建立自用的 Docker Hub 代理
因为某些原因,最近使用默认地址从 Docker 拉取镜像的时候,会出现问题。因为有海外 vps,所以可以自建一个镜像用于 docker pull 镜像。主要使用 nginx 来做,实现很简单如下:
cat /etc/nginx/sites-available/my-docker-hub.mydomain.com.conf
server {
listen 443 ssl;
server_name my-docker-hub.mydomain.com;
access_log /var/log/nginx/my-docker-hub.mydomain.com/access.log main;
error_log /var/log/nginx/my-docker-hub.mydomain.com/error.log info;
ssl_certificate /etc/nginx/cert/mydomain.com/fullchain.cer;
ssl_certificate_key /etc/nginx/cert/mydomain.com/mydomain.key;
location /v2/ {
proxy_pass https://registry-1.docker.io;
proxy_set_header Host registry-1.docker.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_hide_header www-authenticate;
add_header www-authenticate 'Bearer realm="https://my-docker-hub.mydomain.com/token",service="registry.docker.io"' always;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location /token {
resolver 1.1.1.1 valid=600s;
proxy_pass https://auth.docker.io;
proxy_set_header Host auth.docker.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_buffering off;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
然后重新加载 nginx:
service nginx reload
再来到 docker 服务器上,编辑 /etc/docker/daemon.json 如下:
{
"registry-mirrors": [
"https://my-docker-hub.mydomain.com"
]
}
然后重启 docker 服务:
systemctl daemon-reload systemctl restart docker
再 docker pull 一下,进度条终于可以动了。
上面部分内容是从其它地方看到的,但忘记记录原始出处了,如有侵权,请联系我。谢谢。
