Docker push to artifactory gives a 403

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Docker push to artifactory gives a 403

usermda
I am trying to push a docker image to a local docker repo on artifactory

    docker push myNginxlb:2222/ubuntu
This gets a 403- Access is forbidden error. Folloing is my reverse proxy configuration under /etc/nginx/sites-enabled/artifactory


     upstream artifactory_lb {
                        server mNginxLb.mycompany.com:8081;
                        server mNginxLb.mycompany.com backup;
                }
               
                log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name  to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';
               
                server {
                        listen 80;
                        listen 443 ssl;
                        client_max_body_size 2048M;
                        location / {
                                proxy_set_header Host $host:$server_port;
                                proxy_pass http://artifactory_lb;
                                proxy_read_timeout 90;
                        }
                        access_log /var/log/nginx/access.log upstreamlog;
                        location /basic_status {
                                stub_status on;
                                allow all;
                                }
                }
               
                # Server configuration
               
                server {
                    listen 2222 ssl;
                    ssl_certificate  /etc/nginx/ssl/my-certs/myCert.pem;
                    ssl_certificate_key /etc/nginx/ssl/my-certs/myserver.key;
                    server_name mNginxLb.mycompany.com;
                    if ($http_x_forwarded_proto = '') {
                        set $http_x_forwarded_proto  $scheme;
                    }
               
                    rewrite ^/(v1|v2)/(.*) /api/docker/my_local_repo_key/$1/$2;
                    client_max_body_size 0;
                    chunked_transfer_encoding on;
                    location / {
                    proxy_read_timeout  900;
                    proxy_pass_header   Server;
                    proxy_cookie_path ~*^/.* /;
                    proxy_pass         http://artifactory_lb;
                    proxy_set_header   X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host;
                    proxy_set_header    X-Forwarded-Port  $server_port;
                    proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
                    proxy_set_header    Host              $http_host;
                    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
                    }
                }

The access log indicate the following http requests

    "GET /v2/ HTTP/1.1" 404 465 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
     "GET /v2/ HTTP/1.1" 404 465 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
    "GET /v1/_ping HTTP/1.1" 404 469 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"
     "PUT /v1/repositories/ubuntu/ HTTP/1.1" 403 449 "-" "docker/1.9.1 go/go1.4.2 git-commit/a34a1d5 kernel/3.13.0-24-generic os/linux arch/amd64"

Also in artifactory I have configured the docker local repo to use v2 api, what am I missing?