nginx 反向代理后面的 Nexus docker 存储库
Nexus docker repository behind nginx reverse-proxy
我尝试在 nginx 反向代理(使用自签名 SSL 证书)后面设置 nexus docker 存储库。我使用这个官方 docker-compose 文件:
https://github.com/sonatype-nexus-community/docker-nginx-nexus-repository
安装 docker-compose 后,我最终能够使用 ./nexus.sh 启动两个容器:nexus3 和 nginx。我尝试了几次,因为我不得不将 nexus 密码更改为 admin123 并在 docker-nginx-nexus-repository_nexus-repository_1 容器内添加 nexus.scripts.allowCreation=true(在 /nexus-data/etc/nexus.properties 中),否则 curl -v -u admin:admin123 --insecure --header 'Content-Type: application/json' 'https://localhost/service/rest/v1/script' -d @nexus-repository/create-docker-proxy.json 会失败.最后,我在指向 DockerHub 的 http 端口 5000 上与 docker-proxy 存储库建立了联系。
另外在我添加的主机上:
cat /etc/docker/daemon.json
{
"insecure-registries": ["10.97.7.95:5000"]
}
并且:
cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTPS_PROXY=https://10.97.7.95:5000/"
并重新启动 docker。
但是,当我在主机上尝试拉取一些图像时,出现以下错误:
# docker pull 10.97.7.95:5000/hello-world
Using default tag: latest
Error response from daemon: error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.19.0</center>\r\n</body>\r\n</html>\r\n"
docker logs -f docker-nginx-nexus-repository_nginx-proxy_1 显示:
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "CONNECT 10.97.7.95:5000 HTTP/1.1" 400 157 "-" "-"
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "GET /v2/ HTTP/1.1" 400 255 "-" "docker/19.03.8 go/go1.12.17 git-commit/afacb8b7f0 kernel/4.19.0-6-amd64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.8 \x5C(linux\x5C))"
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "GET /v2/hello-world/manifests/latest HTTP/1.1" 400 255 "-" "docker/19.03.8 go/go1.12.17 git-commit/afacb8b7f0 kernel/4.19.0-6-amd64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.8 \x5C(linux\x5C))"
还有:
# docker login 10.97.7.95:5000
Username: admin
Password:
Error response from daemon: login attempt to http://10.97.7.95:5000/v2/ failed with status: 400 Bad Request
我错过了什么?
您自己的 docker-repository 运行 在 nginx 的 reverse-proxy 设置后面。如果您没有更改您发布的 Github 存储库中的 nginx.conf,则启用了 ssl。它在第 25 行中说:
ssl on;
如果您尝试使用纯 HTTP 访问 HTTPS 端点,nginx 将响应 HTTP 400 - 错误请求。
我尝试在 nginx 反向代理(使用自签名 SSL 证书)后面设置 nexus docker 存储库。我使用这个官方 docker-compose 文件:
https://github.com/sonatype-nexus-community/docker-nginx-nexus-repository
安装 docker-compose 后,我最终能够使用 ./nexus.sh 启动两个容器:nexus3 和 nginx。我尝试了几次,因为我不得不将 nexus 密码更改为 admin123 并在 docker-nginx-nexus-repository_nexus-repository_1 容器内添加 nexus.scripts.allowCreation=true(在 /nexus-data/etc/nexus.properties 中),否则 curl -v -u admin:admin123 --insecure --header 'Content-Type: application/json' 'https://localhost/service/rest/v1/script' -d @nexus-repository/create-docker-proxy.json 会失败.最后,我在指向 DockerHub 的 http 端口 5000 上与 docker-proxy 存储库建立了联系。
另外在我添加的主机上:
cat /etc/docker/daemon.json
{
"insecure-registries": ["10.97.7.95:5000"]
}
并且:
cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTPS_PROXY=https://10.97.7.95:5000/"
并重新启动 docker。
但是,当我在主机上尝试拉取一些图像时,出现以下错误:
# docker pull 10.97.7.95:5000/hello-world
Using default tag: latest
Error response from daemon: error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.19.0</center>\r\n</body>\r\n</html>\r\n"
docker logs -f docker-nginx-nexus-repository_nginx-proxy_1 显示:
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "CONNECT 10.97.7.95:5000 HTTP/1.1" 400 157 "-" "-"
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "GET /v2/ HTTP/1.1" 400 255 "-" "docker/19.03.8 go/go1.12.17 git-commit/afacb8b7f0 kernel/4.19.0-6-amd64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.8 \x5C(linux\x5C))"
172.18.0.1 - - [05/Jul/2020:16:21:08 +0000] "GET /v2/hello-world/manifests/latest HTTP/1.1" 400 255 "-" "docker/19.03.8 go/go1.12.17 git-commit/afacb8b7f0 kernel/4.19.0-6-amd64 os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.8 \x5C(linux\x5C))"
还有:
# docker login 10.97.7.95:5000
Username: admin
Password:
Error response from daemon: login attempt to http://10.97.7.95:5000/v2/ failed with status: 400 Bad Request
我错过了什么?
您自己的 docker-repository 运行 在 nginx 的 reverse-proxy 设置后面。如果您没有更改您发布的 Github 存储库中的 nginx.conf,则启用了 ssl。它在第 25 行中说:
ssl on;
如果您尝试使用纯 HTTP 访问 HTTPS 端点,nginx 将响应 HTTP 400 - 错误请求。