Harbor的chartmuseum可以让Helm直接将chart包推送到harbor里,但是注意,harbor从2.8.0开始已经不支持chartmuseum了(目前最新版是2.9.0),而是改为了OCI ,鉴于新版本不太成熟和使用人太少,所以当前,我们安装2.6.2版本
(1)查看历史版本
$ helm search repo harbor -l
(2)下载chart包,16.1.0是chart的版本,而harbor版本为2.6.2
$ helm pull bitnami/harbor --version 16.1.0 --untar
2、参考8.4 API资源对象StorageClass安装SC
$ k get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
nfs-client k8s-sigs.io/nfs-subdir-external-provisioner Delete Immediate false 8h
3、修改默认values.yaml
$ cd harbor
$ vi values.yaml
定义storageClass为nfs-client
将所有"core.harbor.domain"替换为你自己的域名,这里为www.zhang-qing.com
:%s/core.harbor.domain/www.zhang-qing.com/g
说明:上面在vi模式应用
4、安装
$ cd harbor
$ helm install myharbor --version 16.1.0 .
5、查看端口,443端口对应的是31630
$ kubectl get svc |grep harbor |grep LoadBalancer
myharbor LoadBalancer 10.0.104.28 <pending> 80:32256/TCP,443:31630/TCP,4443:32241/TCP 11s
在k8s-master01节点上添加hosts解析
$ vi /etc/hosts
...
...
10.0.104.28 www.zhang-qing.com
6、查看密码
$ kubectl get secret --namespace default myharbor-core-envvars -o jsonpath="{.data.HARBOR_ADMIN_PASSWORD}" | base64 -d
XnCegrM9Ju
7、查看pod是否正常启动
$ k get po | grep myharbor
myharbor-chartmuseum-5c4c98dc9f-xp4vz 1/1 Running 0 94m
myharbor-core-67f4fd7586-mtfdc 1/1 Running 7 (76m ago) 94m
myharbor-jobservice-6c7d9479b5-bq9cw 1/1 Running 6 (73m ago) 94m
myharbor-nginx-56db455867-kdnsz 1/1 Running 7 (78m ago) 94m
myharbor-notary-server-dcf4d97c8-rxxzb 1/1 Running 1 (78m ago) 94m
myharbor-notary-signer-cbd5bc48f-jblv4 1/1 Running 0 94m
myharbor-portal-65747b4f54-qlqh5 1/1 Running 0 94m
myharbor-postgresql-0 1/1 Running 0 94m
myharbor-redis-master-0 1/1 Running 0 94m
myharbor-registry-756b4847d7-w98s5 2/2 Running 0 94m
myharbor-trivy-0 1/1 Running 0 94m
8、浏览器输入www.zhang-qing.com:31630登录,账号:admin,密码:XnCegrM9Ju
如果出现上面情况,调整键盘为英文输入状态,点击页面内的刷新按钮,刷新一下页面,然后用鼠标点击一下当前页面任意位置,紧接着在当前页面使用键盘直接输入:thisisunsafe即可
