Artifactory 中 docker 存储库的 Nginx 配置
Nginx configuration for docker repos in Artifactory
我有以下 conf 供 nginx 设置 docker 在 artifactory 中的 repos
upstream artifactory_lb {
server backup_artifactory_server:8081 backup;
server main_artifactory_server:8081;
}
log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
ssl_certificate /etc/nginx/ssl/myCert.pem
ssl_certificate_key /etc/nginx/ssl/myKey
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_cache shared:SSL:10m;
server {
listen 80;
listen 443 ssl;
client_max_body_size 2048M;
location / {
proxy_set_header Host $host;
proxy_pass http://artifactory_lb;
proxy_read_timeout 90;
}
access_log /var/log/nginx/access.log upstreamlog;
location /basic_status {
stub_status on;
allow all;
}
}
# Server configuration
server {
listen 2222 ssl;
server_name this_proxy.com;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images//;
client_max_body_size 0;
chunked_transfer_encoding on;
location / {
allow all;
proxy_read_timeout 900;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_pass http://artifactory_lb;
proxy_pass http://backup_artifactory_server:8081/artifactory/;
}
}
这工作正常,但是,通过将 'proxy_pass' 指令设置为指向负载均衡器实例会引入单点故障。为什么需要路由到“/artifactory”?
解决此问题的最佳方法是什么?创建一组新的上游服务器似乎是多余的
我通过更改以下
解决了这个问题
rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images//;
给以下
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/inhouse_images//;
并将proxy_pass指令指向上游服务器
我有以下 conf 供 nginx 设置 docker 在 artifactory 中的 repos
upstream artifactory_lb {
server backup_artifactory_server:8081 backup;
server main_artifactory_server:8081;
}
log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
ssl_certificate /etc/nginx/ssl/myCert.pem
ssl_certificate_key /etc/nginx/ssl/myKey
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_cache shared:SSL:10m;
server {
listen 80;
listen 443 ssl;
client_max_body_size 2048M;
location / {
proxy_set_header Host $host;
proxy_pass http://artifactory_lb;
proxy_read_timeout 90;
}
access_log /var/log/nginx/access.log upstreamlog;
location /basic_status {
stub_status on;
allow all;
}
}
# Server configuration
server {
listen 2222 ssl;
server_name this_proxy.com;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images//;
client_max_body_size 0;
chunked_transfer_encoding on;
location / {
allow all;
proxy_read_timeout 900;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_pass http://artifactory_lb;
proxy_pass http://backup_artifactory_server:8081/artifactory/;
}
}
这工作正常,但是,通过将 'proxy_pass' 指令设置为指向负载均衡器实例会引入单点故障。为什么需要路由到“/artifactory”?
解决此问题的最佳方法是什么?创建一组新的上游服务器似乎是多余的
我通过更改以下
解决了这个问题 rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images//;
给以下
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/inhouse_images//;
并将proxy_pass指令指向上游服务器