在筆記一,二中分別試了ip, 域名訪問,這篇主要講nginx反向代理訪問私有庫。
在前兩個筆記中,我們可以直接使用ip或hub.xx.com域名就可以進行push等操作。
現在再搞另外一臺ECS服務器機器,專做反向代理使用。nginx的主機ip: 106.xxx.xxx.34 ,我這裏也同時解釋了個域名
hubproxy.xxx.com 我這裏用 31923 ,因爲 80被佔用了,我就省的用 80來做教程,這個無傷大雅!
關鍵就是nginx的配置。如下:
user nginx;
#指定進程數
worker_processes auto;
#錯誤日誌
error_log /wwwlogs/error.log;
pid /run/nginx.pid;
#動態加載外部配置文件【inclue 路徑 + *.conf 】
include /usr/share/nginx/modules/*.conf;
#每個進程的最大連接數
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
tcp_nodelay on;
proxy_http_version 1.1;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
#入口點
server {
listen 31923;
server_name hubproxy.xxx.com;
access_log /wwwlogs/error.log;
#這個非常關鍵我這裏設到了2個G。
client_max_body_size 2000m;
location / {
#這裏也可以用IP
proxy_pass http://hub.xxx.com:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /v1/ {
return 404;
}
location /v2/ {
proxy_pass http://hub.xxx.com:5000/v2/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /service/ {
proxy_pass http://hub.xxx.com:5000/service/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
}
}
nginx 正常啓動後。
測試通過nginx 代理後push.
1.先驗證代理是否正常訪問到網站。在瀏覽器中輸入http://hubproxy.xxx.com:31923
2.修改/etc/docker/daemon.json ,增加一個hubproxy.xxx.com:31923
{
"registry-mirrors": ["https://v5e3e45v.mirror.aliyuncs.com"],
"insecure-registries": ["4x.xx.xx.4x:5000","hub.xxx.com:5000","hubproxy.xxx.com:31923"]
}
3.修改後重啓docker
systemctl restart docker
4.重新啓動harbor
docker-compose down -v
docker-compose up -d
5.做個測試push 的鏡像
docker commit -m "test2" fshjdk hubproxy.xxx.com:31923/proxypush/jdk567:1.0
6.push操作。(注意PUSH前一定要記得做一次login到對應的私庫操作,防止出現:denied: requested access to the resource is denied)
docker push hubproxy.xxx.com:31923/proxypush/jdk567:1.0
過程中出現413 Request Entity Too Large 請求太大。
這個就是因爲原來nginx 配置中client_max_body_size 的值太小,設置大些就好了。這個多大嘛,我這不能給答案。自己參考着來。不然就設個0唄,開放限制。
查看結果;