鏡像下載、功能變數名稱解析、時間同步請點擊 阿裡雲開源鏡像站 問題:搭建私庫認證不通過x509: certificate signed by unknown authority 首先確保配置harbor私庫地址 [root@master harbor]# grep hostname harbor.cfg # ...
鏡像下載、功能變數名稱解析、時間同步請點擊 阿裡雲開源鏡像站
問題:搭建私庫認證不通過x509: certificate signed by unknown authority
首先確保配置harbor私庫地址
[root@master harbor]# grep hostname harbor.cfg
#The IP address or hostname to access admin UI and registry service.
hostname = hub.bingo.com
方法一:/etc/docker/daemon.json,添加私庫地址
{
"insecure-registries":["私庫地址"]
}
方法二:vim /usr/lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd --insecure-registry 私庫地址
[root@master data]# systemctl daemon-reload
[root@master data]# systemctl restart docker
[root@master data]# docker info
修改完成後輸入,doucker info查看下
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
hub.bingo.com #這個地址,做解析
127.0.0.0/8
Live Restore Enabled: false
註意:如果是功能變數名稱形式,記得修改下hosts文件,解析下
ps:多個節點共用同一個harbor倉庫,需配置私有倉庫地址以及將主節點的認證文件傳遞到其他節點的相同目錄下scp -r /data/cert/ root@node1:/data/cert/,配置重啟即可
docker莫名啟動不了,查看狀態發現如下原因,
[root@master system]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: failed (Result: start-limit) since Fri 2021-12-31 11:35:48 +08; 14s ago
Docs: https://docs.docker.com
Process: 17557 ExecStart=/usr/bin/dockerd (code=exited, status=1/FAILURE)
Main PID: 17557 (code=exited, status=1/FAILURE)
Dec 31 11:35:47 master systemd[1]: Failed to start Docker Application Container Engine.
Dec 31 11:35:47 master systemd[1]: Unit docker.service entered failed state.
Dec 31 11:35:47 master systemd[1]: docker.service failed.
Dec 31 11:35:48 master systemd[1]: docker.service holdoff time over, scheduling restart.
Dec 31 11:35:48 master systemd[1]: Stopped Docker Application Container Engine.
Dec 31 11:35:48 master systemd[1]: start request repeated too quickly for docker.service
Dec 31 11:35:48 master systemd[1]: Failed to start Docker Application Container Engine.
Dec 31 11:35:48 master systemd[1]: Unit docker.service entered failed state.
Dec 31 11:35:48 master systemd[1]: docker.service failed.
解決方法:
若配置了國內載入鏡像,鏡像文件為/etc/docker/daemon.json,則修改文件尾碼為.conf即可正常啟動docker 服務
[root@master data]# docker login -u admin -p Harbor12345 hub.bingo.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store
Login Succeeded
可以愉快的玩耍了
https認證:
cd/data/cert/
openssl genrsa -des3 -out server.key 2048 #創建私鑰
openssl req -new -key server.key -out server.csr #發起請求
cp server.key server.key.org #備份私鑰
openssl rsa -in server.key.org -out server.key #轉化證書
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt #簽名
chmod-R777/data/cert
原文鏈接:https://blog.csdn.net/weixin_45961525/article/details/122253256
