harbor.yml配置
[root@R420 harbor]# cat harbor.yml # Configuration file of Harbor # The IP address or hostname to access admin UI and registry service. # DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients. hostname: 192.168.100.33 #寫IP地址,不寫域名 # http related config http: # port for http, default is 80. If https enabled, this port will redirect to https port port: 899 # https related config #https: # https port for harbor, default is 443 # port: 443 # The path of cert and key files for nginx #certificate: /your/certificate/path #private_key: /your/private/key/path # # Uncomment following will enable tls communication between all harbor components # internal_tls: # # set enabled to true means internal tls is enabled # enabled: true # # put your cert and key files on dir # dir: /etc/harbor/tls/internal # Uncomment external_url if you want to enable external proxy # And when it enabled the hostname will no longer used # external_url: https://reg.mydomain.com:8433 # The initial password of Harbor admin # It only works in first time to install harbor # Remember Change the admin password from UI after launching Harbor. harbor_admin_password: Harbor12345 # Harbor DB configuration database:
Nginx配置
server { listen 443 ssl; listen 80; server_name harbor.xxx.com; ssl_certificate cert/1_harbor.xxx.com_bundle.crt; ssl_certificate_key cert/2_harbor.xxx.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { proxy_pass http://127.0.0.1:899; proxy_redirect on; #一定要設置為on,否則不能push到倉庫. proxy_redirect http:// $scheme://; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 0m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 6 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } }
測試,網頁和docker login都問題.docker login可以用2個地址登錄
docker login 192.168.100.xx:899 docker login harbor.xxx.com
問題解決
[root@R420 harbor]# docker push harbor.xxx.com/library/centos:v1 The push refers to repository [harbor.xxx.com/library/centos] 89169d87dbe2: Pushing [==================================================>] 209.5MB error parsing HTTP 413 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>413 Request Entity Too Large</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>413 Request Entity Too Large</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n"
增加Nignx配置,放開限制:client_max_body_size 0;
docker推送到私有倉庫測試
#推送前必須為images打tag
docker tag f1cb7c7d58b7 harbor.xxx.com/library/centos:v1
f1cb7c7d58b7:鏡像(image)名稱.
harbor.xxx.com:私有倉庫域名.
library:倉庫項目,可以自己創建.
centos:v1 鏡像名稱和版本.
docker push harbor.xxx.com/library/centos:v1
成功.