版本：
docker 19.03.8
docker-compose 1.24.0
harbor: harbor-offline-installer-v2.1.4.tgz

1、先在/root下生成证书
#生成ca根证书

openssl genrsa -out ca.key 4096

#创建ca证书

openssl req -x509 -new -nodes -sha512 -days 3650 \-subj "/C=CN/ST=Shenzhen/L=Shenzhen/O=Harbor/OU=Harbor/CN=harbor.rainpet.org" \-key ca.key \-out ca.crt

echo "192.168.15.6 harbor.rainpet.org" >> /etc/hosts

#生成服务器证书

openssl genrsa -out harbor.rainpet.org.key 4096

#生成csr

openssl req -sha512 -new \-subj "/C=CN/ST=Shenzhen/L=Shenzhen/O=Harbor/OU=Harbor/CN=harbor.rainpet.org" \-key harbor.rainpet.org.key \-out harbor.rainpet.org.csr

#生成v3文件：

cat > v3.ext <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=harbor.rainpet.org
DNS.2=harbor.rainpet
DNS.3=harbor
EOF

#生成csr证书

openssl x509 -req -sha512 -days 3650 \-extfile v3.ext \-CA ca.crt -CAkey ca.key -CAcreateserial \-in harbor.rainpet.org.csr \-out harbor.rainpet.org.crt

复制证书：

mkdir /app/cert
cp harbor.rainpet.org.crt /app/cert
cp harbor.rainpet.org.key /app/cert

#生成cert证书

openssl x509 -inform PEM -in harbor.rainpet.org.crt -out harbor.rainpet.org.cert
合并生成pem
cat harbor.rainpet.org.crt harbor.rainpet.org.key > harbor.rainpet.org.pem

复制文件

mkdir -p /etc/docker/certs.d/harbor.rainpet.org
cp harbor.rainpet.org.cert /etc/docker/certs.d/harbor.rainpet.org
cp harbor.rainpet.org.key /etc/docker/certs.d/harbor.rainpet.org
cp ca.crt /etc/docker/certs.d/harbor.rainpet.org

重启docker

systemctl restart docker

安装harbor，前提要安装好docker。

cd /app/src/
cp docker-compose /usr/bin/docker-compose
chmod +x /usr/bin/docker-compose
docker-compose -v
tar zxvf harbor-offline-installer-v2.1.4.tgz
cd harbor
cp harbor.yml.tmpl harbor.yml

修改harbor.yml文件：
nano harbor.yml

hostname: reg.mydomain.com修改为 harbor.rainpet.org
https:下certificate: /your/certificate/pathprivate_key: /your/private/key/path
修改为：certificate: /root/harbor.rainpet.org.crtprivate_key: /root/harbor.rainpet.org.key
harbor_admin_password: Harbor12345 默认密码 可以更改
port: 80 修改为8080 如果不冲突不用改

加载镜像：

docker load -i harbor.v2.1.4.tar.gz

设置环境：

./prepare

安装

./install.sh

启动服务及停止服务

docker-compose down
docker-compose up -d