以Harbor为例,ssl证书更新后,docker-compose启动不起作用。
问题出在一句很重要的命令:./prepare
步骤:(Harbor样例)
1. cd /data/ssl 换ssl证书
Harbor.yml ssl证书部分:
# Configuration file of Harbor
# The IP address or hostname to access admin UI and registry service.
# DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname: reg.xxx.cn
# http related config
http:
# port for http, default is 80. If https enabled, this port will redirect to https port
port: 80
# https related config
https:
# https port for harbor, default is 443
port: 443
# The path of cert and key files for nginx
certificate: /data/ssl/xxx.cn_server.crt
private_key: /data/ssl/xxx.cn_server.key
# # Uncomment following will enable tls communication between all harbor components
# internal_tls:
# # set enabled to true means internal tls is enabled
# enabled: true
# # put your cert and key files on dir
# dir: /etc/harbor/tls/internal
# Uncomment external_url if you want to enable external proxy
# And when it enabled the hostname will no longer used
# external_url: https://reg.mydomain.com:8433
# The initial password of Harbor admin
# It only works in first time to install harbor
# Remember Change the admin password from UI after launching Harbor.
然后:
docker-compose down
docker ps -a
./prepare #这个必须得执行,否则ssl证书不生效
docker-compose up -d
docker ps
- docker-compose 证书 作用 compose 方法docker-compose证书 作用compose docker-compose作用compose version docker-compose docker-compose compose docker docker-composed docker-compose compose docker gitlab docker-compose compose docker mysql docker docker-compose compose ubuntu docker-compose compose docker failed docker-compose compose docker emqx