Skip to content

Commit

Permalink
更新harbor v1.5.2,优化安装流程允许连接已有harbor仓库
Browse files Browse the repository at this point in the history
  • Loading branch information
gjmzj committed Aug 26, 2018
1 parent c911d2f commit 8892cfc
Show file tree
Hide file tree
Showing 8 changed files with 70 additions and 66 deletions.
20 changes: 13 additions & 7 deletions 11.harbor.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,15 @@
- hosts: harbor
roles:
- { role: chrony, when: "hostvars[groups.deploy[0]]['NTP_ENABLED'] == 'yes'" }
- prepare
- docker
- harbor
- { role: chrony, when: "hostvars[groups.deploy[0]]['NTP_ENABLED'] == 'yes' and NEW_INSTALL == 'yes'" }
- { role: prepare, when: "NEW_INSTALL == 'yes'" }
- { role: docker, when: "NEW_INSTALL == 'yes'" }
- { role: harbor, when: "NEW_INSTALL == 'yes'" }
tasks:
- name: 获取harbor服务器证书
fetch:
src: "{{ ca_dir }}/ca.pem"
dest: "{{ base_dir }}/down/"
flat: yes

- hosts:
- kube-master
Expand All @@ -15,9 +21,9 @@
tasks:
- name: harbor证书目录创建
file: name=/etc/docker/certs.d/{{ harbor_domain }} state=directory

- name: harbor服务器证书安装
copy: src={{ ca_dir }}/ca.pem dest=/etc/docker/certs.d/{{ harbor_domain }}/ca.crt
- name: 推送harbor服务器证书
copy: src={{ base_dir }}/down/ca.pem dest=/etc/docker/certs.d/{{ harbor_domain }}/ca.crt

# 如果你的环境中有dns服务器,可以跳过hosts文件设置
- name: 增加harbor的hosts解析
Expand Down
11 changes: 6 additions & 5 deletions docs/guide/harbor.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,25 +4,26 @@ Habor是由VMWare中国团队开源的容器镜像仓库。事实上,Habor是

### 安装步骤

1. 在deploy节点下载最新的 [docker-compose](https://github.com/docker/compose/releases) 二进制文件,改名后把它放到项目 `/etc/ansible/bin`目录下,后续版本会一起打包进百度云盘`k8s.xxx.tar.gz`文件中,可以省略该步骤。注:k8s.1102.tar.gz已集成该工具
1. 在deploy节点下载最新的 [docker-compose](https://github.com/docker/compose/releases) 二进制文件,改名后把它放到项目 `/etc/ansible/bin`目录下(百度云的二进制文件中已包含)

``` bash
wget https://github.com/docker/compose/releases/download/1.18.0/docker-compose-Linux-x86_64
mv docker-compose-Linux-x86_64 /etc/ansible/bin/docker-compose
```
2. 在deploy节点下载最新的 [harbor](https://github.com/vmware/harbor/releases) 离线安装包,把它放到项目 `/etc/ansible/down` 目录下,也可以从分享的百度云盘下载

3. 由于ansible解压的一些问题,需要将官方的tgz包,重新打包为zip包
3. 由于ansible解压的一些问题,需要将官方的tgz包,重新打包为zip包(百度云分享的harbor离线包已经重新打包为zip格式)

4. 在deploy节点编辑/etc/ansible/hosts文件,可以参考 `example`目录下的模板,修改部分举例如下

``` bash
# 如果启用harbor,请配置后面harbor相关参数
# 参数 NEW_INSTALL=(yes/no):yes表示新建 harbor,并配置k8s节点的docker可以使用harbor仓库
# no 表示仅配置k8s节点的docker使用已有的harbor仓库
[harbor]
192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com"
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=no
```

4. 在deploy节点执行 `cd /etc/ansible && ansible-playbook 11.harbor.yml`完成harbor安装
5. 在deploy节点执行 `ansible-playbook /etc/ansible/11.harbor.yml`完成harbor安装和docker 客户端配置

### 安装讲解

Expand Down
4 changes: 2 additions & 2 deletions example/hosts.allinone.example
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@
[kube-node]
192.168.1.1

# 如果启用harbor,请配置后面harbor相关参数
# 参数 NEW_INSTALL:yes表示新建,no表示使用已有harbor服务器
[harbor]
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com"
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=no

# 预留组,后续添加node节点使用
[new-node]
Expand Down
4 changes: 2 additions & 2 deletions example/hosts.m-masters.example
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@
192.168.1.3
192.168.1.4

# 如果启用harbor,请配置后面harbor相关参数
# 参数 NEW_INSTALL:yes表示新建,no表示使用已有harbor服务器
[harbor]
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com"
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=no

# 预留组,后续添加master节点使用
[new-master]
Expand Down
4 changes: 2 additions & 2 deletions example/hosts.s-master.example
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@
192.168.1.2
192.168.1.3

# 如果启用harbor,请配置后面harbor相关参数
# 参数 NEW_INSTALL:yes表示新建,no表示使用已有harbor服务器
[harbor]
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com"
#192.168.1.8 HARBOR_DOMAIN="harbor.yourdomain.com" NEW_INSTALL=no

# 预留组,后续添加node节点使用
[new-node]
Expand Down
2 changes: 2 additions & 0 deletions roles/harbor/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# harbor version
HARBOR_VER: "v1.5.2"
89 changes: 41 additions & 48 deletions roles/harbor/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,57 +1,50 @@
- name: 下载docker compose 二进制文件
copy: src={{ base_dir }}/bin/docker-compose dest={{ bin_dir }}/docker-compose mode=0755

- name: 创建data目录
file:
path: /data
state: directory
mode: 0755

# 注册变量result,根据result结果判断是否已经安装过harbor
# result|failed 说明没有安装过harbor,下一步进行安装
# result|succeeded 说明已经安装过harbor,下一步跳过安装
# 注册变量result,如果/data目录下存在registry目录说明已经安装过harbor,则不进行安装
- name: 注册变量result
command: ls /data/registry
command: ls /data
register: result
ignore_errors: True

- name: 安装解压工具
package: name={{ item }} state=present
with_items:
- zip
- unzip

- name: 解压harbor离线安装包
unarchive:
src: "{{ base_dir }}/down/harbor-offline-installer-v1.5.1.zip"
dest: /data
copy: yes
keep_newer: yes
mode: 0755
when: result is failed

- name: 导入harbor所需 docker images
shell: "{{ bin_dir }}/docker load -i /data/harbor/harbor.v1.5.1.tar.gz"
when: result is failed

- name: 创建harbor证书请求
template: src=harbor-csr.json.j2 dest={{ ca_dir }}/harbor-csr.json
when: result is failed

- name: 创建harbor证书和私钥
shell: "cd {{ ca_dir }} && {{ bin_dir }}/cfssl gencert \
-ca={{ ca_dir }}/ca.pem \
-ca-key={{ ca_dir }}/ca-key.pem \
-config={{ ca_dir }}/ca-config.json \
-profile=kubernetes harbor-csr.json | {{ bin_dir }}/cfssljson -bare harbor"
when: result is failed

- name: 配置 harbor.cfg 文件
template: src=harbor.cfg.j2 dest=/data/harbor/harbor.cfg
when: result is failed

- name: 安装 harbor
shell: "cd /data/harbor && \
export PATH={{ bin_dir }}:$PATH && \
./install.sh --with-clair"
when: result is failed
- block:
- name: 下载docker compose 二进制文件
copy: src={{ base_dir }}/bin/docker-compose dest={{ bin_dir }}/docker-compose mode=0755

- name: 安装解压工具
package: name={{ item }} state=present
with_items:
- zip
- unzip

- name: 解压harbor离线安装包
unarchive:
src: "{{ base_dir }}/down/harbor-offline-installer-{{ HARBOR_VER }}.zip"
dest: /data
copy: yes
keep_newer: yes
mode: 0755

- name: 导入harbor所需 docker images
shell: "{{ bin_dir }}/docker load -i /data/harbor/harbor.{{ HARBOR_VER }}.tar.gz"

- name: 创建harbor证书请求
template: src=harbor-csr.json.j2 dest={{ ca_dir }}/harbor-csr.json

- name: 创建harbor证书和私钥
shell: "cd {{ ca_dir }} && {{ bin_dir }}/cfssl gencert \
-ca={{ ca_dir }}/ca.pem \
-ca-key={{ ca_dir }}/ca-key.pem \
-config={{ ca_dir }}/ca-config.json \
-profile=kubernetes harbor-csr.json | {{ bin_dir }}/cfssljson -bare harbor"

- name: 配置 harbor.cfg 文件
template: src=harbor.cfg.j2 dest=/data/harbor/harbor.cfg

- name: 安装 harbor
shell: "cd /data/harbor && \
export PATH={{ bin_dir }}:$PATH && \
./install.sh --with-clair"
when: '"registry" not in result.stdout'
2 changes: 2 additions & 0 deletions tools/init_vars.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
- docker
- etcd
- flannel
- harbor
- helm
- kube-master
- kube-node
Expand All @@ -36,6 +37,7 @@
- docker
- etcd
- flannel
- harbor
- helm
- kube-master
- kube-node
Expand Down

0 comments on commit 8892cfc

Please sign in to comment.