{"id":320632,"date":"2021-03-31T15:01:53","date_gmt":"2021-03-31T15:01:53","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=320632"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=320632","title":{"rendered":"\u0412\u0430\u043b\u0438\u0434\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0438 DNS \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0431\u0435\u0437 \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u044f\u044e\u0449\u0435\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430"},"content":{"rendered":"\n<div class=\"post__text post__text-html post__text_v1\" id=\"post-content-body\">\n<p>\u0412\u0430\u043b\u0438\u0434\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0438 DNS \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0431\u0435\u0437 \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u044f\u044e\u0449\u0435\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430<\/p>\n<p>  <\/p>\n<p>\u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0435 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 <a href=\"http:\/\/local-ip.co\/\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/<\/a> \u0441 \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0438 \u0441 DNS \u043a\u0430\u043a xip.io, nip.io.<\/p>\n<p>  <\/p>\n<p>\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u0434\u043e\u043c\u0435\u043d\u0430 <code>*.my.local-ip.co<\/code><\/p>\n<p>  <\/p>\n<ul>\n<li>\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 <a href=\"http:\/\/local-ip.co\/cert\/server.pem\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/server.pem<\/a><\/li>\n<li>\u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 <a href=\"http:\/\/local-ip.co\/cert\/chain.pem\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/chain.pem<\/a><\/li>\n<li>\u043a\u043b\u044e\u0447 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 <a href=\"http:\/\/local-ip.co\/cert\/server.key\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/server.key<\/a><\/li>\n<\/ul>\n<p>  <\/p>\n<p>\u041e\u0431\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u043d\u0443\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a:<\/p>\n<p>  <\/p>\n<ul>\n<li><a href=\"https:\/\/127-0-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/127-0-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/192-168-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/192-168-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/172-16-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/172-16-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/10-0-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/10-0-0-1.my.local-ip.co<\/a><\/li>\n<\/ul>\n<p>  <\/p>\n<p>\u041d\u0438\u0436\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 harbor c \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c.<\/p>\n<p><a name=\"habracut\"><\/a>  <\/p>\n<p>\u0422\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f:<\/p>\n<p>  <\/p>\n<p>\u0423\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c docker \u0438 docker-compose<\/p>\n<p>  <\/p>\n<p>\u0421\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c harbor<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">wget https:\/\/github.com\/goharbor\/harbor\/releases\/download\/v2.2.1\/harbor-online-installer-v2.2.1.tgz<\/code><\/pre>\n<p>  <\/p>\n<p>\u0420\u0430\u0441\u043f\u0430\u043a\u043e\u0432\u044b\u0432\u0430\u0435\u043c harbor<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">tar xvf harbor-online-installer-v2.2.1.tgz<\/code><\/pre>\n<p>  <\/p>\n<p>\u041f\u043e\u0434\u0433\u043e\u0442\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u043e\u0442 \u043f\u0440\u043e\u0435\u043a\u0442\u0430 <a href=\"http:\/\/local-ip.co\/\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/<\/a><\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">mkdir -p \/data\/cert\/ cd \/data\/cert\/ wget http:\/\/local-ip.co\/cert\/server.pem wget http:\/\/local-ip.co\/cert\/chain.pem wget http:\/\/local-ip.co\/cert\/server.key<\/code><\/pre>\n<p>  <\/p>\n<p>\u0421\u043e\u0437\u0434\u0430\u0435\u043c \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">cat server.pem chain.pem &gt; bundled_cert_file.pem<\/code><\/pre>\n<p>  <\/p>\n<p>\u041f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u043e\u0432\u044b\u0432\u0430\u0435\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u043f\u043e\u0434 \u0434\u043e\u043c\u0435\u043d\u043d\u043e\u0435 \u0438\u043c\u044f, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0430\u043c \u043d\u0443\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442.<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">cp bundled_cert_file.pem 192-168-22-7.my.local-ip.co.crt cp server.key 192-168-22-7.my.local-ip.co.key<\/code><\/pre>\n<p>  <\/p>\n<p>\u041a\u043e\u043f\u0438\u0440\u0443\u0435\u043c \u0448\u0430\u0431\u043b\u043e\u043d \u043a\u043e\u043d\u0444\u0438\u0433\u0430 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">cp harbor.yml.tmpl harbor.yml<\/code><\/pre>\n<p>  <\/p>\n<p>\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u0443\u0435\u043c hostname \u0432 harbor.yml<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">hostname: 192-168-22-7.my.local-ip.co<\/code><\/pre>\n<p>  <\/p>\n<p>\u0423\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0438 \u043a\u043b\u044e\u0447 \u0432 harbor.yml<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">  certificate: \/data\/cert\/192-168-22-7.my.local-ip.co.crt   private_key: \/data\/cert\/192-168-22-7.my.local-ip.co.key<\/code><\/pre>\n<p>  <\/p>\n<p>\u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u0435 \u043e\u0431\u0440\u0430\u0437\u043e\u0432<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">.\/prepare<\/code><\/pre>\n<p>  <\/p>\n<p>\u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c harbor \u0447\u0435\u0440\u0435\u0437 docker-compose<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">docker-compose up -d<\/code><\/pre>\n<p>  <\/p>\n<p>\u041b\u0438\u0431\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 <\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">.\/install.sh<\/code><\/pre>\n<p>  <\/p>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 harbor \u0447\u0435\u0440\u0435\u0437 Ansible<\/p>\n<p>  <\/p>\n<p>\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 harbor \u0447\u0435\u0440\u0435\u0437 ansible \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c \u0440\u043e\u043b\u044c <a href=\"https:\/\/galaxy.ansible.com\/manueliglesiasgarcia\/ansible_vmware_harbor\" rel=\"nofollow noopener noreferrer\">https:\/\/galaxy.ansible.com\/manueliglesiasgarcia\/ansible_vmware_harbor<\/a><\/p>\n<p>  <\/p>\n<p>\u0421\u043a\u0430\u0447\u0438\u0432\u0430\u0435\u043c \u0440\u043e\u043b\u044c<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">ansible-galaxy install manueliglesiasgarcia.ansible_vmware_harbor<\/code><\/pre>\n<p>  <\/p>\n<p>\u041d\u0438\u0436\u0435 playbook \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 harbor \u0447\u0435\u0440\u0435\u0437 ansible<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">--- - name: Install harbor   become: yes   hosts: harbor   pre_tasks:     - name: update apt       apt: update_cache=yes cache_valid_time=3600       when: ansible_pkg_mgr is defined and ansible_pkg_mgr == &quot;apt&quot;       ignore_errors: true      - name: Creates directory {{ playbook_dir }}\/certs       file:         path: &quot;{{ playbook_dir }}\/certs&quot;         state: directory       delegate_to: localhost       become: no      - name: Download http:\/\/local-ip.co\/cert\/server.pem       get_url:         url: http:\/\/local-ip.co\/cert\/server.pem         dest: &quot;{{ playbook_dir }}\/certs\/server.pem&quot;       delegate_to: localhost       become: no      - name: Download http:\/\/local-ip.co\/cert\/chain.pem       get_url:         url: http:\/\/local-ip.co\/cert\/chain.pem         dest: &quot;{{ playbook_dir }}\/certs\/chain.pem&quot;       delegate_to: localhost       become: no      - name: Download http:\/\/local-ip.co\/cert\/server.key       get_url:         url: http:\/\/local-ip.co\/cert\/server.key         dest: &quot;{{ playbook_dir }}\/certs\/server.key&quot;       delegate_to: localhost       become: no      - name: merge certificate       shell: cat server.pem chain.pem &gt; bundled_cert_file.pem       args:         chdir: &quot;{{ playbook_dir }}\/certs&quot;       delegate_to: localhost       become: no    vars:     # Add a registry     harbor_registry:       - registry_name: &quot;Test Harbor&quot;         registry_url: https:\/\/192-168-22-8.my.local-ip.co\/     # Schedule an automatic scan of the docker images every hour     harbor_schedule_scan:       - cron: &quot;0 0 * * * *&quot;     # Schedule an automatic garbage collection every hour     harbor_schedule_gc:       - cron: &quot;0 0 * * * *&quot;     #Storge harbor installation file     harbor_install_tmp: \/root\/harbor     harbor_extras:       -  clair     #Folder installed harbor     harbor_install_dir: \/opt\/harbor     # The cert and key path is located in your ansible master, not the target hosts     # The default path for certs is controlled by this role See roles\/default\/main.yml     harbor_ssl_cert: &quot;{{playbook_dir}}\/certs\/bundled_cert_file.pem&quot;     harbor_ssl_cert_key: &quot;{{playbook_dir}}\/certs\/server.key&quot;     #ends up in harbor.yml     harbor_hostname: 192-168-22-8.my.local-ip.co     harbor_db_password: admin   roles:     - manueliglesiasgarcia.ansible_vmware_harbor <\/code><\/pre>\n<p>  <\/p>\n<p>\u0417\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c playbook<\/p>\n<p>  <\/p>\n<pre><code class=\"plaintext\">ansible-playbook -i inventory.ini install-harbor.yml -e &quot;harbor_admin_password=password_for_harbor&quot;<\/code><\/pre>\n<p>  <\/p>\n<p>\u0413\u0434\u0435 password_for_harbor \u043f\u0430\u0440\u043e\u043b\u044c \u0434\u043b\u044f harbor.<\/p>\n<p>  <\/p>\n<p>\u0421\u043a\u0440\u0438\u043d\u0448\u043e\u0442:<\/p>\n<p>  <\/p>\n<p><img decoding=\"async\" src=\"https:\/\/habrastorage.org\/webt\/pm\/tc\/h7\/pmtch7-fu4jmvlkwbqjns4d5aoi.png\"><\/p>\n<\/div>\n<p> \u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438 <a href=\"https:\/\/habr.com\/ru\/post\/549924\/\"> https:\/\/habr.com\/ru\/post\/549924\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"\n<div class=\"post__text post__text-html post__text_v1\" id=\"post-content-body\">\n<p>\u0412\u0430\u043b\u0438\u0434\u043d\u044b\u0435 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b \u0438 DNS \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445 \u0431\u0435\u0437 \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u044f\u044e\u0449\u0435\u0433\u043e \u0446\u0435\u043d\u0442\u0440\u0430<\/p>\n<p>  <\/p>\n<p>\u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0435 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u0430 <a href=\"http:\/\/local-ip.co\/\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/<\/a> \u0441 \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u043c\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c\u0438 \u0438 \u0441 DNS \u043a\u0430\u043a xip.io, nip.io.<\/p>\n<p>  <\/p>\n<p>\u0412\u044b \u043c\u043e\u0436\u0435\u0442\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u0434\u043e\u043c\u0435\u043d\u0430 <code>*.my.local-ip.co<\/code><\/p>\n<p>  <\/p>\n<ul>\n<li>\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 <a href=\"http:\/\/local-ip.co\/cert\/server.pem\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/server.pem<\/a><\/li>\n<li>\u043f\u0440\u043e\u043c\u0435\u0436\u0443\u0442\u043e\u0447\u043d\u044b\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 <a href=\"http:\/\/local-ip.co\/cert\/chain.pem\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/chain.pem<\/a><\/li>\n<li>\u043a\u043b\u044e\u0447 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 <a href=\"http:\/\/local-ip.co\/cert\/server.key\" rel=\"nofollow noopener noreferrer\">http:\/\/local-ip.co\/cert\/server.key<\/a><\/li>\n<\/ul>\n<p>  <\/p>\n<p>\u041e\u0431\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u043d\u0443\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a:<\/p>\n<p>  <\/p>\n<ul>\n<li><a href=\"https:\/\/127-0-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/127-0-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/192-168-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/192-168-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/172-16-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/172-16-0-1.my.local-ip.co<\/a><\/li>\n<li><a href=\"https:\/\/10-0-0-1.my.local-ip.co\" rel=\"nofollow noopener noreferrer\">https:\/\/10-0-0-1.my.local-ip.co<\/a><\/li>\n<\/ul>\n<p>  <\/p>\n<p>\u041d\u0438\u0436\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u0440 \u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 harbor c \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-320632","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/320632","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=320632"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/320632\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=320632"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=320632"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=320632"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}