After Harbor is configured as a Mirror server, when the client uses docker pull image that does not exist in Harbor repository, the Mirror server will first pull image from remote Registry and cache it in the Mirror server. The next time you pull an image directly from the mirror, you no longer need to pull it from the remote Registry.
Harbor as Mirror server:
1. The solution is to separate the private server from the mirror.
2. Do not delete the mirror in the warehouse on the UI.
3. The official image is stored in the Library project
First, install Harbor
www.jianshu.com/p/08663f7a6…
Configure the Mirror Registry
1. Edit the common/config/registry/config. Yml, and increase the following configuration (set remote docker warehouse for the docker’s official website address, also can be set to domestic source) :
proxy: remoteurl: https://registry-1.docker.io
Copy the codeCopy the code
If you need to proxy a docker Hub private repository, the configuration is as follows:
Proxy: remoteURL: https://registry-1.docker.io username: username #docker hub account password: password #docker hub passwordCopy the codeCopy the code
To make the configuration take effect:
[root@harbor harbor]# docker-compose down[root@harbor harbor]# docker-compose up -d
Copy the codeCopy the code
Check the status to ensure that all containers are in Up state:
[root@harbor harbor]# docker-compose ps Name Command State Ports ------------------------------------------------------------------------------------------------------------------------ -------------harbor-adminserver /harbor/start.sh Up (healthy) harbor-db /usr/local/bin/docker-entr ... Up (healthy) 3306/tcp harbor-jobservice /harbor/start.sh Up (healthy) harbor-log /bin/sh -c /usr/local/bin/ ... Up (healthy) 127.0.0.1:1514->10514/ TCP harbor-ui /harbor/start.sh Up (healthy) nginx nginx -g daemon off; Up 0.0.0.0:443->443/ TCP, 0.0.0.0:4443->4443/ TCP, 0.0.0.0:80->80/tcpregistry /entrypoint.sh serve /etc/... Up (healthy) 5000/tcpCopy the codeCopy the code
2. The client accesses the Mirror Registry
Land Registry:
[root@client ~]# docker login registry.company.comUsername (admin):Password:Login Succeeded
Copy the codeCopy the code
Test downloading images from a private repository
For example, download images: test/alpine:latest from docker Hub
1) Now create the test project in the UI
Then pull the private image:
[root@client ~]# docker pull registry.company.com/test/alpine:latestlatest: Pulling from test/alpine385e281300cc: Pull completea3ed95caeb02: Pull completeb00bda0d8d25: Pull complete67fe4f6d2a81: Pull complete15c3422237e6: Pull completeb45b695d0b23: Pull completeDigest: sha256:a019c7ecc83984a58b34487593918287f14635dcaf4603f69077f4bcb648b275Status: Downloaded newer image for registry.company.com/test/alpine:latest
Copy the codeCopy the code
Check the harbor’s log to prove that it has been downloaded from harbor Mirror Registry:
tail /var/log/harbor/registry.log
Copy the codeCopy the code
The alpine image is already in the test project
View storage location:
# ls /data/registry/docker/registry/v2/repositories/test/alpine/ -l
Copy the codeCopy the code
Delete Harbor container and preserve data:
$ sudo docker-compose down -v
Copy the codeCopy the code
Delete all data:
$ rm -r /data/database$ rm -r /data/registry
Copy the codeCopy the code
If the./prepare script is executed for other reasons, the common/config/ configuration file (common/config/) is deleted due to backdeletion.
For example the configuration Mirror Registry will need to configure the common/config/Registry/config. Yml, if there is. / prepare script, you need to add the proxy.
3. The other
3.1 After the Mirror Registry is configured, the image cannot be pushed to the Registry, and the Harbor warehouse needs to be set up separately for push
3.2 The Replication Function cannot be Used even after the Mirror Registry is configured.