How to configure Artifactory and Nignx to make docker repository work?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

How to configure Artifactory and Nignx to make docker repository work?

Susan
Hi,

I reviewed all your docs and can't make docker repository work. It is very frustrating.

I am using Artifactory 4.2.0 and it was installed with a debian file on Ubuntu. I created a local repository called "dockerrepo-dev" via the UI.

I just want to use http at the moment. Artifactory is configured to use port 8081. I have the following in my nigx configuration:

server {
        listen 80;
        server_name apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net;

        #ssl on;
        #ssl_certificate /etc/ssl/certs/artprod.company.com.crt;
        #ssl_certificate_key /etc/ssl/private/artprod.company.com.key;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Original-URI $request_uri;
        proxy_pass_header apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net;  # To help debugging, list the server that actually did the reply rather than nginx
        proxy_read_timeout 900;

        client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads

        # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
        chunked_transfer_encoding on;

        location /v2 {
            # Do not allow connections from docker 1.5 and earlier
            # docker pre-1.6.0 did not properly set the user agent on ping
            if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))).*$" ) {
            return 404;
        }

        proxy_pass http://apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/artifactory/api/docker/dockerrepo-dev/v2;
        }
    }

When I do a push to the docker repo. I got the following error:
root@apt-get-wdc:/etc/nginx# docker push apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/dockerrepo-dev/ubuntu:latest
The push refers to a repository [apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/dockerrepo-dev/ubuntu] (len: 1)
unable to ping registry endpoint https://apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/v0/
v2 ping attempt failed with error: Get https://apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/v2/: tls: oversized record received with length 20527
 v1 ping attempt failed with error: Get https://apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:8081/v1/_ping: tls: oversized record received with length 20527

Reply | Threaded
Open this post in threaded view
|

Re: How to configure Artifactory and Nignx to make docker repository work?

Juanjo
You are missing a proxy_redirect directive, so it rewrites the answer given by artifactory to the correct URL that the client should communicate to:

proxy_redirect http://apt-get-mirror-01.sjc01.watson.dev.ibmcsf.net:80/v2/ https://yourdockerpublicname/v2/;