在笔记一,二中分别试了ip, 域名访问,这篇主要讲nginx反向代理访问私有库。
在前两个笔记中,我们可以直接使用ip或hub.xx.com域名就可以进行push等操作。
现在再搞另外一台ECS服务器机器,专做反向代理使用。nginx的主机ip: 106.xxx.xxx.34 ,我这里也同时解释了个域名
hubproxy.xxx.com 我这里用 31923 ,因为 80被占用了,我就省的用 80来做教程,这个无伤大雅!
关键就是nginx的配置。如下:
user nginx;
#指定进程数
worker_processes auto;
#错误日志
error_log /wwwlogs/error.log;
pid /run/nginx.pid;
#动态加载外部配置文件【inclue 路径 + *.conf 】
include /usr/share/nginx/modules/*.conf;
#每个进程的最大连接数
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
tcp_nodelay on;
proxy_http_version 1.1;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
#入口点
server {
listen 31923;
server_name hubproxy.xxx.com;
access_log /wwwlogs/error.log;
#这个非常关键我这里设到了2个G。
client_max_body_size 2000m;
location / {
#这里也可以用IP
proxy_pass http://hub.xxx.com:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /v1/ {
return 404;
}
location /v2/ {
proxy_pass http://hub.xxx.com:5000/v2/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
location /service/ {
proxy_pass http://hub.xxx.com:5000/service/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# When setting up Harbor behind other proxy, such as an Nginx instance, remove the below line if the proxy already has similar settings.
# proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_request_buffering off;
}
}
}
nginx 正常启动后。
测试通过nginx 代理后push.
1.先验证代理是否正常访问到网站。在浏览器中输入http://hubproxy.xxx.com:31923
2.修改/etc/docker/daemon.json ,增加一个hubproxy.xxx.com:31923
{
"registry-mirrors": ["https://v5e3e45v.mirror.aliyuncs.com"],
"insecure-registries": ["4x.xx.xx.4x:5000","hub.xxx.com:5000","hubproxy.xxx.com:31923"]
}
3.修改后重启docker
systemctl restart docker
4.重新启动harbor
docker-compose down -v
docker-compose up -d
5.做个测试push 的镜像
docker commit -m "test2" fshjdk hubproxy.xxx.com:31923/proxypush/jdk567:1.0
6.push操作。(注意PUSH前一定要记得做一次login到对应的私库操作,防止出现:denied: requested access to the resource is denied)
docker push hubproxy.xxx.com:31923/proxypush/jdk567:1.0
过程中出现413 Request Entity Too Large 请求太大。
这个就是因为原来nginx 配置中client_max_body_size 的值太小,设置大些就好了。这个多大嘛,我这不能给答案。自己参考着来。不然就设个0呗,开放限制。
查看结果;