harbor v1.7.1镜像仓库无法访问,并提示502 Bad Gateway

这篇具有很好参考价值的文章主要介绍了harbor v1.7.1镜像仓库无法访问,并提示502 Bad Gateway。希望对大家有所帮助。如果存在错误或未考虑完全的地方,请大家不吝赐教,您也可以点击"举报违法"按钮提交疑问。

一、背景:

在巡检rancher平台时发现有一个服务运行报错了,查看该服务容器事件时提示连接不到harbor镜像仓库。

二、harbor镜像仓库访问问题分析过程: 

1、确认harbor仓库是否可以访问:

发现无法访问时,第一时间是通过浏览器去访问harbor仓库是否能正常访问:

http://harbor.jx.shu.com

发现无法访问,然后登入到对应的harbor服务器上去查看harbor服务是否正常。

2、查看分析harbor服务器的网络情况: 

通过堡垒机去访问harbor服务器时发现无法登入上去,这时候就需要找硬件基础工程师进行处理了。 

3、查看harbor服务运行状态: 

硬件工程师处理好harbor服务器无法登入的问题,之后登入到harbor服务器上去,并通过docker-compose命令查看服务运行状态,如下:

root@harbor:/home/service/harbor# docker-compose ps
       Name                     Command                 State                                   Ports                              
-----------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/start.sh                 Up                                                                           
harbor-core          /harbor/start.sh                 Up                                                                           
harbor-db            /entrypoint.sh postgres          Up           5432/tcp                                                        
harbor-jobservice    /harbor/start.sh                 Up                                                                           
harbor-log           /bin/sh -c /usr/local/bin/ ...   Up           127.0.0.1:1514->10514/tcp                                       
harbor-portal        nginx -g daemon off;             Restarting                                                                   
nginx                nginx -g daemon off;             Up           0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
redis                docker-entrypoint.sh redis ...   Up           6379/tcp                                                        
registry             /entrypoint.sh /etc/regist ...   Up           5000/tcp                                                        
registryctl          /harbor/start.sh                 Up  

根据查询到情况,可以发现harbor-portal容器服务运行异常,然后查看harbor对应的yaml文件内容:

version: '2'
services:
  log:
    image: goharbor/harbor-log:v1.7.1
    container_name: harbor-log 
    restart: always
    dns_search: .
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - DAC_OVERRIDE
      - SETGID
      - SETUID
    volumes:
      - /var/log/harbor/:/var/log/docker/:z
      - ./common/config/log/:/etc/logrotate.d/:z
    ports:
      - 127.0.0.1:1514:10514
    networks:
      - harbor
  registry:
    image: goharbor/registry-photon:v2.6.2-v1.7.1
    container_name: registry
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - ./common/config/custom-ca-bundle.crt:/harbor_cust_cert/custom-ca-bundle.crt:z
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registry"
  registryctl:
    image: goharbor/harbor-registryctl:v1.7.1
    container_name: registryctl
    env_file:
      - ./common/config/registryctl/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/registry:/storage:z
      - ./common/config/registry/:/etc/registry/:z
      - ./common/config/registryctl/config.yml:/etc/registryctl/config.yml:z
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "registryctl"
  postgresql:
    image: goharbor/harbor-db:v1.7.1
    container_name: harbor-db
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - DAC_OVERRIDE
      - SETGID
      - SETUID
    volumes:
      - /data/database:/var/lib/postgresql/data:z
    networks:
      - harbor
    dns_search: .
    env_file:
      - ./common/config/db/env
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "postgresql"
  adminserver:
    image: goharbor/harbor-adminserver:v1.7.1
    container_name: harbor-adminserver
    env_file:
      - ./common/config/adminserver/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/config/:/etc/adminserver/config/:z
      - /data/secretkey:/etc/adminserver/key:z
      - /data/:/data/:z
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "adminserver"
  core:
    image: goharbor/harbor-core:v1.7.1
    container_name: harbor-core
    env_file:
      - ./common/config/core/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
    volumes:
      - ./common/config/core/app.conf:/etc/core/app.conf:z
      - ./common/config/core/private_key.pem:/etc/core/private_key.pem:z
      - ./common/config/core/certificates/:/etc/core/certificates/:z
      - /data/secretkey:/etc/core/key:z
      - /data/ca_download/:/etc/core/ca/:z
      - /data/psc/:/etc/core/token/:z
      - /data/:/data/:z
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
      - adminserver
      - registry
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "core"
  portal:
    image: goharbor/harbor-portal:v1.7.1
    container_name: harbor-portal
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - NET_BIND_SERVICE
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
      - core
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "portal"

  jobservice:
    image: goharbor/harbor-jobservice:v1.7.1
    container_name: harbor-jobservice
    env_file:
      - ./common/config/jobservice/env
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/job_logs:/var/log/jobs:z
      - ./common/config/jobservice/config.yml:/etc/jobservice/config.yml:z
    networks:
      - harbor
    dns_search: .
    depends_on:
      - redis
      - core
      - adminserver
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "jobservice"
  redis:
    image: goharbor/redis-photon:v1.7.1
    container_name: redis
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    volumes:
      - /data/redis:/var/lib/redis
    networks:
      - harbor
    dns_search: .
    depends_on:
      - log
    logging:
      driver: "syslog"
      options:
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "redis"
  proxy:
    image: goharbor/nginx-photon:v1.7.1
    container_name: nginx
    restart: always
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
      - NET_BIND_SERVICE
    volumes:
      - ./common/config/nginx:/etc/nginx:z
    networks:
      - harbor
    dns_search: .
    ports:
      - 80:80
      - 443:443
      - 4443:4443
    depends_on:
      - postgresql
      - registry
      - core
      - portal
      - log
    logging:
      driver: "syslog"
      options:  
        syslog-address: "tcp://127.0.0.1:1514"
        tag: "proxy"
networks:
  harbor:
    external: false

发现harbor-portal容器服务的日志是存放在/var/log/harbor目录下的,需要到该目录找对应服务的日志内容:

root@harbor:/home/service/harbor# cd /var/log/harbor/
root@harbor:/var/log/harbor# ls
adminserver.log  dev-198-1b9b616909af44f90ae1566674c19032ec13c8da.log  portal.log      proxy.log  registryctl.log
core.log         jobservice.log                                        postgresql.log  redis.log  registry.log

root@harbor:/var/log/harbor# tail -100f portal.log

查看的日志报错如下:

........
Feb 18 14:43:15 localhost portal[97624]: 2024/02/18 06:43:15 [emerg] 1#0: mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:43:15 localhost portal[97624]: nginx: [emerg] mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:43:41 localhost portal[97624]: 2024/02/18 06:43:41 [emerg] 1#0: mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:43:41 localhost portal[97624]: nginx: [emerg] mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:44:32 172.18.0.1 portal[97624]: 2024/02/18 06:44:32 [emerg] 1#0: mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:44:32 172.18.0.1 portal[97624]: nginx: [emerg] mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:46:15 172.18.0.1 portal[97624]: 2024/02/18 06:46:15 [emerg] 1#0: mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:46:15 172.18.0.1 portal[97624]: nginx: [emerg] mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:49:40 localhost portal[97624]: 2024/02/18 06:49:40 [emerg] 1#0: mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)
Feb 18 14:49:40 localhost portal[97624]: nginx: [emerg] mkdir() "/etc//nginx/client_body_temp" failed (13: Permission denied)

但是该服务运行的不是nginx服务的,所以日志中报错的内容,提供不了排查方向。

4、解决harbor服务运行异常问题: 

首先想到harbor服务器有重启过,是否有可能因为docker的网络有问题导致的,需要重启一下docker服务,然后再去重启一下harbor服务的。

root@harbor:/home/service/harbor# docker-compose stop
Stopping nginx              ... done
Stopping harbor-jobservice  ... done
Stopping harbor-portal      ... done
Stopping harbor-core        ... done
Stopping redis              ... done
Stopping registryctl        ... done
Stopping registry           ... done
Stopping harbor-db          ... done
Stopping harbor-adminserver ... done
Stopping harbor-log         ... done

root@harbor:/home/service/harbor# systemctl restart docker

root@harbor:/home/service/harbor# docker-compose start
Starting log         ... done
Starting postgresql  ... done
Starting redis       ... done
Starting adminserver ... done
Starting registry    ... done
Starting core        ... done
Starting jobservice  ... done
Starting portal      ... done
Starting proxy       ... done
Starting registryctl ... done

root@harbor:/home/service/harbor# docker-compose ps
       Name                     Command                 State                                   Ports                              
-----------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/start.sh                 Up                                                                           
harbor-core          /harbor/start.sh                 Up                                                                           
harbor-db            /entrypoint.sh postgres          Up           5432/tcp                                                        
harbor-jobservice    /harbor/start.sh                 Up                                                                           
harbor-log           /bin/sh -c /usr/local/bin/ ...   Up           127.0.0.1:1514->10514/tcp                                       
harbor-portal        nginx -g daemon off;             Restarting                                                                   
nginx                nginx -g daemon off;             Up           0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
redis                docker-entrypoint.sh redis ...   Up           6379/tcp                                                        
registry             /entrypoint.sh /etc/regist ...   Up           5000/tcp                                                        
registryctl          /harbor/start.sh                 Up  

然后发现还是不行,网络查找可以尝试通过install.sh脚本的访问处理,就尝试了一下:

root@harbor:/home/service/harbor# ./install.sh 

[Step 0]: checking installation environment ...

Note: docker version: 17.03.2

Note: docker-compose version: 1.18.0


[Step 1]: preparing environment ...
Clearing the configuration file: ./common/config/registryctl/env
Clearing the configuration file: ./common/config/registryctl/config.yml
Clearing the configuration file: ./common/config/db/env
Clearing the configuration file: ./common/config/core/env
Clearing the configuration file: ./common/config/core/app.conf
Clearing the configuration file: ./common/config/core/private_key.pem
Clearing the configuration file: ./common/config/log/logrotate.conf
Clearing the configuration file: ./common/config/adminserver/env
Clearing the configuration file: ./common/config/registry/config.yml
Clearing the configuration file: ./common/config/registry/root.crt
Clearing the configuration file: ./common/config/nginx/nginx.conf
Clearing the configuration file: ./common/config/jobservice/env
Clearing the configuration file: ./common/config/jobservice/config.yml
loaded secret from file: /data/secretkey
Generated configuration file: ./common/config/nginx/nginx.conf
Generated configuration file: ./common/config/adminserver/env
Generated configuration file: ./common/config/core/env
Generated configuration file: ./common/config/registry/config.yml
Generated configuration file: ./common/config/db/env
Generated configuration file: ./common/config/jobservice/env
Generated configuration file: ./common/config/jobservice/config.yml
Generated configuration file: ./common/config/log/logrotate.conf
Generated configuration file: ./common/config/registryctl/env
Generated configuration file: ./common/config/core/app.conf
Generated certificate, key file: ./common/config/core/private_key.pem, cert file: ./common/config/registry/root.crt
The configuration files are ready, please use docker-compose to start the service.


[Step 2]: checking existing instance of Harbor ...

Note: stopping existing Harbor instance ...
Stopping nginx              ... done
Stopping harbor-jobservice  ... done
Stopping harbor-portal      ... done
Stopping harbor-core        ... done
Stopping redis              ... done
Stopping registryctl        ... done
Stopping registry           ... done
Stopping harbor-db          ... done
Stopping harbor-adminserver ... done
Stopping harbor-log         ... done
Removing nginx              ... done
Removing harbor-jobservice  ... done
Removing harbor-portal      ... done
Removing harbor-core        ... done
Removing redis              ... done
Removing registryctl        ... done
Creating harbor-log ... done
Removing harbor-db          ... done
Removing harbor-adminserver ... done
Removing harbor-log         ... done
Removing network harbor_harbor
Creating harbor-db ... done
Creating harbor-core ... done
[Step 3]: starting Harbor ...
Creating harbor-portal ... done
Creating nginx ... done
Creating redis ... 
Creating harbor-adminserver ... 
Creating registry ... 
Creating harbor-db ... 
Creating registryctl ... 
Creating harbor-core ... 
Creating harbor-portal ... 
Creating harbor-jobservice ... 
Creating nginx ... 

✔ ----Harbor has been installed and started successfully.----

Now you should be able to visit the admin portal at http://harbor.jxwrd.gov.cn. 
For more details, please visit https://github.com/goharbor/harbor .

再次查看harbor服务状态:

root@harbor:/home/service/harbor# docker-compose ps
       Name                     Command               State                                Ports                              
------------------------------------------------------------------------------------------------------------------------------
harbor-adminserver   /harbor/start.sh                 Up                                                                      
harbor-core          /harbor/start.sh                 Up                                                                      
harbor-db            /entrypoint.sh postgres          Up      5432/tcp                                                        
harbor-jobservice    /harbor/start.sh                 Up                                                                      
harbor-log           /bin/sh -c /usr/local/bin/ ...   Up      127.0.0.1:1514->10514/tcp                                       
harbor-portal        nginx -g daemon off;             Up      80/tcp                                                          
nginx                nginx -g daemon off;             Up      0.0.0.0:443->443/tcp, 0.0.0.0:4443->4443/tcp, 0.0.0.0:80->80/tcp
redis                docker-entrypoint.sh redis ...   Up      6379/tcp                                                        
registry             /entrypoint.sh /etc/regist ...   Up      5000/tcp                                                        
registryctl          /harbor/start.sh                 Up 

发现harbor服务恢复了,通过访问地址去访问是可以正常打开,并且正常获取到镜像文件的。

三、总结:

 到此,该harbor访问异常的问题就处理好了,希望问题分析排查的过程对大家有帮助!文章来源地址https://www.toymoban.com/news/detail-827324.html

到了这里,关于harbor v1.7.1镜像仓库无法访问,并提示502 Bad Gateway的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处: 如若内容造成侵权/违法违规/事实不符,请点击违法举报进行投诉反馈,一经查实,立即删除!

领支付宝红包 赞助服务器费用

相关文章

  • docker镜像仓库dockerhub无法访问-解决办法

    前文《docker镜像仓库hub.docker.com无法访问》中很多小伙伴反馈不会使用魔法,而且想使用官方docker镜像仓库搜索镜像,今天它来了! 文章主要内容: 个人镜像站点 dockerhub为什么无法访问 话不多说,直接上dockerhub个人镜像站点( 每天限制10w访问,只要不被封,一直免费提供访

    2024年02月08日
    浏览(43)
  • 宝塔反代教程502 Bad Gateway问题解决,实现服务器访问openai api

    宝塔反代教程502 Bad Gateway问题解决,实现服务器访问openai api 此方法最简单快捷,没有复杂步骤,不容易出错,即最简单,零代码、零部署的方法。 一台 海外 VPS OpenAI官方的3.5或者4.0 API_KEY ChatGPT 网站系统源码 目前使用的ChatGPT网站系统可以看下面这篇文章,进行下载部署使用

    2024年01月16日
    浏览(71)
  • docker镜像仓库hub.docker.com无法访问

    文章主要内容: 介绍dockerhub为什么无法访问 解决办法 最近许多群友都询问为什么无法访问Docker镜像仓库,于是我也尝试去访问,结果果然无法访问。 大家的第一反应就是给墙了,通过ping检测红的很可怕。 实际上是DNS被污染了,导致很多用户都无法访问。至于什么是DNS污染

    2024年02月07日
    浏览(53)
  • 宝塔反代教程+国内服务器访问openai api接口+502 Bad Gateway问题解决!

    宝塔反代教程+国内服务器访问openai api接口+502 Bad Gateway问题解决! 此方法最简单快捷,没有复杂步骤,不容易出错,即最简单,零代码、零部署的方法。 一台海外VPS OpenAI官方的API_KEY ChatGPT网站系统源码 ChatGPT网站系统源码,可以看另一篇文章介绍,进行下载部署使用: 《Ch

    2024年02月09日
    浏览(55)
  • docker镜像仓库hub.docker.com无法访问-解决办法

    目录 docker镜像仓库hub.docker.com无法访问-解决办法 1 个人镜像站点 2 dockerhub为什么无法访问 2.1 查看dockerhub实际IP 2.2 ping检测 3 镜像加速 3.1 使用国内镜像加速 3.1.1 docker配置: 3.1.2 containerd配置: 3.2 使用博主个人镜像仓库 3.2.1 目前有如下镜像仓库,后续会陆续增加 3.2.2 使用方

    2024年02月09日
    浏览(48)
  • Harbor 镜像仓库

    目录 一、Harboar概述 1.1 什么是 Harbor 1.2 Harbor优势 1.3 Harbor构成 1.4 Harbor的误区 二、Harbor 安装(http) 2.1 两种方式 2.2 具体安装步骤 2.2.1 先安装Docker和Docker Compose 2.2.2 下载Harbor 2.2.3 harbor.yml 的hostname 2.2.8 镜像推送 三、Harbor部署Https 3.1 生成SSL证书 3.2 Harbor启用HTTPS 3.3 重新配置并

    2024年02月13日
    浏览(37)
  • Harbor企业镜像仓库部署(本地)

    简述: Docker 官方镜像仓库是用于管理公共镜像的地方,大家可以在上面找到想要的镜像,也可以把自己的镜像推送上去。但是有时候服务器无法访问互联网,或者不希望将自己的镜像放到互联网上,那么就需要用到 Docker Registry 私有仓库,它可以用来存储和管理自己的镜像。

    2024年02月14日
    浏览(42)
  • 【云原生-Harbor】企业级搭建镜像仓库Harbor最佳教程

    Harbor 是由 VMware 公司中国团队为企业用户设计的 Registry server 开源项目,包括了权限管理 (RBAC)、LDAP、审计、管理界面、自我注册、HA 等企业必需的功能,同时针对中国用户的特点,设计镜像复制和中文支持等功能。 官网:https://goharbor.io/ 开源地址:https://github.com/goharbor/har

    2024年02月02日
    浏览(75)
  • Docker registry镜像仓库,私有仓库及harbor管理详解

    目录 registry镜像仓库概述 Docker 镜像仓库(Docker Registry): registry 容器: 私有仓库概述 搭建本地私有仓库示例 Harbor概述 harbor架构 详解构成 Harbor由容器构成 Harbor部署示例 环境准备 部署Docker-Compose服务 部署 Harbor 服务 启动Harbor 查看 Harbor 启动镜像 创建一个新项目 在其他客

    2024年01月18日
    浏览(49)
  • 使用kubesphere搭建Harbor镜像管理仓库

    必须正确安装kubesphere和kubernetes,如果还没有安装见此文章:https://blog.csdn.net/qq_42315648/article/details/129726214?spm=1001.2014.3001.5501 可以正常登录到kubesphere,看到如下页面: 因为本教程是内网部署,故需要更改访问类型的配置及访问的ip地址,其余不用修改 默认的登陆账号:admin,密码

    2024年01月15日
    浏览(54)

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

博客赞助

微信扫一扫打赏

请作者喝杯咖啡吧~博客赞助

支付宝扫一扫领取红包,优惠每天领

二维码1

领取红包

二维码2

领红包