# 1. 首先下载 registry 镜像
docker pull registry

# 2. 在 daemon.json 文件中添加私有镜像仓库的地址并重启，192.168.37.101:5000 是本地的 IP
vim /etc/docker/daemon.json
{
  "insecure-registries": ["192.168.37.101:5000"],
  "registry-mirrors": ["https://9cpn8tt6.mirror.aliyuncs.com"]
}
systemctl daemon-reload
systemctl restart docker

# 3. 运行 registry 容器
docker run -itd -v /data/registry:/var/lib/registry -p 5000:5000 --restart=always --name registry registry:latest

# 4. 为镜像打标签
docker pull registry
docker tag registry:latest 192.168.37.101:5000/registry:v1
docker images

# 5. 上传到私有仓库
docker push 192.168.37.101:5000/registry:v1

# 6. 列出私有仓库的所有镜像
curl http://192.168.37.101:5000/v2/_catalog
{"repositories":["registry"]}

curl http://192.168.37.101:5000/v2/registry/tags/list
{"name":"registry","tags":["v1"]}

# 7. 先删除原有的 registry 镜像，在从本地仓库下载进行测试
docker rmi -f 192.168.37.101:5000/registry:v1 
docker pull 192.168.37.101:5000/registry:v1

# 8. 查看私有仓库镜像
## 8.1 查看私有仓库执行此命令
curl http://192.168.37.101:5000/v2/_catalog
## 8.2 获取某个镜像的标签列表
curl http://192.168.37.101:5000/v2/私有仓库镜像名称/tags/list

vi /etc/hosts
192.168.37.101 mydocker

mkdir /root/certs
cd /root/certs
openssl genrsa -des3 -out mydocker.key 1024   
#密码设置为 123456

cp mydocker.key mydocker.key.org
openssl rsa -in mydocker.key.org -out mydocker.key
# 然后输入之前设置的密码：123456

openssl req -new -key mydocker.key -out mydocker.csr
以下是输入的一系列信息：注意域名是最重要的。
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:CHINA
Locality Name (eg, city) []:shanghai
Organization Name (eg, company) [Internet Widgits Pty Ltd]:mydocker
Organizational Unit Name (eg, section) []:test
Common Name (e.g. server FQDN or YOUR name) []:test
Email Address []:test

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:123456
An optional company name []:mydocker

openssl x509 -req -days 365 -in mydocker.csr -signkey mydocker.key -out mydocker.crt

# 1. 下载、解压 harbor
wget https://ghproxy.com/https://github.com/goharbor/harbor/releases/download/v2.5.3/harbor-offline-installer-v2.5.3.tgz
tar zxf harbor-offline-installer-v2.5.3.tgz

# 2. 更改配置，修改 hostname、https 证书路径、admin 密码（管理员账号和密码）
cd harbor 
cp harbor.yml.tmpl harbor.yml
vim harbor.yml
hostname: mydocker
# 注意如果打开 https 后，才配置，否则不配置。
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /root/certs/mydocker.crt
  private_key: /root/certs/mydocker.key

# 对外访问地址
external_url: https://mydocker
harbor_admin_password: Harbor12345

# 文件存储目录，找个磁盘大的目录配置
data_volume: /data/harbor

# 3. 编译安装
./prepare
./install.sh
docker-compose ps

# 4. 安装好后访问: https://mydocker admin/Harbor12345

# 进入 harbor 的安装目录
# 修改 harbor.yml
./prepare
docker-compose down -v
docker-compose up -d

vim /etc/docker/daemon.json
{
  "insecure-registries": ["mydocker"],
  "registry-mirrors": ["https://9cpn8tt6.mirror.aliyuncs.com"]
}
systemctl daemon-reload
systemctl restart docker

docker login mydocker -u develop -p Admin123
# ... 
# Login Succeeded
cat /root/.docker/config.json
{
	"auths": {
		"mydocker": {
			"auth": "ZGV2ZWxvcDpBZG1pbjEyMw=="
		}
	}
}

# 1 登录 
docker login mydocker -u develop -p Harbor12345

# 2. 为镜像打标签，注意标签有格式限制
docker pull redis:6.2.10
docker tag redis:6.2.10 mydocker/dockerproj/redis:v1

# 3. 上传到私有仓库
docker push mydocker/dockerproj/redis:v1

# 4. 在页面上查看镜像
# https://mydocker/harbor/projects/2/repositories