一·http方式

 harbor项目现托管在github上面，在此处以harbor v1.7.5为例演示。
  1·将harbor的二进制包下载到/usr/local/src目录下
  2·解压缩 tar xvf harbor.v.1.7.5.tar
  3·进如到解压harbor目录中，修改harbor.cfg文件

 1 ## Configuration file of Harbor
  2 
  3 #This attribute is for migrator to detect the version of the .cfg fil    e, DO NOT MODIFY!
  4 _version = 1.7.0
  5 #The IP address or hostname to access admin UI and registry service.
  6 #DO NOT use localhost or 127.0.0.1, because Harbor needs to be access    ed by external clients.
  7 #DO NOT comment out this line, modify the value of "hostname" directl    y, or the installation will fail.
  8 hostname = 192.168.238.7
  9 
 10 #The protocol for accessing the UI and token/notification service, by     default it is http.
 11 #It can be set to https if ssl is enabled on nginx.
 12 ui_url_protocol = http
 13 
 14 #Maximum number of job workers in job service  
 15 max_job_workers = 10 
 ...
 58 email_server = smtp.mydomain.com
 59 email_server_port = 25
 60 email_username = sample_admin@mydomain.com
 61 email_password = abc
 62 email_from = admin 
 63 email_ssl = false
 64 email_insecure = false
 65 
 66 ##The initial password of Harbor admin, only works for the first time     when Harbor starts. 
 67 #It has no effect after the first launch of Harbor.
 68 #Change the admin password from UI after launching Harbor.
 69 harbor_admin_password = 123456

  主要修改hostname和adminpasswd。
  4·查看install.sh文件，查看安装harbor所需环境

#!/bin/bash

#docker version: 1.11.2 
#docker-compose version: 1.7.1 
#Harbor version: 0.4.0 

  此为最低版本要求，docker的安装可以在阿里镜像站按照步骤一步步安装，但是docker-compose若是要安装最新版本就需要下载python-pip一个类似yum或apt的工具，然后在使用pip install docker-compose安装即可
  5·运行install.sh脚本安装，至此，安装完成

• 我们上传的镜像会存放在宿主机的docker/registry/v2/repositories/
• 需要上传和下载harbor镜像的docker服务器需要在docker的启动脚本中添加信任不可靠的镜像原

  vim /lib/systemd/system/docker.service
  ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry 192.168.238.12(harbor地址)

  • 重启docker
  • 上传镜像时首先要登陆到harbor服务器
    docker login 192.168.238.7
    输入账号为admin密码为harbor.cfg中所配置密码登陆成功，然后对制作的镜像重新打tag，例如
    tag nginx:laste 192.168.238.7/NGINX/nginx:5.2
    其中NGINX必须要有这个项目方可上传
  • 在网页打开192.168.238.7，输入账号密码，创建NGINX项目
    
  • docker push 192.168.238.7/NGINX/nginx:5.2

      2·实现高可用的harbor

        1·配置同上新建一个harbor服务
        2·在docker的启动脚本中加上两个harbor服务器的地址
        3·在主harbor服务器的网页上做如下操作
    
    按照提示一步步添加另一台harbor

二·https方式

 1·如上http方式部署。只是不用在docker的启动脚本中添加受信任的地址
 2.在harbor的安装目录下创建一个certs目录
mkdir certs
 3·生成私钥和公钥（注：公钥的地址要与harbor.cfg中的hostname相同）
openssl genrsa -out harbor-ca.key
touch /root/.rnd
openssl req -x509 -new -nodes -key harbor-ca.key -subj "/CN=harbor.magedu.net" -days 7120 -out harbor-ca.crt
 4·修改harbor.cfg配置文件

  1 ## Configuration file of Harbor
  2 
  3 #This attribute is for migrator to detect the version of the .cfg fil    e, DO NOT MODIFY!
  4 _version = 1.7.0
  5 #The IP address or hostname to access admin UI and registry service.
  6 #DO NOT use localhost or 127.0.0.1, because Harbor needs to be access    ed by external clients.
  7 #DO NOT comment out this line, modify the value of "hostname" directl    y, or the installation will fail.
  8 hostname = harbor.magedu.net
  9 
 10 #The protocol for accessing the UI and token/notification service, by     default it is http.
 11 #It can be set to https if ssl is enabled on nginx.
 12 ui_url_protocol = https
13 
 14 #Maximum number of job workers in job service  
 15 max_job_workers = 10 
 16 
 17 #Determine whether or not to generate certificate for the registry's     token.
 18 #If the value is on, the prepare script creates new root cert and pri    vate key 
 19 #for generating token to access the registry. If the value is off the     default key/cert will be used.
 20 #This flag also controls the creation of the notary signer's cert.
 21 customize_crt = on
 22 
 23 #The path of cert and key files for nginx, they are applied only the     protocol is set to https
 24 ssl_cert = /usr/local/src/harbor/certs/harbor-ca.crt
 25 ssl_cert_key = /usr/local/src/harbor/certs/harbor-ca.key
 26 
 *67 #It has no effect after the first launch of Harbor.
 68 #Change the admin password from UI after launching Harbor.
 69 harbor_admin_password = 123456
*

这个域名要有dns解析或者是hosts文件
 5·docker客户端分发公钥
mkdir -p /etc/docker/certs.d/(harbor.cfg中的hostname)
将harbor的公钥拷贝过来 /etc/docker/certs.d/(harbor.cfg中的hostname）重启docker即可