.com/

apt install docker-compose -y

## 인증서 생성시 
mkdir -p /data/cert

cd /data/cert

## docker 인증서 넣기
mkdir -p /etc/docker/cert.d/ { Harbor IP or FQDN }

cp lesstif-rootca.cert /etc/docker/cert.d/{ Harbor IP or FQDN}

## 예시
mkdir -p /etc/docker/cert.d/harbor.vcf.local

cp lesstif-rootca.cert /etc/docker/cert.d/harbor.vcf.local

systemctl restart docker

cp /data/cert/lesstif-rootca.cert /usr/local/share/ca-certificates/

update-ca-certificates

HARBOR DOWNLOAD

Releases · goharbor/harbor

An open source trusted cloud native registry project that stores, signs, and scans content. - goharbor/harbor

github.com

cd /var/tmp/

wget https://github.com/goharbor/harbor/releases/download/v1.10.8/harbor-offline-installer-v1.10.8.tgz

tar harbor-offline-installer-v1.10.8.tgz

cd /var/tmp/harbor

vi harbor.yml

hostname: { HARBOR IP or FQDN } ## 인증서를 IP로 생성 했으면 IP , FQDN으로 했으면 FQDN 적용

## Docker Hub 계정 필요

docker login

 ./prepare

UI 접속

cat << EOF | tee /etc/docker/daemon.json
{
  "insecure-registries" : ["10.253.108.28","harbor.vcf.local"]
}

EOF

docker login harbor.vcf.local

IMAGE PUSH

## IMAGE PUSH
docker image pull nginx

docker tag nginx:latest harbor.vcf.local/library/nginx:latest

docker push harbor.vcf.local/library/nginx:latest

저작자표시

'K8S > DOCKER' 카테고리의 다른 글

(DK) WSL에서 Harbor 배포 (0)	2021.08.27
(DK) Docker Install (0)	2021.06.11

내 블로그 - 관리자 홈 전환	`Q` `Q`
새 글 쓰기	`W` `W`

글 수정 (권한 있는 경우)	`E` `E`
댓글 영역으로 이동	`C` `C`

이 페이지의 URL 복사	`S` `S`
맨 위로 이동	`T` `T`
티스토리 홈 이동	`H` `H`
단축키 안내	`Shift` + `/` `⇧` + `/`

DK

(DK) HARBOR 구성

'K8S > DOCKER' 카테고리의 다른 글

티스토리툴바

단축키

내 블로그

블로그 게시글

모든 영역

(DK) HARBOR 구성

'K8S > DOCKER' 카테고리의 다른 글

'K8S/DOCKER' Related Articles

티스토리툴바

단축키

내 블로그

블로그 게시글

모든 영역