ARTIFACTORY:配置Nginx和Docker使用多个ARTIFACTORY存储库
2023-01-22 11:07
相关版本:此信息属于Artifactory版本6.x.
下面是一个Nginx服务器的示例,它已经被配置为服务两个不同的码头工人存储库(例如,本地和远程存储库):
服务器{
听443;
server_name artprod2.company.com;
ssl;
# ssl_certificate /etc/ssl/certs/artprod2.company.com.crt;
# ssl_certificate_key /etc/ssl/private/artprod2.company.com.key;
ssl_certificate /home/idan/Documents/Docker/docker-registry.com.crt;
ssl_certificate_key /home/idan/Documents/Docker/docker-registry.com.key;
access_log /var/log/nginx/artprod2.company.com.access.log;
error_log /var/log/nginx/artprod2.company.com.error.log;
主机$ Host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header x原始uri $request_uri;
proxy_read_timeout 900;
client_max_body_size 0;#禁用任何限制,以避免HTTP 413的大图片上传
#需要避免HTTP 411:参见问题#1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding;
位置/v2 {
#不允许来自docker 1.5及更早版本的连接
# docker 1.6.0之前没有正确设置用户代理ping,捕获“Go *”用户代理
如果(http_user_agent美元~ ^(码头工人/ 1。(3 | 4 | 5 (? ! [0 - 9]- dev)) |去)。*$ ") {
返回404;
}
proxy_pass https://artprod2.company.com: 8085 / artifactory / api /码头工人/ docker-remote / v2;
}
}
服务器{
听444;
server_name artprod2.company.com;
ssl;
# ssl_certificate /etc/ssl/certs/artprod2.company.com.crt;
# ssl_certificate_key /etc/ssl/private/artprod2.company.com.key;
ssl_certificate /home/idan/Documents/Docker/docker-registry.com.crt;
ssl_certificate_key /home/idan/Documents/Docker/docker-registry.com.key;
access_log /var/log/nginx/artprod2.company.com.access.log;
error_log /var/log/nginx/artprod2.company.com.error.log;
proxy_set_header主机$ Host:444;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header x原始uri $request_uri;
proxy_read_timeout 900;
client_max_body_size 0;#禁用任何限制,以避免HTTP 413的大图片上传
#需要避免HTTP 411:参见问题#1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding;
位置/v2 {
#不允许来自docker 1.5及更早版本的连接
# docker 1.6.0之前没有正确设置用户代理ping,捕获“Go *”用户代理
如果(http_user_agent美元~ ^(码头工人/ 1。(3 | 4 | 5 (? ! [0 - 9]- dev)) |去)。*$ ") {
返回404;
}
proxy_pass https://artprod2.company.com: 8085 / artifactory / api /码头工人/ docker-local2 / v2;
}
}
请注意:444端口将构件部署到本地存储库,是否命名docker-local2,而443端口已配置为与远程存储库一起使用,docker-remote.然后,应该推送到docker-local2(通过444端口)的映像必须是标记使用端口本身:
Docker标签nginx artprod2.company.com:444/ nginx
这需要向该端口添加适当的凭据dockercfg文件:
curl -u{user}:{password} " https://{server_name}/{version-Docker}/auth "
例如:
Curl -uadmin:密码“https://artprod2.company.com/v2/auth”
的输出的命令,则需要添加到dockercfg文件:
{
“https://artprod2.company.com”:{
auth:“YWRtaW46QVA4dlZWUWp2Z0M2NjFuVHNxcUoxUGdrR1Zq”,
" email ": " "
},
“https://artprod2.company.com:444”:{
" auth ": " dGVzdDpBUDROcTlSMnhaTW1yR3JY ",
" email ": " "
}
}
完成这些配置步骤后,您就可以推提交给Artifactory的图片如下:
- 对于配置为444端口的存储库:
Docker推送artprod2.company.com:444/nginx
- 对于配置为443端口的存储库:
Docker推送artprod2.company.com/nginx
