为了方便日常的工作等使用，搭建一个私域的容器镜像仓库。

搭建的方法也简单。直接下载harbor离线安装包，解压，复制harbor.yml.sample文件，修改其中的域名、端口、证书等信息，然后运行install.sh，等待服务启动。

写个脚本dockerpullandpush.py，通过运行+镜像名称，实现从dockerhub下载并上传到私钥harbor镜像仓库。脚本内容如下：

#!/usr/bin/python3.7
import docker
import argparse
import subprocess
import json

def pull_and_push_image(image_name, docker_username, docker_password, harbor_url, harbor_username, harbor_password):
    # 从 image_name 中提取 harbor_project
    if '/' in image_name:
        harbor_project = image_name.split('/')[0]
    else:
        harbor_project = 'library'

    # 创建 Docker 客户端
    client = docker.from_env()

    # 登录 Docker Hub
    client.login(username=docker_username, password=docker_password)

    # 拉取镜像
    print(f"Pulling image {image_name} from Docker Hub...")
    image = client.images.pull(image_name)

    # 标记镜像
    harbor_image_name = f"{harbor_url}/{harbor_project}/{image_name}"
    image.tag(harbor_image_name)

    # 登录 Harbor
    client.login(username=harbor_username, password=harbor_password, registry=harbor_url)

    # 检查项目是否存在
    project_exists_cmd = f"curl -s -u {harbor_username}:{harbor_password} -X GET https://{harbor_url}/api/v2.0/projects?name={harbor_project}"
    project_exists_output = subprocess.check_output(project_exists_cmd, shell=True)
    project_exists_data = json.loads(project_exists_output)

    if len(project_exists_data) == 0:
        # 如果项目不存在,则创建项目
        print(f"Project {harbor_project} does not exist in Harbor. Creating...")
        create_project_cmd = f"curl -s -u {harbor_username}:{harbor_password} -X POST -H \"Content-Type: application/json\" -d '{{\"project_name\": \"{harbor_project}\", \"public\": true}}' https://{harbor_url}/api/v2.0/projects"
        subprocess.check_output(create_project_cmd, shell=True)
        print(f"Project {harbor_project} created successfully.")

    # 推送镜像到 Harbor
    print(f"Pushing image {harbor_image_name} to Harbor...")
    client.images.push(harbor_image_name)

    print("Image pulled and pushed successfully.")

    # 清理下载的容器镜像
    print(f"Cleaning up downloaded image {image_name}...")
    client.images.remove(image_name)
    client.images.remove(harbor_image_name)

    print("Cleanup completed.")

if __name__ == "__main__":
    parser = argparse.ArgumentParser(description="Pull an image from Docker Hub and push it to Harbor.")
    parser.add_argument("image_name", help="Name of the image to pull and push")
    parser.add_argument("--docker-username", default="zzlyzq@126.com", help="Docker Hub username")
    parser.add_argument("--docker-password", default="xxxxxxxxxx", help="Docker Hub password")
    parser.add_argument("--harbor-url", default="harbor.op123.ren:44301", help="Harbor URL")
    parser.add_argument("--harbor-username", default="xxx", help="Harbor username")
    parser.add_argument("--harbor-password", default="xxx", help="Harbor password")

    args = parser.parse_args()

    pull_and_push_image(args.image_name, args.docker_username, args.docker_password,
                        args.harbor_url, args.harbor_username, args.harbor_password)

方便使用，可以直接将该仓库作为默认镜像仓库，修改/etc/docker/daemon.json内容如下：

cat <<'EOF'>/etc/docker/daemon.json 
{
  "debug": true,
  "experimental": true,
  "registry-mirrors": [ "https://harbor.op123.ren:44301"],
  "log-opts":{"max-size":"100m","max-file":"1"}
}

参考

https://blog.csdn.net/weixin_43798031/article/details/128161625