ARTIFACTORY:配置Nginx和Docker与多个ARTIFACTORY仓库一起工作
2023-01-22 11:07
相关版本:此信息适用于人工版本6.x。
下面是一个Nginx服务器的示例设置,它已被配置为服务两个不同的码头工人存储库(例如,本地和远程存储库):
服务器{
听443;
server_name artprod2.company.com;
ssl;
# ssl_certificate /etc/ssl/certs/artprod2.company.com.crt;
# ssl_certificate_key /etc/ssl/private/artprod2.company.com.key;
ssl_certificate /home/idan/Documents/Docker/docker-registry.com.crt;
ssl_certificate_key /home/idan/Documents/Docker/docker-registry.com.key;
access_log /var/log/nginx/artprod2.company.com.access.log;
error_log /var/log/nginx/artprod2.company.com.error.log;
proxy_set_header $ Host;
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr
proxy_set_header x - forward - proto $scheme;
proxy_set_header X-Original-URI
proxy_read_timeout 900;
client_max_body_size 0;#禁用任何限制以避免使用HTTP 413上传大型图像
#需要避免HTTP 411:参见问题#1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding;
位置/v2 {
不允许来自docker 1.5及更早版本的连接
# docker 1.6.0之前没有正确设置ping用户代理,捕获“Go *”用户代理
如果(http_user_agent美元~ ^(码头工人/ 1。(3 | 4 | 5 (? ! [0 - 9]- dev)) |去)。*$ ") {
返回404;
}
proxy_pass https://artprod2.company.com: 8085 / artifactory / api /码头工人/ docker-remote / v2;
}
}
服务器{
听444;
server_name artprod2.company.com;
ssl;
# ssl_certificate /etc/ssl/certs/artprod2.company.com.crt;
# ssl_certificate_key /etc/ssl/private/artprod2.company.com.key;
ssl_certificate /home/idan/Documents/Docker/docker-registry.com.crt;
ssl_certificate_key /home/idan/Documents/Docker/docker-registry.com.key;
access_log /var/log/nginx/artprod2.company.com.access.log;
error_log /var/log/nginx/artprod2.company.com.error.log;
proxy_set_header主机$ Host:444;
$proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr
proxy_set_header x - forward - proto $scheme;
proxy_set_header X-Original-URI
proxy_read_timeout 900;
client_max_body_size 0;#禁用任何限制以避免使用HTTP 413上传大型图像
#需要避免HTTP 411:参见问题#1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding;
位置/v2 {
不允许来自docker 1.5及更早版本的连接
# docker 1.6.0之前没有正确设置ping用户代理,捕获“Go *”用户代理
如果(http_user_agent美元~ ^(码头工人/ 1。(3 | 4 | 5 (? ! [0 - 9]- dev)) |去)。*$ ") {
返回404;
}
proxy_pass https://artprod2.company.com: 8085 / artifactory / api /码头工人/ docker-local2 / v2;
}
}
请注意:444端口将工件部署到本地存储库,命名为docker-local2,而443端口已配置为使用远程存储库,docker-remote。此后,应该推送到docker-local2(通过444端口)的映像必须是标记使用端口本身:
Docker标签nginx artprod2.company.com:444/ nginx
这需要向该端口添加适当的凭据dockercfg文件:
curl -u{user}:{password} " https://{server_name}/{version-Docker}/auth "
例如:
Curl -uadmin:密码“https://artprod2.company.com/v2/auth”
的输出这个命令需要添加到dockercfg文件:
{
" https://artprod2.company.com ": {
" auth ": " YWRtaW46QVA4dlZWUWp2Z0M2NjFuVHNxcUoxUGdrR1Zq ",
" email ": " "
},
" https://artprod2.company.com:444 ": {
" auth ": " dGVzdDpBUDROcTlSMnhaTW1yR3JY ",
" email ": " "
}
}
完成这些配置步骤后,您可以推将您的图像发送给Artifactory,如下:
- 对于为444端口配置的存储库:
Docker push artprod2.company.com:444/nginx
- 对于为443端口配置的存储库:
Docker push artprod2.company.com/nginx
