forked from DevOps/deploy.stack
fix(harbor): 更新容器镜像版本至v2.14.1并优化配置
- 将所有Harbor组件镜像版本从v2.2.2升级到v2.14.1 - 统一使用绝对路径/data/harbor作为挂载点 - 移除过时的dns_search配置项 - 简化volume绑定语法,使用直接路径映射 - 调整proxy服务端口映射配置
This commit is contained in:
cnphpbb
@@ -1,10 +1,8 @@
|
|||||||
version: '2.3'
|
|
||||||
services:
|
services:
|
||||||
log:
|
log:
|
||||||
image: goharbor/harbor-log:v2.2.2
|
image: goharbor/harbor-log:v2.14.1
|
||||||
container_name: harbor-log
|
container_name: harbor-log
|
||||||
restart: always
|
restart: always
|
||||||
dns_search: .
|
|
||||||
cap_drop:
|
cap_drop:
|
||||||
- ALL
|
- ALL
|
||||||
cap_add:
|
cap_add:
|
||||||
@@ -14,18 +12,14 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /var/log/harbor/:/var/log/docker/:z
|
- /var/log/harbor/:/var/log/docker/:z
|
||||||
- type: bind
|
- /data/harbor/common/config/log/logrotate.conf:/etc/logrotate.d/logrotate.conf
|
||||||
source: ./common/config/log/logrotate.conf
|
- /data/harbor/common/config/log/rsyslog_docker.conf:/etc/rsyslog.d/rsyslog_docker.conf
|
||||||
target: /etc/logrotate.d/logrotate.conf
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/log/rsyslog_docker.conf
|
|
||||||
target: /etc/rsyslog.d/rsyslog_docker.conf
|
|
||||||
ports:
|
ports:
|
||||||
- 127.0.0.1:1514:10514
|
- 127.0.0.1:1514:10514
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
registry:
|
registry:
|
||||||
image: goharbor/registry-photon:v2.2.2
|
image: goharbor/registry-photon:v2.14.1
|
||||||
container_name: registry
|
container_name: registry
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
@@ -35,29 +29,24 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/registry:/storage:z
|
- /data/harbor/registry:/storage:z
|
||||||
- ./common/config/registry/:/etc/registry/:z
|
- /data/harbor/common/config/registry/:/etc/registry/:z
|
||||||
- type: bind
|
- /data/harbor/secret/registry/root.crt:/etc/registry/root.crt
|
||||||
source: /data/secret/registry/root.crt
|
- /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
|
||||||
target: /etc/registry/root.crt
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "registry"
|
tag: "registry"
|
||||||
registryctl:
|
registryctl:
|
||||||
image: goharbor/harbor-registryctl:v2.2.2
|
image: goharbor/harbor-registryctl:v2.14.1
|
||||||
container_name: registryctl
|
container_name: registryctl
|
||||||
env_file:
|
env_file:
|
||||||
- ./common/config/registryctl/env
|
- /data/harbor/common/config/registryctl/env
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
- ALL
|
- ALL
|
||||||
@@ -66,26 +55,21 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/registry:/storage:z
|
- /data/harbor/registry:/storage:z
|
||||||
- ./common/config/registry/:/etc/registry/:z
|
- /data/harbor/common/config/registry/:/etc/registry/:z
|
||||||
- type: bind
|
- /data/harbor/common/config/registryctl/config.yml:/etc/registryctl/config.yml
|
||||||
source: ./common/config/registryctl/config.yml
|
- /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
|
||||||
target: /etc/registryctl/config.yml
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "registryctl"
|
tag: "registryctl"
|
||||||
postgresql:
|
postgresql:
|
||||||
image: goharbor/harbor-db:v2.2.2
|
image: goharbor/harbor-db:v2.14.1
|
||||||
container_name: harbor-db
|
container_name: harbor-db
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
@@ -96,21 +80,21 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/database:/var/lib/postgresql/data:z
|
- /data/harbor/database:/var/lib/postgresql/data:z
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
dns_search: .
|
|
||||||
env_file:
|
env_file:
|
||||||
- ./common/config/db/env
|
- /data/harbor/common/config/db/env
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "postgresql"
|
tag: "postgresql"
|
||||||
|
shm_size: '1gb'
|
||||||
core:
|
core:
|
||||||
image: goharbor/harbor-core:v2.2.2
|
image: goharbor/harbor-core:v2.14.1
|
||||||
container_name: harbor-core
|
container_name: harbor-core
|
||||||
env_file:
|
env_file:
|
||||||
- ./common/config/core/env
|
- ./common/config/core/env
|
||||||
@@ -121,24 +105,15 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/ca_download/:/etc/core/ca/:z
|
- /data/harbor/ca_download/:/etc/core/ca/:z
|
||||||
- /data/:/data/:z
|
- /data/harbor/:/data/:z
|
||||||
- ./common/config/core/certificates/:/etc/core/certificates/:z
|
- /data/harbor/common/config/core/certificates/:/etc/core/certificates/:z
|
||||||
- type: bind
|
- /data/harbor/common/config/core/app.conf:/etc/core/app.conf
|
||||||
source: ./common/config/core/app.conf
|
- /data/harbor/secret/core/private_key.pem:/etc/core/private_key.pem
|
||||||
target: /etc/core/app.conf
|
- /data/harbor/data/harbor/secret/keys/secretkey:/etc/core/key
|
||||||
- type: bind
|
- /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
|
||||||
source: /data/secret/core/private_key.pem
|
|
||||||
target: /etc/core/private_key.pem
|
|
||||||
- type: bind
|
|
||||||
source: /data/secret/keys/secretkey
|
|
||||||
target: /etc/core/key
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
- registry
|
- registry
|
||||||
@@ -147,10 +122,10 @@ services:
|
|||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "core"
|
tag: "core"
|
||||||
portal:
|
portal:
|
||||||
image: goharbor/harbor-portal:v2.2.2
|
image: goharbor/harbor-portal:v2.14.1
|
||||||
container_name: harbor-portal
|
container_name: harbor-portal
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
@@ -161,22 +136,19 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
- NET_BIND_SERVICE
|
- NET_BIND_SERVICE
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- /data/harbor/common/config/portal/nginx.conf:/etc/nginx/nginx.conf
|
||||||
source: ./common/config/portal/nginx.conf
|
|
||||||
target: /etc/nginx/nginx.conf
|
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "portal"
|
tag: "portal"
|
||||||
|
|
||||||
jobservice:
|
jobservice:
|
||||||
image: goharbor/harbor-jobservice:v2.2.2
|
image: goharbor/harbor-jobservice:v2.14.1
|
||||||
container_name: harbor-jobservice
|
container_name: harbor-jobservice
|
||||||
env_file:
|
env_file:
|
||||||
- ./common/config/jobservice/env
|
- ./common/config/jobservice/env
|
||||||
@@ -188,25 +160,20 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/job_logs:/var/log/jobs:z
|
- /data/harbor/job_logs:/var/log/jobs:z
|
||||||
- type: bind
|
- /data/harbor/common/config/jobservice/config.yml:/etc/jobservice/config.yml
|
||||||
source: ./common/config/jobservice/config.yml
|
- /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
|
||||||
target: /etc/jobservice/config.yml
|
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- core
|
- core
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "jobservice"
|
tag: "jobservice"
|
||||||
redis:
|
redis:
|
||||||
image: goharbor/redis-photon:v2.2.2
|
image: goharbor/redis-photon:v2.14.1
|
||||||
container_name: redis
|
container_name: redis
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
@@ -216,19 +183,18 @@ services:
|
|||||||
- SETGID
|
- SETGID
|
||||||
- SETUID
|
- SETUID
|
||||||
volumes:
|
volumes:
|
||||||
- /data/redis:/var/lib/redis
|
- /data/harbor/redis:/var/lib/redis
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
dns_search: .
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- log
|
- log
|
||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "redis"
|
tag: "redis"
|
||||||
proxy:
|
proxy:
|
||||||
image: goharbor/nginx-photon:v2.2.2
|
image: goharbor/nginx-photon:v2.14.1
|
||||||
container_name: nginx
|
container_name: nginx
|
||||||
restart: always
|
restart: always
|
||||||
cap_drop:
|
cap_drop:
|
||||||
@@ -239,17 +205,12 @@ services:
|
|||||||
- SETUID
|
- SETUID
|
||||||
- NET_BIND_SERVICE
|
- NET_BIND_SERVICE
|
||||||
volumes:
|
volumes:
|
||||||
- ./common/config/nginx:/etc/nginx:z
|
- /data/harbor/common/config/nginx:/etc/nginx:z
|
||||||
- /data/secret/cert:/etc/cert:z
|
- /data/harbor/common/config/shared/trust-certificates:/harbor_cust_cert
|
||||||
- type: bind
|
|
||||||
source: ./common/config/shared/trust-certificates
|
|
||||||
target: /harbor_cust_cert
|
|
||||||
networks:
|
networks:
|
||||||
- harbor
|
- harbor
|
||||||
dns_search: .
|
|
||||||
ports:
|
ports:
|
||||||
- 8080:8080
|
- 80:8080
|
||||||
- 8443:8443
|
|
||||||
depends_on:
|
depends_on:
|
||||||
- registry
|
- registry
|
||||||
- core
|
- core
|
||||||
@@ -258,7 +219,7 @@ services:
|
|||||||
logging:
|
logging:
|
||||||
driver: "syslog"
|
driver: "syslog"
|
||||||
options:
|
options:
|
||||||
syslog-address: "tcp://127.0.0.1:1514"
|
syslog-address: "tcp://localhost:1514"
|
||||||
tag: "proxy"
|
tag: "proxy"
|
||||||
networks:
|
networks:
|
||||||
harbor:
|
harbor:
|
||||||
|
|||||||
Reference in New Issue
Block a user