配置了Nexus Docker注册表和代理“ dockerhub-proxy”后,如下所述:
我能够在docker登录后将图像推送到nexus注册表,但是无法通过nexus代理“ dockerhub-proxy”从docker hub提取图像,并且错误未给出详细信息:
守护程序的错误响应:未知:未知
这是用于在Docker Desktop Windows上运行的docker守护程序客户端的
版本2.0.0.3(31259) 频道:稳定 建立:8858db3 引擎:18.09.2
我已经通过docker client在Linux EC2实例上进行了尝试,并且效果很好:
[root@ip-host-daemon docker]# docker pull ip_nexus_host:port_http_connector_nexus_proxy/mongo
Using default tag: latest
latest: Pulling from mongo
Digest: sha256:29d7ca01f9b7e3812a831ff143620e93ddf5e34bb9ac672d91140e064158a0fc
Status: Downloaded newer image for ip_nexus_host:port_http_connector_nexus_proxy/mongo:latest
我不知道为什么在Windows上它不起作用
PS C:\Dev\workspace> docker push my_dns/nexus/repository/dockerhub-proxy/image-name:1.0.1
The push refers to repository [my_dns/nexus/repository/dockerhub-proxy/image-name]
0bca66726bc2: Pushed
1.0.1: digest: sha256:0736228548d13e8d39fba5a0ed5cd8a7719074318fe9f8ddfc395fd454afc01f size: 528
PS C:\Dev\workspace> docker pull my_dns/nexus/repository/dockerhub-proxy/mysql:latest
**Error response from daemon: unknown: unknown**
我正在寻找能够通过Windows客户端通过在AWS EC2 linux实例上托管的nexus OSS上配置的Nexus代理从Docker Hub中提取docker映像的功能
感谢您的帮助
答案 0 :(得分:0)
根据本文:
您的链接公开了通过以下语法可供Docker CLI访问的HTTP(S)连接器:
docker pull <nexus-hostname>:<port_nexus_docker_group>/<dockerHubImage>:<officialTag>
docker push <nexus-hostname>:<port_nexus_docker_host>/<yourImage>:<yourTag>
很明显,如果Nexus在VPC中具有公共DNS,只需打开托管并运行Nexus服务器的EC2实例的安全组上的每个端口,以允许来自IP范围/ CIDR源的入站网络流量。
如果您的Nexus在VPC的专用子网中具有专用IP,只需在公共子网的同一VPC上将AWS-ELB网络负载均衡器放在其前面,并为每个HTTP(S)端口暴露两个TCP侦听器(nexus-组和由nexus托管的组)重定向到两个TCP目标组,并在托管nexus服务器的EC2实例ID上具有实例目标类型,这会将网络流量从公共DNS重定向到ELB,然后再重定向到Nexus EC2实例。
请注意,我们未使用AWS-ELB应用程序负载平衡器,因为它仅与HTTP侦听器一起使用,并且Docker在启动Docker CLI时不支持使用上下文指定存储库的路径,默认情况下为HTTP (S),并且所有URL的中间调用都使用URL路径模式/ v2/*。
正确的设置和配置后,您将能够进行docker登录,像这样的示例powershell会话那样将映像拉入内部nexus存储库:
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
PS D:\> docker login <host_redirect_to_NLB>:<port_nexus_docker_group>
Username: tarik
Password:
Login Succeeded
PS D:\> docker login <host_redirect_to_NLB>:<port_nexus_docker_host>
Username: tarik
Password:
Login Succeeded
PS D:\> docker pull <host_redirect_to_NLB>:<port_nexus_docker_group>/amazonlinux
Using default tag: latest
latest: Pulling from amazonlinux
72d97abdfae3: Pull complete
Digest: sha256:04f5ea9fec3f1f514451ea7c1a1a77a7c023787cb6cc066cc6d0413b56cd0eac
Status: Downloaded newer image for <host_redirect_to_NLB>:<port_nexus_docker_group>/amazonlinux:latest
PS D:\> docker tag <host_redirect_to_NLB>:<port_nexus_docker_group>/amazonlinux <host_redirect_to_NLB>:<port_nexus_docker_host>/tarik-awslinux:1.0
PS D:\> docker push <host_redirect_to_NLB>:<port_nexus_docker_host>/tarik-awslinux:1.0
The push refers to repository [<host_redirect_to_NLB>:<port_nexus_docker_host>/tarik-awslinux]
f387c8b346c8: Pushed
1.0: digest: sha256:04f5ea9fec3f1f514451ea7c1a1a77a7c023787cb6cc066cc6d0413b56cd0eac size: 529
PS D:\> more C:\Users\Tarik\.docker\config.json
{
"auths": {
"<host_redirect_to_NLB>:<port_nexus_docker_host>": {},
"<host_redirect_to_NLB>:<port_nexus_docker_group>": {}
},
"HttpHeaders": {
"User-Agent": "Docker-Client/18.09.2 (windows)"
},
"credsStore": "wincred",
"stackOrchestrator": "swarm"
}
PS D:\> more C:\Users\Tarik\.docker\daemon.json
{
"registry-mirrors": [
"https://<host_redirect_to_NLB>:<port_nexus_docker_group>"
],
"insecure-registries": [
"<host_redirect_to_NLB>:<port_nexus_docker_host>",
"<host_redirect_to_NLB>:<port_nexus_docker_group>"
],
"disable-legacy-registry": true,
"debug": true,
"experimental": false
}