Nginx Docker 400 错误请求
Nginx Docker 400 Bad Request
我目前正在尝试将 nexus 托管为我组织内 docker 图像的私有注册表。我的 nginx 配置如下。
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 6666; ### Docker Hosted Repo HTTPS port
server_name box.company.net; ### Nexus Server
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 0;
chunked_transfer_encoding on;
location /v2/ {
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 900;
}
location / {
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 90;
}
}
已在 nexus(运行 在端口 4444 上)和 https 端口 6666 中配置了托管 docker 存储库。
目前我们可以登录 docker 注册表。
[test@server ~]$ docker login -u admin -p admin123
box.company.net:6666 Login Succeeded
但是当我们尝试将标记图像推送到 nexus 托管 docker 注册表时,它会返回 400 Bad Request 错误。
[test@server ~]$ docker push box.company.net:6666/alpine
The push refers to a repository [box.company.net:6666/alpine]
3fb66f713c9f: Preparing error parsing HTTP 400 response body: invalid
character '<' looking for beginning of value: "\n\n\n\n 400 - Nexus Repository
Manager\n \n\n\n \n
(new
Image).src=\"https://box.company.net:6666/favicon.ico?3.2.1-01\"</script>\n
\n https://box.company.net:6666/favicon-32x32.png?3.2.1-01\"
sizes=\"32x32\">\n https://box.company.net:6666/safari-pinned-tab.svg?3.2.1-01\" color=\"#5bbad5\">\n https://box.company.net:6666/favicon-16x16.png?3.2.1-01\"
sizes=\"16x16\">\n https://box.company.net:6666/favicon.ico?3.2.1-01\">\n
https://box.company.net:6666/mstile-144x144.png?3.2.1-01\">\n \n\n https://box.company.net:6666/static/css/nexus-content.css?3.2.1-01\"/>\n\n\n\n https://box.company.net:6666\">\n \n https://box.company.net:6666/static/images/nexus.png?3.2.1-01\"/>\n
\n \n \n Nexus Repository Manager\n \n
\n OSS 3.2.1-01\n \n \n
\n\n\n\n \n https://box.company.net:6666/static/rapture/resources/icons/x32/exclamation.png?3.2.1-01\"/>\n
Error 400\n Bad Request\n \n \n \n
HTTP method POST is not supported by this URL\n \n
\n\n\n\n\n"
我是否遗漏了一些重要的 nginx 配置?还是我的请求格式不正确。
推送图像时缺少命名空间。
查看文档 (https://books.sonatype.com/nexus-book/3.0/reference/docker.html#_accessing_repositories):
docker <command> <nexus-hostname>:<repository-port>/<namespace>/<image>:<tag>
你可以试试
docker push server.int.org.com:6666/alpine/alpine
它正在工作。下面是我的 nginx 配置。
server {
proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_buffering off;
tcp_nodelay on;
server_tokens off;
client_max_body_size 1G;
listen 80;
server_name box.company.net;
location / {
rewrite ^(.*) https://box.company.net permanent;
}
}
server {
listen 443;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:8082;
proxy_read_timeout 90;
}
}
# correlates to your nexus http connector
server {
listen 6666;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 1G;
chunked_transfer_encoding on;
### Block for Search,Pull,Push of Docker Images via Nexus Hosted Repo ####
location / {
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
if ($request_method !~* GET) {
proxy_pass http://box.company.net:4444;
}
if ($request_method = GET) {
proxy_pass http://box.company.net:5555;
}
proxy_read_timeout 90;
}
}
我目前正在尝试将 nexus 托管为我组织内 docker 图像的私有注册表。我的 nginx 配置如下。
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 6666; ### Docker Hosted Repo HTTPS port
server_name box.company.net; ### Nexus Server
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 0;
chunked_transfer_encoding on;
location /v2/ {
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 900;
}
location / {
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:4444/;
proxy_read_timeout 90;
}
}
已在 nexus(运行 在端口 4444 上)和 https 端口 6666 中配置了托管 docker 存储库。
目前我们可以登录 docker 注册表。
[test@server ~]$ docker login -u admin -p admin123 box.company.net:6666 Login Succeeded
但是当我们尝试将标记图像推送到 nexus 托管 docker 注册表时,它会返回 400 Bad Request 错误。
[test@server ~]$ docker push box.company.net:6666/alpine The push refers to a repository [box.company.net:6666/alpine] 3fb66f713c9f: Preparing error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "\n\n\n\n 400 - Nexus Repository Manager\n \n\n\n \n (new Image).src=\"https://box.company.net:6666/favicon.ico?3.2.1-01\"</script>\n \n https://box.company.net:6666/favicon-32x32.png?3.2.1-01\" sizes=\"32x32\">\n https://box.company.net:6666/safari-pinned-tab.svg?3.2.1-01\" color=\"#5bbad5\">\n https://box.company.net:6666/favicon-16x16.png?3.2.1-01\" sizes=\"16x16\">\n https://box.company.net:6666/favicon.ico?3.2.1-01\">\n https://box.company.net:6666/mstile-144x144.png?3.2.1-01\">\n \n\n https://box.company.net:6666/static/css/nexus-content.css?3.2.1-01\"/>\n\n\n\n https://box.company.net:6666\">\n \n https://box.company.net:6666/static/images/nexus.png?3.2.1-01\"/>\n \n \n \n Nexus Repository Manager\n \n \n OSS 3.2.1-01\n \n \n \n\n\n\n \n https://box.company.net:6666/static/rapture/resources/icons/x32/exclamation.png?3.2.1-01\"/>\n Error 400\n Bad Request\n \n \n \n
HTTP method POST is not supported by this URL\n \n
\n\n\n\n\n"
我是否遗漏了一些重要的 nginx 配置?还是我的请求格式不正确。
推送图像时缺少命名空间。
查看文档 (https://books.sonatype.com/nexus-book/3.0/reference/docker.html#_accessing_repositories):
docker <command> <nexus-hostname>:<repository-port>/<namespace>/<image>:<tag>
你可以试试
docker push server.int.org.com:6666/alpine/alpine
它正在工作。下面是我的 nginx 配置。
server {
proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_buffering off;
tcp_nodelay on;
server_tokens off;
client_max_body_size 1G;
listen 80;
server_name box.company.net;
location / {
rewrite ^(.*) https://box.company.net permanent;
}
}
server {
listen 443;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
proxy_pass http://box.company.net:8082;
proxy_read_timeout 90;
}
}
# correlates to your nexus http connector
server {
listen 6666;
server_name box.company.net;
keepalive_timeout 60;
ssl on;
ssl_certificate /etc/ssl/certs/nexus.crt;
ssl_certificate_key /etc/ssl/certs/nexus.key;
ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
ssl_session_cache shared:TLSSSL:16m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
client_max_body_size 1G;
chunked_transfer_encoding on;
### Block for Search,Pull,Push of Docker Images via Nexus Hosted Repo ####
location / {
access_log /var/log/nginx/docker.log;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
if ($request_method !~* GET) {
proxy_pass http://box.company.net:4444;
}
if ($request_method = GET) {
proxy_pass http://box.company.net:5555;
}
proxy_read_timeout 90;
}
}