1. 首頁
  2. 問答
  3. 隱藏搬運工回購端口<p>有沒有一種方法可以隱藏用戶的端口號並實現以下功能</p> <pre><code>docker pull localhost/<my-image>:latest docker login localhost docker push localhost/<my-image>:latest </code></pre> <p>我知道我可以將存儲庫配置爲子域並擺脫端口,但需要當前不是選項的通配符證書。我可以配置nginx來隱藏端口嗎?</p>

隱藏搬運工回購端口<p>有沒有一種方法可以隱藏用戶的端口號並實現以下功能</p> <pre><code>docker pull localhost/<my-image>:latest docker login localhost docker push localhost/<my-image>:latest </code></pre> <p>我知道我可以將存儲庫配置爲子域並擺脫端口,但需要當前不是選項的通配符證書。我可以配置nginx來隱藏端口嗎?</p>

2016-08-24 46 views
0

我使用artifactory的的4.7.0版本和如下隱藏搬運工回購端口<p>有沒有一種方法可以隱藏用戶的端口號並實現以下功能</p> <pre><code>docker pull localhost/<my-image>:latest docker login localhost docker push localhost/<my-image>:latest </code></pre> <p>我知道我可以將存儲庫配置爲子域並擺脫端口,但需要當前不是選項的通配符證書。我可以配置nginx來隱藏端口嗎?</p>

user nginx; 
worker_processes 1; 

error_log /var/log/nginx/error.log warn; 
pid  /var/run/nginx.pid; 


events { 
    worker_connections 1024; 
} 


http { 
    include  /etc/nginx/mime.types; 
    default_type application/octet-stream; 

    log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 
         '$status $body_bytes_sent "$http_referer" ' 
         '"$http_user_agent" "$http_x_forwarded_for"'; 

    access_log /var/log/nginx/access.log main; 

    sendfile  on; 
    #tcp_nopush  on; 

    keepalive_timeout 65; 

    #gzip on; 

    include /etc/nginx/conf.d/*.conf; 
    ## server configuration 
## add ssl entries when https has been set in config 
ssl_certificate  /etc/ssl/certs/artcert.pem; 
ssl_certificate_key /etc/ssl/certs/artkey.pem; 
ssl_session_cache shared:SSL:1m; 
ssl_prefer_server_ciphers on; 
## server configuration 
server { 
    listen 443 ssl; 
    listen 80 ; 

    server_name localhost; 
    if ($http_x_forwarded_proto = '') { 
     set $http_x_forwarded_proto $scheme; 
    } 
    ## Application specific logs 
    ## access_log /var/log/nginx/localhost-access.log timing; 
    ## error_log /var/log/nginx/localhost-error.log; 
    rewrite ^/$ /artifactory/webapp/ redirect; 
    rewrite ^/artifactory/?(/webapp)?$ /artifactory/webapp/ redirect; 
    location /artifactory/ { 
    proxy_read_timeout 900; 
    proxy_pass_header Server; 
    proxy_cookie_path ~*^/.* /; 
    proxy_pass   http://localhost:8081/artifactory/; 
    proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory; 
    proxy_set_header X-Forwarded-Port $server_port; 
    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; 
    proxy_set_header Host    $http_host; 
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
    } 
} 

## server configuration 
server { 
    listen 6555 ssl; 


    server_name localhost; 
    if ($http_x_forwarded_proto = '') { 
     set $http_x_forwarded_proto $scheme; 
    } 
    ## Application specific logs 
    ## access_log /var/log/nginx/localhost-access.log timing; 
    ## error_log /var/log/nginx/localhost-error.log; 
    rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-virtual/$1/$2; 
    client_max_body_size 0; 
    chunked_transfer_encoding on; 
    location /artifactory/ { 
    proxy_read_timeout 900; 
    proxy_pass_header Server; 
    proxy_cookie_path ~*^/.* /; 
    proxy_pass   http://localhost:8081/artifactory/; 
    proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port/artifactory; 
    proxy_set_header X-Forwarded-Port $server_port; 
    proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; 
    proxy_set_header Host    $http_host; 
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
    } 
} 


}

我使用下面的命令來psuh和拉庫

docker pull localhost:6555/<my-image>:latest 
docker login localhost:6555 
docker push localhost:6555/<my-image>:latest
配置了虛擬搬運工庫

來源

2016-08-24 user_mda

回答

0

您已經在頂層配置中使用了端口443(這是隱式SSL端口),爲什麼不將它用於Docker和web-ui訪問?

所有你需要做的就是這一行添加:

rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-virtual/$1/$2;

到443服務器塊了。 6555配置和443配置之間的唯一區別是重寫規則,但它們實際上可以共存在同一個服務器塊上。一旦你這樣做,你甚至可以擺脫6555之一。

如果您使用端口443,則不需要使用docker命令指定端口。

來源

2016-09-08 20:20:25

相關問題

 相關問題