推送到 Artifactory Docker 存储库时未实现 501
501 Not Implemented when pushing to Artifactory Docker repository
我正在将 Artifactory 设置为 Docker 存储库。我按照文档进行操作,并且能够成功地从我的虚拟 Docker 存储库中提取图像。
但是,当我尝试将图像推送到本地存储库时,它失败并显示 501 Not Implemented 错误。
这是我的设置:
Nginx 是反向代理:
artifactory.somedomain.com:8085 -> http://localhost:8081/artifactory/api/docker/docker-local/v2
artifactory.somedomain.com:8086 -> http://localhost:8081/artifactory/api/docker/docker/v2
- docker-local是本地仓库,APIV2,不强制认证。没有设置其他设置。
- docker 是一个虚拟存储库,聚合了 docker-local 和 docker-remote(它只是 std Docker 存储库的代理)
命令 运行:
docker pull artifactory.somedomain.com:8086/busybox:latest
docker tag artifactory.somedomain.com:8086/busybox artifactory.somedomain.com:8085/busybox
docker push artifactory.somedomain.com:8085/busybox
结果:
The push refers to a repository [artifactory.somedomain.com:8085/busybox] (len: 1)
2c5ac3f849df: Buffering to Disk
Received unexpected HTTP status: 501 Not Implemented
有什么想法是错误的吗?
谢谢!
nginx.conf
(前两条规则一般处理重定向 http,后两条规则处理 Docker 存储库的代理)
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 1G;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name artifactory.somedomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name artifactory.somedomain.com;
access_log /var/log/nginx/artifactory.yourdomain.com.access.log;
error_log /var/log/nginx/artifactory.yourdomain.com.error.log;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect http:// https://;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8081;
proxy_pass_header Server;
proxy_read_timeout 90;
}
}
server {
listen 8085;
server_name artifactory.somedomain.com;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
access_log /var/log/nginx/artprod.company.com.access.log;
error_log /var/log/nginx/artprod.company.com.error.log;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_pass_header Server; # To help debugging, list the server that actually did the reply rather than nginx
proxy_read_timeout 900;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location /v2 {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))).*$" ) {
return 404;
}
proxy_pass http://localhost:8081/artifactory/api/docker/docker-local/v2;
}
}
server {
listen 8086;
server_name artifactory.somedomain.com;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
access_log /var/log/nginx/artprod.company.com.access.log;
error_log /var/log/nginx/artprod.company.com.error.log;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_pass_header Server; # To help debugging, list the server that actually did the reply rather than nginx
proxy_read_timeout 900;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location /v2 {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))).*$" ) {
return 404;
}
proxy_pass http://localhost:8081/artifactory/api/docker/docker/v2;
}
}
}
NginX 的访问日志 显示每个请求
192.168.33.65 - - [02/Nov/2015:13:04:56 +0100] "GET /v2/ HTTP/1.1" 200 12 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
192.168.33.65 - - [02/Nov/2015:13:04:57 +0100] "HEAD /v2/busybox/blobs/sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 HTTP/1.1" 404 0 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
192.168.33.65 - - [02/Nov/2015:13:04:57 +0100] "POST /v2/busybox/blobs/uploads/ HTTP/1.1" 202 0 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
问题出在 NginX 的配置上。 Artifactory 文档中提供的示例假设您使用 HTTPS 端口 443 连接到存储库。
如果您使用不同的端口,您需要编辑 listen
和 proxy_set_header Host
指令以包含该端口。
server {
listen <port>;
...
proxy_set_header Host $host:<port>;
...
}
我正在将 Artifactory 设置为 Docker 存储库。我按照文档进行操作,并且能够成功地从我的虚拟 Docker 存储库中提取图像。
但是,当我尝试将图像推送到本地存储库时,它失败并显示 501 Not Implemented 错误。
这是我的设置:
Nginx 是反向代理:
artifactory.somedomain.com:8085 -> http://localhost:8081/artifactory/api/docker/docker-local/v2
artifactory.somedomain.com:8086 -> http://localhost:8081/artifactory/api/docker/docker/v2
- docker-local是本地仓库,APIV2,不强制认证。没有设置其他设置。
- docker 是一个虚拟存储库,聚合了 docker-local 和 docker-remote(它只是 std Docker 存储库的代理)
命令 运行:
docker pull artifactory.somedomain.com:8086/busybox:latest
docker tag artifactory.somedomain.com:8086/busybox artifactory.somedomain.com:8085/busybox
docker push artifactory.somedomain.com:8085/busybox
结果:
The push refers to a repository [artifactory.somedomain.com:8085/busybox] (len: 1)
2c5ac3f849df: Buffering to Disk
Received unexpected HTTP status: 501 Not Implemented
有什么想法是错误的吗? 谢谢!
nginx.conf (前两条规则一般处理重定向 http,后两条规则处理 Docker 存储库的代理)
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 1G;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name artifactory.somedomain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name artifactory.somedomain.com;
access_log /var/log/nginx/artifactory.yourdomain.com.access.log;
error_log /var/log/nginx/artifactory.yourdomain.com.error.log;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect http:// https://;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8081;
proxy_pass_header Server;
proxy_read_timeout 90;
}
}
server {
listen 8085;
server_name artifactory.somedomain.com;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
access_log /var/log/nginx/artprod.company.com.access.log;
error_log /var/log/nginx/artprod.company.com.error.log;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_pass_header Server; # To help debugging, list the server that actually did the reply rather than nginx
proxy_read_timeout 900;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location /v2 {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))).*$" ) {
return 404;
}
proxy_pass http://localhost:8081/artifactory/api/docker/docker-local/v2;
}
}
server {
listen 8086;
server_name artifactory.somedomain.com;
ssl on;
ssl_certificate /etc/nginx/cert/artifactory-cert-chain.crt;
ssl_certificate_key /etc/nginx/cert/artifactory.key;
access_log /var/log/nginx/artprod.company.com.access.log;
error_log /var/log/nginx/artprod.company.com.error.log;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_pass_header Server; # To help debugging, list the server that actually did the reply rather than nginx
proxy_read_timeout 900;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location /v2 {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))).*$" ) {
return 404;
}
proxy_pass http://localhost:8081/artifactory/api/docker/docker/v2;
}
}
}
NginX 的访问日志 显示每个请求
192.168.33.65 - - [02/Nov/2015:13:04:56 +0100] "GET /v2/ HTTP/1.1" 200 12 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
192.168.33.65 - - [02/Nov/2015:13:04:57 +0100] "HEAD /v2/busybox/blobs/sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4 HTTP/1.1" 404 0 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
192.168.33.65 - - [02/Nov/2015:13:04:57 +0100] "POST /v2/busybox/blobs/uploads/ HTTP/1.1" 202 0 "-" "docker/1.8.3 go/go1.4.2 git-commit/f4bf5c7 kernel/4.1.10-boot2docker os/linux arch/amd64"
问题出在 NginX 的配置上。 Artifactory 文档中提供的示例假设您使用 HTTPS 端口 443 连接到存储库。
如果您使用不同的端口,您需要编辑 listen
和 proxy_set_header Host
指令以包含该端口。
server {
listen <port>;
...
proxy_set_header Host $host:<port>;
...
}