centos上部署k8s

环境准备

四台Linux服务器

主机名	IP	角色
k8s-master-94	192.168.0.94	master
k8s-node1-95	192.168.0.95	node1
k8s-node2-96	192.168.0.96	node2
habor	192.168.0.77	镜像仓库

三台机器均执行以下命令：

• 查看centos版本

[root@localhost Work]# cat /etc/redhat-release
CentOS Linux release 8.5.2111

• 关闭防火墙和selinux

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# sed -i 's/enforcing/disabled/' /etc/selinux/config
[root@localhost ~]# setenforce 0

• 关闭swap分区（k8s禁止虚拟内存以提高性能）

# 临时关闭；关闭swap主要是为了性能考虑
[root@localhost ~]#swapoff -a
# 可以通过这个命令查看swap是否关闭了
[root@localhost ~]#free
# 永久关闭
[root@localhost ~]#sed -ri 's/.*swap.*/#&/' /etc/fstab

• 修改主机名

# 在192.168.0.94执行
[root@localhost ~]#hostnamectl set-hostname  k8s-master-94
# 在192.168.0.95执行
[root@localhost ~]#hostnamectl set-hostname k8s-node1-95
# 在192.168.0.96执行
[root@localhost ~]#hostnamectl set-hostname k8s-node2-96
[root@localhost ~]#hostname $hostname # 立刻生效

• 修改hosts表

[root@localhost ~]# cat >> /etc/hosts<<EOF
> 192.168.0.94 k8s-master-94
> 192.168.0.95 k8s-node1-95
> 192.168.0.96 k8s-node2-96
> EOF

• 时间同步

[root@localhost ~]#yum install chrony -y
[root@localhost ~]#systemctl start chronyd
[root@localhost ~]#systemctl enable chronyd
[root@localhost ~]#chronyc sources

• 允许 iptables 检查桥接流量，将桥接的IPv4流量传递到iptables的链：以下net.ipv4.ip_forward如存在=0，修改为1即可

[root@localhost ~]# cat > /etc/sysctl.d/k8s.conf << EOF
> net.ipv4.ip_forward = 1
> net.ipv4.tcp_tw_recycle = 0
> net.bridge.bridge-nf-call-ip6tables = 1
> net.bridge.bridge-nf-call-iptables = 1
> EOF
[root@localhost ~]#
sysctl --system

• 安装docker，如果有问题，参考这里解决：

Centos 8安装Docker及报错解决办法_duansamve的博客-CSDN博客_centos8 docker 安装失败

##卸载旧版本
yum remove docker \docker-client \docker-client-latest \docker-common \docker-latest \docker-latest-logrotate \docker-logrotate \docker-engine##更换镜像
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo###进入yum目录
cd /etc/yum.repos.d## 删除目录下所有文件(注意完整复制，不要漏了那个点)
rm -rf ./*##安装正确的镜像源
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo##生成缓存
yum makecache##安装需要的软件包， yum-util 提供yum-config-manager功能，另外两个是devicemapper驱动依赖的
yum install -y yum-utils device-mapper-persistent-data lvm2##设置yum源
um-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo##安装docker
yum install -y docker-ce##启动并加入开机启动
systemctl start docker
systemctl enable docker##验证安装是否成功
docker version
docker info##配置镜像加速
mkdir -p /etc/dockertee /etc/docker/daemon.json <<-'EOF'
{"registry-mirrors": ["https://ccdkz6eh.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker

安装kubeadm，kubelet和kubectl

三台机器执行

• 添加k8s阿里云YUM软件源

[root@k8s-node1-80 ~]# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
> [kubernetes]
> name=Kubernetes
> baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
> enabled=1
> gpgcheck=1
> repo_gpgcheck=1
> gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
> EOF#清除缓存[root@k8s-node1-80 ~]# yum clean all
#把服务器的包信息下载到本地电脑缓存起来，makecache建立一个缓存[root@k8s-node1-80 ~]# yum makecache
#列出kubectl可用的版本[root@k8s-node1-80 ~]# yum list kubectl --showduplicates | sort -r

• 安装kubeadm，kubelet和kubectl

[root@k8s-node1-80 ~]#yum install -y kubelet-1.21.0 kubeadm-1.21.0 kubectl-1.21.0
[root@k8s-node1-80 ~]#systemctl start kubelet
[root@k8s-node1-80 ~]#systemctl enable kubelet#查看有没有安装
[root@k8s-node2-92 ~]# yum list installed | grep kubelet
kubelet.x86_64                                     1.21.0-0                                      @kubernetes
[root@k8s-node2-92 ~]# yum list installed | grep kubeadm
kubeadm.x86_64                                     1.21.0-0                                      @kubernetes
[root@k8s-node2-92 ~]# yum list installed | grep kubectl
kubectl.x86_64                                     1.21.0-0                                      @kubernetes

• 查看安装的版本

[root@k8s-node2-92 ~]# kubelet --version
Kubernetes v1.21.0
##########3
Kubelet：运行在cluster所有节点上，负责启动POD和容器；
Kubeadm：用于初始化cluster的一个工具；
Kubectl：kubectl是kubenetes命令行工具，通过kubectl可以部署和管理应用，查看各种资源，创建，删除和更新组件；

• 重启centos

reboot

初始化K8S集群

部署master节点，在192.168.0.94执行

kubeadm init --apiserver-advertise-address=192.168.0.94 \
--apiserver-cert-extra-sans=127.0.0.1 \
--image-repository=registry.aliyuncs.com/google_containers \
--ignore-preflight-errors=all \
--kubernetes-version=v1.21.0 \
--service-cidr=10.10.0.0/16 \
--pod-network-cidr=10.244.0.0/16参数说明--apiserver-advertise-address=192.168.0.94 ：这个参数就是master主机的IP地址，例如我的Master主机的IP是：192.168.0.94 --image-repository=registry.aliyuncs.com/google_containers：这个是镜像地址，由于国外地址无法访问，故使用的阿里云仓库地址：registry.aliyuncs.com/google_containers--kubernetes-version=v1.17.4：这个参数是下载的k8s软件版本号--service-cidr=10.10.0.0/16：这个参数后的IP地址直接就套用10.10.0.0/16 ,以后安装时也套用即可，不要更改--pod-network-cidr=10.244.0.0/16：k8s内部的pod节点之间网络可以使用的IP段，不能和service-cidr写一样，如果不知道怎么配，就先用这个10.244.0.0/16网段问题，两个网段不要重，后面是/16，不要与当前机器网段一样。

如果报错：

[WARNING IsDockerSystemdCheck]: detected “cgroupfs” as the Docker cgroup driver. The recommended driver is “systemd”.

出现[WARNING IsDockerSystemdCheck]，是由于docker的Cgroup Driver和kubelet的Cgroup Driver不一致导致的，此处选择修改docker的和kubelet一致

[root@k8s-master-94 ~]# docker info | grep CgroupCgroup Driver: cgroupfsCgroup Version: 1[root@k8s-master-94 ~]# vim /usr/lib/systemd/system/docker.service，加入--exec-opt native.cgroupdriver=systemd[root@k8s-master-94 ~]# systemctl daemon-reload
[root@k8s-master-94 ~]# systemctl restart docker# 重新初始化
[root@k8s-master-94 ~]# kubeadm reset # 先重置[root@k8s-master-94 ~]# docker info | grep CgroupCgroup Driver: systemdCgroup Version: 1#重复上次【初始化master节点】的命令

初始化成功

其中有生成一串命令用于node节点的加入，记录下来，接着执行以下命令

[root@k8s-master-94 ~]#   mkdir -p $HOME/.kube
[root@k8s-master-94 ~]#   sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@k8s-master-94 ~]#   sudo chown $(id -u):$(id -g) $HOME/.kube/config

看Master结点的安装状态：

[root@k8s-master-94 ~]# kubectl get node
NAME            STATUS   ROLES                  AGE   VERSION
k8s-master-94   Ready    control-plane,master   20m   v1.21.0

 Master设备上安装K8S路由插件Calico

kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/tigera-operator.yaml

然后在临时文件夹（或者随便你建一个文件夹）执行

wget https://raw.githubusercontent.com/projectcalico/calico/v3.26.4/manifests/custom-resources.yaml
vim custom-resources.yaml

修改其中的cidr为你在初始化master节点时用--pod-network-cidr配置的那个--pod-network-cidr=10.244.0.0/16

保存修改，然后执行：

kubectl create -f custom-resources.yaml

稍等片刻等待上面的pod状态变为下图，即证明网络插件Calico已经安装完毕了

kubectl get pod --all-namespaces

非running解决方法：pod calico CoreDNS 拉取不到镜像的问题的解决办法-CSDN博客

此时Master节点就绪：

[root@k8s-master-94 ~]# kubectl get node
NAME            STATUS   ROLES                  AGE    VERSION
k8s-master-94   Ready    control-plane,master   165m   v1.21.0

部署node节点，在192.168.0.95和192.168.0.96执行

kubeadm join 192.168.0.94:6443 --token faj2nf.5o3gwjtbst90k19y \--discovery-token-ca-cert-hash sha256:62d91aaef65e987702ddca804330d1fe721707fdf794d2494730636e616bda09

命令执行失败，解决方法：https://www.cnblogs.com/cloud-yongqing/p/16032596.html

如果忘记，获取命令

kubeadm token create --print-join-command

执行成功

查看部署结果

node节点
[root@k8s-node1-95 ~]# kubectl get node
The connection to the server localhost:8080 was refused - did you specify the right host or port?master节点 
[root@k8s-master-94 ~]# kubectl get nodes
NAME            STATUS   ROLES                  AGE     VERSION
k8s-master-94   Ready    control-plane,master   14m     v1.21.0
k8s-node1-95    Ready    <none>                 4m      v1.21.0
k8s-node2-96    Ready    <none>                 5m10s   v1.21.0

部署dashboard（master）

创建recommended.yaml

cat > recommended.yaml << EOF
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.apiVersion: v1
kind: Namespace
metadata:name: kubernetes-dashboard---apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:type: NodePortports:- port: 443targetPort: 8443nodePort: 30001       #DASHBOARD端口selector:k8s-app: kubernetes-dashboard---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-certsnamespace: kubernetes-dashboard
type: Opaque---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-csrfnamespace: kubernetes-dashboard
type: Opaque
data:csrf: ""---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-key-holdernamespace: kubernetes-dashboard
type: Opaque---kind: ConfigMap
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-settingsnamespace: kubernetes-dashboard---kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
rules:# Allow Dashboard to get, update and delete Dashboard exclusive secrets.- apiGroups: [""]resources: ["secrets"]resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]verbs: ["get", "update", "delete"]# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.- apiGroups: [""]resources: ["configmaps"]resourceNames: ["kubernetes-dashboard-settings"]verbs: ["get", "update"]# Allow Dashboard to get metrics.- apiGroups: [""]resources: ["services"]resourceNames: ["heapster", "dashboard-metrics-scraper"]verbs: ["proxy"]- apiGroups: [""]resources: ["services/proxy"]resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]verbs: ["get"]---kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard
rules:# Allow Metrics Scraper to get metrics from the Metrics server- apiGroups: ["metrics.k8s.io"]resources: ["pods", "nodes"]verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:securityContext:seccompProfile:type: RuntimeDefaultcontainers:- name: kubernetes-dashboardimage: kubernetesui/dashboard:v2.7.0imagePullPolicy: Alwaysports:- containerPort: 8443protocol: TCPargs:- --auto-generate-certificates- --namespace=kubernetes-dashboard# Uncomment the following line to manually specify Kubernetes API server Host# If not specified, Dashboard will attempt to auto discover the API server and connect# to it. Uncomment only if the default does not work.# - --apiserver-host=http://my-address:portvolumeMounts:- name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs- mountPath: /tmpname: tmp-volumelivenessProbe:httpGet:scheme: HTTPSpath: /port: 8443initialDelaySeconds: 30timeoutSeconds: 30securityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001volumes:- name: kubernetes-dashboard-certssecret:secretName: kubernetes-dashboard-certs- name: tmp-volumeemptyDir: {}serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedule---kind: Service
apiVersion: v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:ports:- port: 8000targetPort: 8000selector:k8s-app: dashboard-metrics-scraper---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: dashboard-metrics-scrapertemplate:metadata:labels:k8s-app: dashboard-metrics-scraperspec:securityContext:seccompProfile:type: RuntimeDefaultcontainers:- name: dashboard-metrics-scraperimage: kubernetesui/metrics-scraper:v1.0.8ports:- containerPort: 8000protocol: TCPlivenessProbe:httpGet:scheme: HTTPpath: /port: 8000initialDelaySeconds: 30timeoutSeconds: 30volumeMounts:- mountPath: /tmpname: tmp-volumesecurityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedulevolumes:- name: tmp-volumeemptyDir: {}
EOF[root@k8s-master-94 ~]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created[root@k8s-master-94 ~]# kubectl get pods -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-7c857855d9-xk4d4   1/1     Running   0          2m10s
kubernetes-dashboard-658b66597c-r59xp        1/1     Running   0          2m10s

创建token登录（需要注意的是Token默认有效期是24小时，过期需要重新生成token）

创建service  account并绑定默认cluster-admin管理员群集角色
#创建用户kubectl create serviceaccount dashboard-admin -n kube-system 
#用户授权
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
#获取用户Token
kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')

使用ip登录dashboard

https://masterip:30001/#/login
https://node1ip:30001/#/login
https://node2ip:30001/#/login

配置token永不过期输入获取的TOKEN,配置token永不过期

部署metrics-server（master）

创建components.yaml

cat > components.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-serverrbac.authorization.k8s.io/aggregate-to-admin: "true"rbac.authorization.k8s.io/aggregate-to-edit: "true"rbac.authorization.k8s.io/aggregate-to-view: "true"name: system:aggregated-metrics-reader
rules:
- apiGroups:- metrics.k8s.ioresources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:labels:k8s-app: metrics-servername: system:metrics-server
rules:
- apiGroups:- ""resources:- nodes/metricsverbs:- get
- apiGroups:- ""resources:- pods- nodesverbs:- get- list- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server-auth-readernamespace: kube-system
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: extension-apiserver-authentication-reader
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: metrics-server:system:auth-delegator
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:auth-delegator
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:labels:k8s-app: metrics-servername: system:metrics-server
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: system:metrics-server
subjects:
- kind: ServiceAccountname: metrics-servernamespace: kube-system
---
apiVersion: v1
kind: Service
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:ports:- name: httpsport: 443protocol: TCPtargetPort: httpsselector:k8s-app: metrics-server
---
apiVersion: apps/v1
kind: Deployment
metadata:labels:k8s-app: metrics-servername: metrics-servernamespace: kube-system
spec:selector:matchLabels:k8s-app: metrics-serverstrategy:rollingUpdate:maxUnavailable: 0template:metadata:labels:k8s-app: metrics-serverspec:containers:- args:- --cert-dir=/tmp- --secure-port=4443- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname- --kubelet-use-node-status-port- --metric-resolution=15s- --kubelet-insecure-tls  #新添加的内容- --kubelet-preferred-address-types=InternalDNS,InternalIP,ExternalDNS,ExternalIP,Hostname #新添加的内容image: registry.aliyuncs.com/google_containers/metrics-server:v0.6.0  #替换为阿里云的镜像imagePullPolicy: IfNotPresentlivenessProbe:failureThreshold: 3httpGet:path: /livezport: httpsscheme: HTTPSperiodSeconds: 10name: metrics-serverports:- containerPort: 4443name: httpsprotocol: TCPreadinessProbe:failureThreshold: 3httpGet:path: /readyzport: httpsscheme: HTTPSinitialDelaySeconds: 20periodSeconds: 10resources:requests:cpu: 100mmemory: 200MisecurityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsNonRoot: truerunAsUser: 1000volumeMounts:- mountPath: /tmpname: tmp-dirnodeSelector:kubernetes.io/os: linuxpriorityClassName: system-cluster-criticalserviceAccountName: metrics-servervolumes:- emptyDir: {}name: tmp-dir
---
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:labels:k8s-app: metrics-servername: v1beta1.metrics.k8s.io
spec:group: metrics.k8s.iogroupPriorityMinimum: 100insecureSkipTLSVerify: trueservice:name: metrics-servernamespace: kube-systemversion: v1beta1versionPriority: 100
EOF[root@k8s-master-94 ~]# kubectl apply -f components.yaml
[root@k8s-master-94 ~]# kubectl get pods -n kube-system|grep metrics
metrics-server-5f85c44dcd-fcshj         1/1     Running   0          43s

部署harbor仓库

• 环境要求：服务器必须安装docker和docker-compose
• 安装docker-compose

[root@localhost ~]# curl -L "https://github.com/docker/compose/releases/download/1.26.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose% Total    % Received % Xferd  Average Speed   Time    Time     Time  CurrentDload  Upload   Total   Spent    Left  Speed0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     04 11.6M    4  572k    0     0  15439      0  0:13:13  0:00:37  0:12:36  7942
100 11.6M  100 11.6M    0     0  27290      0  0:07:29  0:07:29 --:--:--  154k
[root@localhost ~]# chmod +x /usr/local/bin/docker-compose
[root@localhost ~]# docker-compose version
docker-compose version 1.26.0, build d4451659
docker-py version: 4.2.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019

• 下载harbor安装包

[root@localhost ~]wget https://storage.googleapis.com/harbor-releases/harbor-offline-installer-v1.5.3.tgz

• 解压安装包并移动位置

tar -zxvf harbor-offline-installer-v1.5.3.tgz #解压离线安装包
mv harbor /opt/ #移到/opt目录下
cd /opt #进入到/opt目录
ls  #查看目录内容
cd harbor

• 进入harbor 目录，修改harbor.cfg配置文件

vim harbor.cfg
hostname = 192.168.0.77 #修改harbor的启动ip，这里需要依据系统ip设置
harbor_admin_password = Natux2019. #修改harbor的admin用户的密码

• 配置Harbor,若执行失败，安装python2.7

./prepare

• 安装Harbor

/install.sh

• 如果出现问题

将docker-compose.yml ，第一行version修改为2.1，在执行./install.sh

• 访问Harbor页面，默认端口为80,http://自己的ip