---

theme: cyanosis

持續創作，加速成長！這是我參與「掘金日新計劃 · 6 月更文挑戰」的第20天，點選檢視活動詳情

---

安裝包

docker-20.10.9.tgz(可點選下載)、

docker-compose(可點選下載)、

docker.service 如下： ``` [Unit]

Description=Docker Application Container Engine

Documentation=https://docs.docker.com

After=network-online.target firewalld.service

Wants=network-online.target

[Service]

Type=notify

the default is not to use systemd for cgroups because the delegate issues still

exists and systemd currently does not support the cgroup feature set required

for containers run by docker

開啟遠端連線

ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock

ExecReload=/bin/kill -s HUP $MAINPID

Having non-zero Limit*s causes performance problems due to accounting overhead

in the kernel. We recommend using cgroups to do container-local accounting.

LimitNOFILE=infinity

LimitNPROC=infinity

LimitCORE=infinity

Uncomment TasksMax if your systemd version supports it.

Only systemd 226 and above support this version.

TasksMax=infinity

TimeoutStartSec=0

set delegate yes so that systemd does not reset the cgroups of docker containers

Delegate=yes

kill only the docker process, not all processes in the cgroup

KillMode=process

restart the docker process if it exits prematurely

Restart=on-failure

StartLimitBurst=3

StartLimitInterval=60s

[Install]

WantedBy=multi-user.target ```

一、docker和docker-compose離線部署

1、上傳docker-20.10.9.tgz安裝包並解壓

``` tar  -zxvf docker-20.10.9.tgz

cp docker/* /usr/bin/ ```

2、docker.service檔案

mv docker.service /usr/lib/systemd/system/

3、啟動Docker

systemctl daemon-reload systemctl enable docker systemctl start docker systemctl status docker

4、docker-compose部署

cp -r docker-compose /usr/local/bin/ cp -r docker-compose /usr/local/sbin/ chmod a+x /usr/local/bin/docker-compose chmod a+x /usr/local/sbin/docker-compose

5、測試docker-compose

docker-compose -v

二、安裝harbor作為本地的倉庫

Harbor是一個開源的可信雲本地註冊專案，用於儲存、簽名和掃描內容。Harbor通過新增使用者通常需要的功能（如安全性、身份和管理）擴充套件了開源Docker發行版。使登錄檔更接近構建和執行環境可以提高影象傳輸效率。

1、解壓harbor-offline-installer-v2.3.0.tgz

tar xvf harbor-offline-installer-v1.9.3.tgz

2、進入harbor目錄，修改harbor.yml

cp -r harbor.yml.tmpl harbor.yml vi harbor.yml

``` hostname: 192.168.4.xxx     ##對應伺服器IP port: 80            ##對應harbor應用埠

port: 443 ##遮蔽https

certificate: /your/certificate/path ##遮蔽https

private_key: /your/private/key/path ##遮蔽https

harbor_admin_password: llsydn123 ##harbor登入密碼，根據情況修改
```

3、配置docker client，編輯/etc/docker/daemon.json

Harbor的預設安裝使用HTTP—因此，您需要將選項“-unsecure registry”新增到客戶端的Docker守護程序，並重新啟動Docker服務。

vi /etc/docker/daemon.json {"insecure-registries" : [ "192.168.4.xxx" ] }

• 重啟docker

service docker restart

4、安裝 Harbor

./install.sh

5、訪問harbor

http://<your_harbor_host_ip

預設使用者名稱和密碼：admin/llsydn123

---

好了，以上就是我個人的實操了。

個人理解，可能也不夠全面，班門弄斧了。

好了，今天就先到這裡了！！！^_^

如果覺得有收穫的，幫忙點贊、評論、收藏一下唄！！！