解决 Harbor 启动失败故障
现象
使用 docker-compose 启动的 Harbor。
重启 docker 后,Harbor 无法正常重启。
# 重启 Docker
systemctl restart docker
# 查看状态
docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------
harbor-core /harbor/harbor_core Up
harbor-db /docker-entrypoint.sh Up 5432/tcp
harbor-jobservice /harbor/harbor_jobservice ... Up
harbor-log /bin/sh -c /usr/local/bin/ ... Restarting
harbor-portal nginx -g daemon off; Up 8080/tcp
nginx nginx -g daemon off; Restarting
redis redis-server /etc/redis.conf Up 6379/tcp
registry /home/harbor/entrypoint.sh Exit 137
registryctl /home/harbor/start.sh Up
# 关闭 harbor
ocker-compose down -v
Stopping harbor-jobservice ...
Stopping nginx ...
Stopping harbor-core ...
Stopping harbor-db ...
Stopping registryctl ...
Stopping redis ...
Stopping harbor-portal ...
Stopping harbor-log ...
Removing harbor-jobservice ...
Removing nginx ...
Removing harbor-core ...
Removing harbor-db ...
Removing registryctl ...
Removing redis ...
Removing registry ...
Removing harbor-portal ...
Removing harbor-log ...
Removing network harbor_harbor
# 启动 harbor
docker-compose up -d
Creating network "harbor_harbor" with the default driver
Creating harbor-log ...
Creating harbor-portal ...
Creating redis ...
Creating harbor-db ...
Creating registryctl ...
Creating registry ...
ERROR: for harbor-portal Cannot start service portal: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for redis Cannot start service redis: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for harbor-db Cannot start service postgresql: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for registryctl Cannot start service registryctl: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for portal Cannot start service portal: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for redis Cannot start service redis: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for postgresql Cannot start service postgresql: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: for registryctl Cannot start service registryctl: failed to initialize logging driver: dial tcp 127.0.0.1:1514: connect: connection refused
ERROR: Encountered errors while bringing up the project.分析
查看日志
docker-compose logs log
Attaching to harbor-log
harbor-log | sudo: Account or password is expired, reset your password and try again
harbor-log | Changing password for root.
harbor-log | sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
harbor-log | sudo: unable to change expired password: Authentication token manipulation error
...解决
mkdir -p /tmp/harbor-log
cd /tmp/harbor-log
docker export harbor-log -o harbor-log.tar
tar xvfp harbor-log.tar
sed -i 's/:90:/:99999:/g' /tmp/harbor-log/etc/shadow
mkdir -p /opt/harbor-log-etc/
cp /tmp/harbor-log/etc/shadow /opt/harbor-log-etc/shadow修改
- type: bind
source: /opt/harbor-log-etc/shadow
target: /etc/shadow重启
docker-compose down
docker-compose up -d参考
https://github.com/goharbor/harbor/issues/11633