我正在尝试设置Harbor。我面临的问题是我可以通过 web ui 登录,但无法通过 Docker-cli 登录。我在 Harbor 前面有负载均衡器 (AWS ALB),我清除了harbor.yml
文件中的 HTTPS 部分。最后产生了下面的脚本。(我正在userdata.sh
使用 Terraform 运行以下内容)
"insecure-registries" : [MYHOST, "0.0.0.0"]
由于官方文件说
我添加了If your installation of Harbor uses HTTP, you must add the option --insecure-registry to your client's Docker daemon and restart the Docker service. For more information, see Connecting to Harbor via HTTP below.
我仍然无法登录,并面临如下错误。这个问题有什么解决办法吗?
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://MYHOST/v2/: Get http://MYHOST/service/token?account=admin&client_id=docker&offline_token=true&service=harbor-registry: net/http: request canceled (Client.Timeout exceeded while awaiting headers) (Client.Timeout exceeded while awaiting headers)
#!/bin/bash
# Strict mode (http://redsymbol.net/articles/unofficial-bash-strict-mode/)
set -euo pipefail; IFS=$'\n\t'
# Echo all commands
set -x
# Register Official Docker GPG Key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
apt update -y
# Install Tools
apt install -y \
docker-ce \
apt-transport-https \
ca-certificates \
software-properties-common \
awscli \
jq
mkdir -p /etc/docker
cat > /etc/docker/daemon.json << EOF
{
"dns" : ["8.8.8.8","8.8.4.4"],
"insecure-registries" : [MYHOST, "0.0.0.0"]
}
EOF
systemctl restart docker
# Install Docker Compose
curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
# Install Harbor
mkdir /home/ubuntu/harbor
cd /home/ubuntu/harbor/
wget https://github.com/goharbor/harbor/releases/download/v2.0.5/harbor-offline-installer-v2.0.5.tgz
tar -xzvf harbor-offline-installer-v2.0.5.tgz
cat > /home/ubuntu/harbor/harbor/harbor.yml << EOF
# Configuration file of Harbor
hostname: MYHOST
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 80
# https related config
# https:
# https port for harbor, default is 443
# port: 443
# The path of cert and key files for nginx
# certificate: /your/certificate/path
# private_key: /your/private/key/path
harbor_admin_password: Harbor12345
# Harbor DB configuration
database:
# The password for the root user of Harbor DB. Change this before any production use.
password: root123
# The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
max_idle_conns: 50
# The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
# Note: the default number of connections is 1024 for postgres of harbor.
max_open_conns: 1000
# The default data volume
data_volume: /data
# Clair configuration
clair:
# The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.
updaters_interval: 12
jobservice:
max_job_workers: 10
notification:
webhook_job_max_retry: 10
chart:
absolute_url: disabled
log:
# options are debug, info, warning, error, fatal
level: info
# configs for logs in local storage
local:
rotate_count: 50
rotate_size: 200M
location: /var/log/harbor
#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version: 2.0.0
# Uncomment external_database if using external database.
proxy:
http_proxy:
https_proxy:
no_proxy:
components:
EOF
sudo /bin/bash /home/ubuntu/harbor/harbor/install.sh --with-clair