Nginx Docker 400 错误请求

Nginx Docker 400 错误请求

我目前正在尝试将 nexus 托管为组织内 docker 镜像的私有注册表。我的 nginx 配置如下。

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    server {

            listen 6666;   ### Docker Hosted Repo HTTPS port
            server_name server408.int.org.com;  ### Nexus Server
            keepalive_timeout 60;

            ssl on;
            ssl_certificate /etc/ssl/certs/clsanexus.crt;
            ssl_certificate_key /etc/ssl/certs/clsanexus.key;
            ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
            ssl_session_cache shared:TLSSSL:16m;
            ssl_session_timeout 10m;
            ssl_prefer_server_ciphers on;

            client_max_body_size 0;
            chunked_transfer_encoding on;

            location /v2/ {


                    if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
                    return 404;
                    }
                    error_log               /var/log/nginx/error.log debug;
                    access_log              /var/log/nginx/docker.log;
                    proxy_set_header        Host $http_host;
                    proxy_set_header        X-Real-IP $remote_addr;
                    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header        X-Forwarded-Proto "https";
                    proxy_pass             http://server408.int.org.com:4444/;
                    proxy_read_timeout      900;
        }

            location / {

                    error_log               /var/log/nginx/error.log debug;
                    access_log              /var/log/nginx/docker.log;
                    proxy_set_header        Host $http_host;
                    proxy_set_header        X-Real-IP $remote_addr;
                    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header        X-Forwarded-Proto "https";
                    proxy_pass              http://server408.int.org.com:4444/;
                    proxy_read_timeout      90;
        }
    }

已在 nexus 中配置了托管的 docker repo(运行在端口 4444 上),并使用 https 端口 6666。

目前我们可以登录到docker registry。

[dockertest@vserver446 ~]$ docker login -u admin -p admin123 server408.int.org.com:6666 登录成功

但是,当我们尝试将标记的图像推送到 nexus 托管的 docker 注册表时,它会抛出 400 Bad Request 错误。

[dockertest@server446 ~]$ docker push server408.int.org.com:6666/alpine
The push refers to a repository [server408.int.org.com:6666/alpine]
3fb66f713c9f: Preparing
error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "\n<!DOCTYPE html>\n<html>\n<head>\n  <title>400 - Nexus Repository Manager</title>\n  <meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"/>\n\n\n  <!--[if lt IE 9]>\n  <script>(new Image).src=\"https://server408.int.org.com:6666/favicon.ico?3.2.1-01\"</script>\n  <![endif]-->\n  <link rel=\"icon\" type=\"image/png\" href=\"https://vklnld908.int.clsa.com:6666/favicon-32x32.png?3.2.1-01\" sizes=\"32x32\">\n  <link rel=\"mask-icon\" href=\"https://server408.int.org.com:6666/safari-pinned-tab.svg?3.2.1-01\" color=\"#5bbad5\">\n  <link rel=\"icon\" type=\"image/png\" href=\"https://server408.int.org.com:6666/favicon-16x16.png?3.2.1-01\" sizes=\"16x16\">\n  <link rel=\"shortcut icon\" href=\"https://server408.int.org.com:6666/favicon.ico?3.2.1-01\">\n  <meta name=\"msapplication-TileImage\" content=\"https://server408.int.org.com:6666/mstile-144x144.png?3.2.1-01\">\n  <meta name=\"msapplication-TileColor\" content=\"#00a300\">\n\n  <link rel=\"stylesheet\" type=\"text/css\" href=\"https://vklnld908.int.clsa.com:6666/static/css/nexus-content.css?3.2.1-01\"/>\n</head>\n<body>\n<div class=\"nexus-header\">\n  <a href=\"https://server408.int.org.com:6666\">\n    <div class=\"product-logo\">\n      <img src=\"https://server408.int.org.com:6666/static/images/nexus.png?3.2.1-01\"/>\n    </div>\n    <div class=\"product-id\">\n      <div class=\"product-id__line-1\">\n        <span class=\"product-name\">Nexus Repository Manager</span>\n      </div>\n      <div class=\"product-id__line-2\">\n        <span class=\"product-spec\">OSS 3.2.1-01</span>\n      </div>\n    </div>\n  </a>\n</div>\n\n<div class=\"nexus-body\">\n  <div class=\"content-header\">\n    <img src=\"https://server408.int.org.com:6666/static/rapture/resources/icons/x32/exclamation.png?3.2.1-01\"/>\n    <span class=\"title\">Error 400</span>\n    <span class=\"description\">Bad Request</span>\n  </div>\n  <div class=\"content-body\">\n    <div class=\"content-section\">\n      HTTP method POST is not supported by this URL\n    </div>\n      </div>\n</div>\n</body>\n</html>\n\n"

我是否缺少一些重要的 nginx 配置?或者我的请求格式是否不正确。

答案1

您必须修改 NGNIX 配置以分离 GET 和其他 HTTP 调用。GET 命令针对“组”运行,而所有其他 HTTP 调用(例如 Post)针对“存储库”运行。

 if ($request_method !~* GET) {
    proxy_pass http[s]://<nexus-host>:<port-for-repo>;
 }
 if ($request_method = GET) {
    proxy_pass http[s]://<nexus-host>:<port-for-group-or-proxy>;
 }

查看Nexus 参考

相关内容