Harbor 설치

masterip=<입력>

harbor를 설치합니다.

cd ~
k create ns harbor
helm repo add harbor https://helm.goharbor.io
helm fetch harbor/harbor
tar zxvf harbor-1.14.0.tgz && cd harbor

로그인에 사용할 docker를 설치합니다.

apt install -y docker.io

harbor 인증서 생성 및 secret 생성

# ca.key, certificate / server.key, certificate 생성
docker run -v /etc/certs:/certs   -e SSL_SUBJECT=harbor.${masterip}.nip.io  -e SSL_DNS=harbor.${masterip}.nip.io    onevibe12/selfsign-ssl
cd /etc/certs


# .pem -> .key
openssl rsa -in ca-key.pem -text > ca.key
openssl rsa -in key.pem -text > harbor.server.key

# .pem -> .crt
openssl x509 -inform PEM -in ca.pem -out ca.crt
openssl x509 -inform PEM -in cert.pem -out harbor.server.crt

# .pem -> .cert
openssl x509 -inform PEM -in ca.pem -out ca.cert
openssl x509 -inform PEM -in cert.pem -out harbor.server.cert


cat <<EOF > secret-harbor.yaml
apiVersion: v1
kind: Secret
metadata:
  name: secret-harbor
  namespace: harbor
type: kubernetes.io/tls
data:
  ca.crt: $(cat ca.crt | base64 -w 0 )
  tls.crt: $(cat harbor.server.crt | base64 -w 0 )
  tls.key: $(cat harbor.server.key | base64 -w 0 )
EOF

k apply -f secret-harbor.yaml

mkdir -p /etc/docker/certs.d/harbor.${masterip}.nip.io
cp * /etc/docker/certs.d/harbor.${masterip}.nip.io/
 

harbor 배포

직접 values.yaml을 수정하시거나, 아래 명령어를 사용하세요.

expose.secret.secretName : ${secret-name} 

expose.ingress.hosts.core : ${domain} 

externalURL: ${domain}


cd ~/harbor
helm install -f values.yaml -n harbor harbor ./ \
--set expose.secret.secretName=secret-harbor \
--set expose.ingress.hosts.core=harbor.${masterip}.nip.io \
--set expose.tls.enabled=true \
--set externalURL=https://harbor.${masterip}.nip.io

Docker login 설정 - 이후 docker login할 다른 url도 추가했습니다.

rm /etc/docker/daemon.json

cat <<EOF> /etc/docker/daemon.json
{
  "insecure-registries": ["http://harbor.${masterip}.nip.io", "http://nexus.${masterip}.nip.io", "http://gitlab.${masterip}.nip.io"]
}
EOF

systemctl reload-daemon
systemctl restart docker

docker login test

docker login harbor.${masterip}.nip.io -u admin -p Harbor12345