0

我正在尝试设置Harbor。我面临的问题是我可以通过 web ui 登录,但无法通过 Docker-cli 登录。我在 Harbor 前面有负载均衡器 (AWS ALB),我清除了harbor.yml文件中的 HTTPS 部分。最后产生了下面的脚本。(我正在userdata.sh使用 Terraform 运行以下内容)

"insecure-registries" : [MYHOST, "0.0.0.0"]由于官方文件说 我添加了If your installation of Harbor uses HTTP, you must add the option --insecure-registry to your client's Docker daemon and restart the Docker service. For more information, see Connecting to Harbor via HTTP below.

我仍然无法登录,并面临如下错误。这个问题有什么解决办法吗?

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://MYHOST/v2/: Get http://MYHOST/service/token?account=admin&client_id=docker&offline_token=true&service=harbor-registry: net/http: request canceled (Client.Timeout exceeded while awaiting headers) (Client.Timeout exceeded while awaiting headers)


#!/bin/bash
# Strict mode (http://redsymbol.net/articles/unofficial-bash-strict-mode/)
set -euo pipefail; IFS=$'\n\t'
# Echo all commands
set -x
# Register Official Docker GPG Key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu  $(lsb_release -cs)  stable"
apt update -y
# Install Tools
apt install -y \
  docker-ce \
  apt-transport-https \
  ca-certificates \
  software-properties-common \
  awscli \
  jq
mkdir -p /etc/docker
cat > /etc/docker/daemon.json << EOF
{
  "dns" : ["8.8.8.8","8.8.4.4"],
  "insecure-registries" : [MYHOST, "0.0.0.0"]
}
EOF
systemctl restart docker
# Install Docker Compose
curl -L "https://github.com/docker/compose/releases/download/1.27.4/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
# Install Harbor
mkdir /home/ubuntu/harbor
cd /home/ubuntu/harbor/
wget https://github.com/goharbor/harbor/releases/download/v2.0.5/harbor-offline-installer-v2.0.5.tgz
tar -xzvf harbor-offline-installer-v2.0.5.tgz
cat > /home/ubuntu/harbor/harbor/harbor.yml << EOF
# Configuration file of Harbor
hostname: MYHOST
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80
# https related config
# https:
  # https port for harbor, default is 443
  #   port: 443
  # The path of cert and key files for nginx
  # certificate: /your/certificate/path
  # private_key: /your/private/key/path
harbor_admin_password: Harbor12345
# Harbor DB configuration
database:
  # The password for the root user of Harbor DB. Change this before any production use.
  password: root123
  # The maximum number of connections in the idle connection pool. If it <=0, no idle connections are retained.
  max_idle_conns: 50
  # The maximum number of open connections to the database. If it <= 0, then there is no limit on the number of open connections.
  # Note: the default number of connections is 1024 for postgres of harbor.
  max_open_conns: 1000
# The default data volume
data_volume: /data
# Clair configuration
clair:
  # The interval of clair updaters, the unit is hour, set to 0 to disable the updaters.
  updaters_interval: 12
jobservice:
  max_job_workers: 10
notification:
  webhook_job_max_retry: 10
chart:
  absolute_url: disabled
log:
  # options are debug, info, warning, error, fatal
  level: info
  # configs for logs in local storage
  local:
    rotate_count: 50
    rotate_size: 200M
    location: /var/log/harbor
#This attribute is for migrator to detect the version of the .cfg file, DO NOT MODIFY!
_version: 2.0.0
# Uncomment external_database if using external database.
proxy:
  http_proxy:
  https_proxy:
  no_proxy:
  components:
EOF
sudo /bin/bash /home/ubuntu/harbor/harbor/install.sh --with-clair
4

0 回答 0