Nginx配置私有docker registry

来自ling
跳转至: 导航搜索

参考[1] [2]

upstream my_docker_registry  {
    #多个时必须设置ip_hash;
    server 192.168.100.48:8443; # registry.renhl.com
}

## START registry.renhl.com ##
server {
    server_name registry.renhl.com;

    listen 80;
    listen 443 ssl;

    # 使用私有registry的ssl证书
    ssl_certificate /opt/renhl_com_docker_registry/certs/registry_renhl_com.crt;
    ssl_certificate_key /opt/renhl_com_docker_registry/certs/registry_renhl_com.key;


    root        /usr/local/nginx/html;
    index       index.html;

    allow 111.206.238.12;
    allow 111.206.238.94;
    deny all;


    client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads

    # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
    chunked_transfer_encoding on;

   location / {
        proxy_pass  https://my_docker_registry;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
        proxy_buffering off;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}
## END registry.renhl.com  ##