我目前正在尝试将nexus作为我组织中docker镜像的私有注册表。我的nginx配置如下。
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 6666; ### Docker Hosted Repo HTTPS port
server_name box.company.net; ### Nexus Server
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 0;
chunked_transfer_encoding on;
location /v2/ {
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 900;
}
location / {
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 90;
}
}
使用https端口6666在nexus(在端口4444上运行)中配置了托管docker repo。
目前我们可以登录docker registry。
[test @ server~] $ docker login -u admin -p admin123 box.company.net:6666登录成功
但是当我们尝试将标记图像推送到nexus托管的docker注册表时,它会抛出400 Bad Request错误。
[test @ server~] $ docker push box.company.net:6666/alpine 推送是指存储库[box.company.net:6666/alpine] 3fb66f713c9f:准备解析HTTP 400响应正文时出错:无效 字符'<'寻找价值的开端:“\ n \ n \ n \ n 400 - Nexus Repository 经理\ n \ n \ n \ n \ n (新 图像)的.src = \ “HTTPS://box.company.net:6666 / favicon.ico的3.2.1-01 \” < /脚本> \ n \ n https://box.company.net:6666 / favicon-32x32.png?3.2.1-01 \“ sizes = \“32x32 \”> \ n https://box.company.net:6666 / safari-pinned-tab.svg?3.2.1-01 \“color = \”#5bbad5 \“> \ n HTTPS://box.company.net:6666 /图标,16x16.png 3.2.1-01 \” sizes = \“16x16 \”> \ n https://box.company.net:6666/favicon.ico?3.2.1-01\">\n https://box.company.net:6666/mstile-144x144.png?3.2.1-01\">\n \ n \ n https://box.company.net:6666/static/css/nexus -content.css?3.2.1-01 \“/> \ n \ n \ n \ n https://box.company.net:6666\">\n \ n https://box.company。净:6666 /静态/图像/ nexus.png 3.2.1-01 \“/> \ n \ n \ n \ n Nexus Repository Manager \ n \ n \ n OSS 3.2.1-01 \ n \ n \ n \ n \ n \ n \ n \ n https://box.company.net:6666/static/rapture/resources/icons/x32/exclamation.png?3.2.1-01\"/>\n 错误400 \ n错误请求\ n \ n \ n \ n \ n 此URL不支持HTTP方法POST \ n \ n
\ n \ n \ n \ n \ n“个
我错过了一些重要的nginx配置吗?或者我的请求是否格式错误。
答案 0 :(得分:2)
现在正在工作。以下是我的nginx配置。
server {
proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_buffering off;
tcp_nodelay on;
server_tokens off;
client_max_body_size 1G;
listen 80;
server_name box.company.net;
location / {
rewrite ^(.*) https://box.company.net$1 permanent;
}
}
server {
listen 443;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:8082;
proxy_read_timeout 90;
}
}
# correlates to your nexus http connector
server {
listen 6666;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 1G;
chunked_transfer_encoding on;
### Block for Search,Pull,Push of Docker Images via Nexus Hosted Repo ####
location / {
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
if ($request_method !~* GET) {
proxy_pass http://box.company.net:4444;
}
if ($request_method = GET) {
proxy_pass http://box.company.net:5555;
}
proxy_read_timeout 90;
}
}
答案 1 :(得分:0)
推送图片时错过了命名空间。
查看文档(https://books.sonatype.com/nexus-book/3.0/reference/docker.html#_accessing_repositories):
docker <command> <nexus-hostname>:<repository-port>/<namespace>/<image>:<tag>
您可以尝试
docker push server.int.org.com:6666/alpine/alpine