推送至 docker 注册表被拒绝

tag-icon tag-icon docker gitlab
推送至 docker 注册表被拒绝

首先我承认这是一个来自 gitlab 论坛的转帖:https://forum.gitlab.com/t/push-to-docker-registry-is-denied/35018。我在那里没有收到任何回复,所以我希望我在这里能幸运一点。

当我尝试登录我的 gitlab 的 docker 注册表时,它失败了。推送也是一样。我在 docker 容器中运行 gitlab。注册表绑定到端口 5005。

尝试通过 gitlab.myHostname.com:5005 登录失败。:443 和 :80 也一样。尝试通过 gitlab.myHostname.com 登录成功。但推送总是失败。

当我没有推送到端口 5005 时,每个连接都会经过一个单独的 nginx,这与在 gitlab docker 容器中运行的 nginx 不同。

这是我的 gitlab.rb:

gitlab_rails['gitlab_shell_ssh_port'] = 31422
registry_external_url 'https://gitlab.myDomain.com'
gitlab_rails['registry_enabled'] = true
gitlab_rails['registry_host'] = "https://gitlab.myDomain.com:5005"
gitlab_rails['registry_port'] = "5005"
nginx['client_max_body_size'] = '4G'
nginx['redirect_http_to_https'] = false
nginx['listen_port'] = 443
nginx['listen_https'] = true
registry_nginx['ssl_certificate'] = "/etc/gitlab/ssl/letsencrypt.pem"
registry_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/letsencrypt.key"

下面是我为 gitlab 编写的 docker-compose:

version: '3.7'
services:
  gitlab:
    networks:
      default:
        aliases: 
          - gitlab.docker
    image: 'gitlab/gitlab-ce:12.8.0-ce.0'
    restart: always
    hostname: 'gitlab.myDomain.com'
    environment:
      GITLAB_OMNIBUS_CONFIG: |
        external_url 'http://gitlab.myDomain.com'
    ports:
      - '31422:22'
      - '5005:5005'
    volumes:
      - '/etc/gitlab:/etc/gitlab'
      - '/var/log/gitlab:/var/log/gitlab'
      - '/srv/gitlab/data:/var/opt/gitlab'
      - '/etc/letsencrypt/live/gitlab.myDomain.com/fullchain.pem:/etc/gitlab/ssl/letsencrypt.pem'
      - '/etc/letsencrypt/live/gitlab.myDomain.com/privkey.pem:/etc/gitlab/ssl/letsencrypt.key'
    labels:
      - 'com.dnsdock.alias=gitlab.docker'
networks:
  default:
    external:
      name: myDomain0

最后,这是我在推送时收到的错误消息:

WARNING! Using --password via the CLI is insecure. Use --password-stdin.
Error response from daemon: Get https://gitlab.myDomain.com:5005/v2/: dial tcp 0.0.0.0:5005: (EDIT: ip changed for privacy) connect: connection refused
The push refers to repository [gitlab.myDomain.com:5005/docker/sbt]
Get https://gitlab.myDomain.com:5005/v2/: dial tcp 0.0.0.0:5005: (EDIT: ip changed for privacy) connect: connection refused

有人知道如何处理吗?

编辑:我特意更改了主机名以保护隐私。当您看到时gitlab.myDomain.com,这实际上是一个真实的域名。如果您找到 IP 0.0.0.0,那么这就是我的公共 IP。

相关内容