为了账号安全,请及时绑定邮箱和手机立即绑定

ExecStart=/usr/bin/dockerd (code=exited, status=1/FAILURE)

标签:
Linux

问题:搭建私库认证不通过x509: certificate signed by unknown authority

首先确保配置harbor私库地址

[root@master harbor]# grep hostname  harbor.cfg 
#The IP address or hostname to access admin UI and registry service.
hostname = hub.bingo.com

方法一:/etc/docker/daemon.json,添加私库地址

{  
   "insecure-registries":["私库地址"]
}

方法二:vim /usr/lib/systemd/system/docker.service

ExecStart=/usr/bin/dockerd  --insecure-registry 私库地址

[root@master data]# systemctl daemon-reload
[root@master data]# systemctl restart docker
[root@master data]# docker info

修改完成后输入,doucker info查看下

Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 hub.bingo.com     #这个地址,做解析
 127.0.0.0/8
Live Restore Enabled: false

注意:如果是域名形式,记得修改下hosts文件,解析下
ps:多个节点共享同一个harbor仓库,需配置私有仓库地址以及将主节点的认证文件传递到其他节点的相同目录下scp -r /data/cert/ root@node1:/data/cert/,配置重启即可

docker莫名启动不了,查看状态发现如下原因,

[root@master system]# systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: failed (Result: start-limit) since Fri 2021-12-31 11:35:48 +08; 14s ago
     Docs: https://docs.docker.com
  Process: 17557 ExecStart=/usr/bin/dockerd (code=exited, status=1/FAILURE)
 Main PID: 17557 (code=exited, status=1/FAILURE)

Dec 31 11:35:47 master systemd[1]: Failed to start Docker Application Container Engine.
Dec 31 11:35:47 master systemd[1]: Unit docker.service entered failed state.
Dec 31 11:35:47 master systemd[1]: docker.service failed.
Dec 31 11:35:48 master systemd[1]: docker.service holdoff time over, scheduling restart.
Dec 31 11:35:48 master systemd[1]: Stopped Docker Application Container Engine.
Dec 31 11:35:48 master systemd[1]: start request repeated too quickly for docker.service
Dec 31 11:35:48 master systemd[1]: Failed to start Docker Application Container Engine.
Dec 31 11:35:48 master systemd[1]: Unit docker.service entered failed state.
Dec 31 11:35:48 master systemd[1]: docker.service failed.

解决方法:

若配置了国内加载镜像,镜像文件为/etc/docker/daemon.json,则修改文件后缀为.conf即可正常启动docker 服务

[root@master data]# docker login -u admin -p Harbor12345 hub.bingo.com
WARNING! Using --password via the CLI is insecure. Use --password-stdin.
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store

Login Succeeded

可以愉快的玩耍了

https认证:

cd/data/cert/
openssl genrsa -des3 -out server.key 2048 #创建私钥
openssl req -new -key server.key -out server.csr  #发起请求
cp server.key server.key.org  #备份私钥
openssl rsa -in server.key.org -out server.key  #转化证书
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt  #签名
chmod-R777/data/cert
点击查看更多内容
TA 点赞

若觉得本文不错,就分享一下吧!

评论

作者其他优质文章

正在加载中
  • 推荐
  • 评论
  • 收藏
  • 共同学习,写下你的评论
感谢您的支持,我会继续努力的~
扫码打赏,你说多少就多少
赞赏金额会直接到老师账户
支付方式
打开微信扫一扫,即可进行扫码打赏哦
今天注册有机会得

100积分直接送

付费专栏免费学

大额优惠券免费领

立即参与 放弃机会
意见反馈 帮助中心 APP下载
官方微信

举报

0/150
提交
取消