Docker推送到artifactory给出403

时间:2015-12-18 19:26:29

标签: authentication docker artifactory

我正在尝试将docker镜像推送到神器

上的本地docker repo 
docker push myNginxlb:2222/ubuntu

这将获得403-访问被禁止的错误。 Folloing是我在/ etc / nginx / sites-enabled / artifactory

下的反向代理配置 
 upstream artifactory_lb {
                    server mNginxLb.mycompany.com:8081;
                    server mNginxLb.mycompany.com backup;
            }

            log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name  to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';

            server {
                    listen 80;
                    listen 443 ssl;

                    ssl_certificate  /etc/nginx/ssl/my-certs/myCert.pem;
                    ssl_certificate_key /etc/nginx/ssl/my-certs/myserver.key;
                    client_max_body_size 2048M;
                    location / {
                            proxy_set_header Host $host:$server_port;
                            proxy_pass http://artifactory_lb;
                            proxy_read_timeout 90;
                    }
                    access_log /var/log/nginx/access.log upstreamlog;
                    location /basic_status {
                            stub_status on;
                            allow all;
                            }
            }

            # Server configuration

            server {
                listen 2222 ssl;

                server_name mNginxLb.mycompany.com;
                if ($http_x_forwarded_proto = '') {
                    set $http_x_forwarded_proto  $scheme;
                }

                rewrite ^/(v1|v2)/(.*) /api/docker/my_local_repo_key/$1/$2;
                client_max_body_size 0;
                chunked_transfer_encoding on;
                location / {
                proxy_read_timeout  900;
                proxy_pass_header   Server;
                proxy_cookie_path ~*^/.* /;
                proxy_pass         http://artifactory_lb;
                proxy_set_header   X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host;
                proxy_set_header    X-Forwarded-Port  $server_port;
                proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
                proxy_set_header    Host              $http_host;
                proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
                }
            }

访问日志指示以下http请求

"GET /v2/ HTTP/1.1" 404 465 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
 "GET /v2/ HTTP/1.1" 404 465 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
"GET /v1/_ping HTTP/1.1" 404 469 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
 "PUT /v1/repositories/ubuntu/ HTTP/1.1" 403 449 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"

同样在神器中我已经将docker local repo配置为使用v2 api,我缺少什么?

1 个答案:

答案 0 :(得分:0)

我通过将中间证书附加到上下文中的ssl证书来修复此问题

相关问题
最新问题