错误parsingHTTP 404响应正文：无效字符“<”寻找价值docker的开始

我目前正在尝试configurationnexus3作为docker映像的私有registry，nginx充当反向代理。在NexusDockerProxy（docker proxy），NexusDockerHosted（docker hosted，http port：4444）和NexusDockerGroup（docker group，http port：5555）之间创build了3个repos，包括托pipe和代理。

nexus使用nginxconfiguration，我们使用自签名证书，并将其添加到nginxconfiguration文件中。

server { proxy_send_timeout 120; proxy_read_timeout 300; proxy_buffering off; tcp_nodelay on; server_tokens off; client_max_body_size 1G; listen 80; server_name server908.int.org.com; location / { rewrite ^(.*) https://server908.int.org.com$1 permanent; } } server { listen 443; server_name server908.int.org.com; keepalive_timeout 60; ssl on; ssl_certificate /etc/ssl/certs/orgnexus.crt; ssl_certificate_key /etc/ssl/certs/orgnexus.key; ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH; ssl_session_cache shared:TLSSSL:16m; ssl_session_timeout 10m; ssl_prefer_server_ciphers on; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://server908.int.org.com:8082; proxy_read_timeout 90; } } # correlates to your nexus http connector server { listen 6666; server_name server908.int.org.com; keepalive_timeout 60; ssl on; ssl_certificate /etc/ssl/certs/orgnexus.crt; ssl_certificate_key /etc/ssl/certs/orgnexus.key; ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH; ssl_session_cache shared:TLSSSL:16m; ssl_session_timeout 10m; ssl_prefer_server_ciphers on; client_max_body_size 1G; chunked_transfer_encoding on; location / { access_log /var/log/nginx/docker.log; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://server908.int.org.com:5555; proxy_read_timeout 90; } }

我们已经在“/ etc / default / docker”文件的条目下注释了。

 http_proxy=http://10.10.120.98:3128 https_proxy=http://10.10.120.98:3128

login也是成功的

 [root@server446 ~]$ docker login -u admin -p admin123 server908.int.org.com:6666 Login Succeeded

search和拉图像也工作正常。

 [dockertest@server446 ~]$ docker search server908.int.org.com:6666/mac INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED org.com server908.int.org.com:6666/crate CrateDB is a distributed SQL database hand... 79 [OK] org.com server908.int.org.com:6666/maccam912/meanjs MEANJS (not MEANIO) starting point for dev... 27 [OK] org.com server908.int.org.com:6666/macadmins/puppetmaster Simple puppetmaster based on CentOS 6 25 [OK] org.com server908.int.org.com:6666/macadmins/bsdpy Apple NetBoot replacement written in Pytho... 18 [OK] org.com server908.int.org.com:6666/macadmins/reposado Host Apple Software Updates from a Docker ... 12 [OK] org.com server908.int.org.com:6666/mackerel/mackerel-agent 11 [OK] org.com server908.int.org.com:6666/macadmins/munkiwebadmin This Docker container runs MunkiWebAdmin. ... 8 [OK] org.com server908.int.org.com:6666/macadmins/postgres Postgres that accepts remote connections b... 8 [OK] org.com server908.int.org.com:6666/macropin/strider Possibly the best `Dockerfile` for Strider-CD 8 [OK] org.com server908.int.org.com:6666/mace/openvpn-as OpenVPN Access-Server with WebUI 7 [OK] org.com server908.int.org.com:6666/frolvlad/alpine-python-machinelearning Small Docker image with Python Machine Lea... 6 [OK] org.com server908.int.org.com:6666/macadmins/munkireport-php Docker autobuild repository for https://re... 6 [OK] org.com server908.int.org.com:6666/mace/qbittorrent qBittorrent build from source 6 [OK] org.com server908.int.org.com:6666/macropin/sshd (deprecated) Use docker.io/panubo/sshd 5 [OK] org.com server908.int.org.com:6666/macadmins/macnamer 4 [OK] org.com server908.int.org.com:6666/macadmins/puppetmaster-whdcli Puppetmaster + WHDCLI for autosigning base... 4 [OK] org.com server908.int.org.com:6666/macadmins/sal An image that runs [Sal](https://github.co... 4 [OK] org.com server908.int.org.com:6666/macropin/roundcube Docker container for Roundcube webmail 4 [OK] org.com server908.int.org.com:6666/uetchy/machinelearning Dockerfile for scientists studying Machine... 4 [OK] org.com server908.int.org.com:6666/clearlinux/machine-learning Machine Learning Container 3 [OK] org.com server908.int.org.com:6666/hartator/wayback-machine-downloader Download an entire archive from the Waybac... 3 [OK] org.com server908.int.org.com:6666/macadmins/whd Docker container for SolarWinds WebHelpDesk 3 [OK] org.com server908.int.org.com:6666/macinv/gunicorn-example A simple Gunicorn example 2 [OK] org.com server908.int.org.com:6666/macropin/mailman Mailman all in one container 2 [OK] org.com server908.int.org.com:6666/spacemacs/emacs25 Spacemacs running on Emacs 25. 2 [OK]

 [dockertest@server446 ~]$ docker pull server908.int.org.com:6666/macadmins/puppetmaster Using default tag: latest Trying to pull repository server908.int.org.com:6666/macadmins/puppetmaster ... sha256:bf7a53a0ddb6cd0371cfec3fe6131347b5a3712c2cf282400c979ed254a38f67: Pulling from server908.int.org.com:6666/macadmins/puppetmaster 0d399614d56a: Pull complete 75e4c6031170: Pull complete 12a00ed15a39: Pull complete 6fb754ec65e3: Pull complete 9b6cf7664f02: Pull complete 07db30a930a5: Pull complete ccdd2cf9b303: Pull complete 820dfdfc6db7: Pull complete 78c5dec8ba5d: Pull complete Digest: sha256:bf7a53a0ddb6cd0371cfec3fe6131347b5a3712c2cf282400c979ed254a38f67 Status: Downloaded newer image for server908.int.org.com:6666/macadmins/puppetmaster:latest

但是在推送图像时，我们得到如下的404错误。

 [dockertest@server446 ~]$ docker push server908.int.org.com:6666/maven:1 The push refers to a repository [server908.int.org.com:6666/maven] 701925f78142: Layer already exists 78bb4fee972f: Layer already exists e1300844f726: Layer already exists bfee0515af91: Preparing 2afcf4c557eb: Preparing 72cfa243711c: Waiting 9bf603e17b04: Waiting 70b22baddf90: Waiting 596ecbaf3ba4: Waiting 445ed6ee6867: Waiting c59fa6cbcbd9: Waiting 8d4d1ab5ff74: Waiting error parsing HTTP 404 response body: invalid character '<' looking for beginning of value:

我真的想让这个工作，但现在坚持这最后一步。任何帮助得到docker推工作将非常有益的感谢。

它现在为我工作。下面是我的配置工作。请注意我们的配置在公司代理后面运行。

Nginx的

 server { proxy_send_timeout 120; proxy_read_timeout 300; proxy_buffering off; tcp_nodelay on; server_tokens off; client_max_body_size 1G; listen 80; server_name server908.int.org.com; location / { rewrite ^(.*) https://server908.int.org.com$1 permanent; } } server { listen 443; server_name server908.int.org.com; keepalive_timeout 60; ssl on; ssl_certificate /etc/ssl/certs/orgnexus.crt; ssl_certificate_key /etc/ssl/certs/orgnexus.key; ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH; ssl_session_cache shared:TLSSSL:16m; ssl_session_timeout 10m; ssl_prefer_server_ciphers on; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://server908.int.org.com:8082; proxy_read_timeout 90; } } # correlates to your nexus http connector server { listen 6666; server_name server908.int.org.com; keepalive_timeout 60; ssl on; ssl_certificate /etc/ssl/certs/orgnexus.crt; ssl_certificate_key /etc/ssl/certs/orgnexus.key; ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH; ssl_session_cache shared:TLSSSL:16m; ssl_session_timeout 10m; ssl_prefer_server_ciphers on; client_max_body_size 1G; chunked_transfer_encoding on; ### Block for Search,Pull,Push of Docker Images via Nexus Hosted Repo #### location / { access_log /var/log/nginx/docker.log; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; if ($request_method !~* GET) { proxy_pass http://server908.int.org.com:4444; } if ($request_method = GET) { proxy_pass http://server908.int.org.com:5555; } proxy_read_timeout 90; } }

用“/ etc / default / docker”文件评论下面的条目。

 http_proxy=http://10.10.120.98:3128 https_proxy=http://10.10.120.98:3128

重新启动Nginx。

执行登录

 [dockertest@server446 ~]$ docker login -u admin -p admin123 server908.int.org.com:6666 Login Succeeded

登录后会在“.docker”目录下创建一个文件名“config.json”

 [dockertest@server446 ~]$ cat ~/.docker/config.json { "auths": { "server908.int.org.com:6666": { "auth": "YWRtaW46YWRtaW4xMjM=" } } }

在码头集线器中搜索可用的图像。

 [dockertest@server446 ~]$ docker search server908.int.org.com:6666/ubuntu INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED org.com server908.int.org.com:6666/ubuntu Ubuntu is a Debian-based Linux operating s... 6186 [OK] org.com server908.int.org.com:6666/dorowu/ubuntu-desktop-lxde-vnc Ubuntu with openssh-server and NoVNC 117 [OK] org.com server908.int.org.com:6666/rastasheep/ubuntu-sshd Dockerized SSH service, built on top of of... 91 [OK] org.com server908.int.org.com:6666/ubuntu-upstart Upstart is an event-based replacement for ... 74 [OK] org.com server908.int.org.com:6666/consol/ubuntu-xfce-vnc Ubuntu container with "headless" VNC sessi... 57 [OK] org.com server908.int.org.com:6666/ubuntu-debootstrap debootstrap --variant=minbase --components... 30 [OK] org.com server908.int.org.com:6666/torusware/speedus-ubuntu Always updated official Ubuntu docker imag... 28 [OK] org.com server908.int.org.com:6666/ioft/armhf-ubuntu [ABR] Ubuntu Docker images for the ARMv7(a... 25 [OK] org.com server908.int.org.com:6666/nuagebec/ubuntu Simple always updated Ubuntu docker images... 22 [OK] org.com server908.int.org.com:6666/nickistre/ubuntu-lamp LAMP server on Ubuntu 20 [OK] org.com server908.int.org.com:6666/tleyden5iwx/ubuntu-cuda Ubuntu 14.04 with CUDA drivers pre-installed 20 [OK] org.com server908.int.org.com:6666/1and1internet/ubuntu-16-nginx-php-phpmyadmin-mysql-5 ubuntu-16-nginx-php-phpmyadmin-mysql-5 13 [OK] org.com server908.int.org.com:6666/n3ziniuka5/ubuntu-oracle-jdk Ubuntu with Oracle JDK. Check tags for ver... 13 [OK] org.com server908.int.org.com:6666/ioft/i386-ubuntu [ABR] 'official' Ubuntu Docker images for ... 9 [OK] org.com server908.int.org.com:6666/nickistre/ubuntu-lamp-wordpress LAMP on Ubuntu with wp-cli installed 9 [OK] org.com server908.int.org.com:6666/sameersbn/ubuntu 9 [OK] org.com server908.int.org.com:6666/solita/ubuntu-systemd Ubuntu + systemd 8 [OK] org.com server908.int.org.com:6666/nimmis/ubuntu This is a docker images different LTS vers... 7 [OK] org.com server908.int.org.com:6666/gbevan/ubuntu-foreman Ubuntu based Puppet Foreman with Ansible 6 [OK] org.com server908.int.org.com:6666/consol/omd-labs-ubuntu OMD Labs (Ubuntu) - Open Monitoring Distri... 3 [OK] org.com server908.int.org.com:6666/darksheer/ubuntu Base Ubuntu Image -- Updated hourly 3 [OK] org.com server908.int.org.com:6666/nickistre/ubuntu-lamp-xdebug LAMP on Ubuntu with xdebug installed 3 [OK] org.com server908.int.org.com:6666/1and1internet/ubuntu-16-apache ubuntu-16-apache 2 [OK] org.com server908.int.org.com:6666/1and1internet/ubuntu-16-nginx-php-5.6 ubuntu-16-nginx-php-5.6 2 [OK] org.com server908.int.org.com:6666/1and1internet/ubuntu-16-nginx-php-7.0 ubuntu-16-nginx-php-7.0 2 [OK]

通过nexus代理从Docker集线器中提取图像。

 [dockertest@server446 ~]$ docker pull server908.int.org.com:6666/ubuntu Using default tag: latest Trying to pull repository server908.int.org.com:6666/ubuntu ... sha256:a0ee7647e24c8494f1cf6b94f1a3cd127f423268293c25d924fbe18fd82db5a4: Pulling from server908.int.org.com:6666/ubuntu 75c416ea735c: Pull complete c6ff40b6d658: Pull complete a7050fc1f338: Pull complete f0ffb5cf6ba9: Pull complete be232718519c: Pull complete Digest: sha256:a0ee7647e24c8494f1cf6b94f1a3cd127f423268293c25d924fbe18fd82db5a4 Status: Downloaded newer image for server908.int.org.com:6666/ubuntu:latest

标记拉出的图像

 docker tag server908.int.org.com:6666/ubuntu:latest server908.int.org.com:6666/ubuntu:1

推送到NexusHostedRepo（端口：4444）

 [dockertest@server446 ~]$ docker push server908.int.org.com:6666/ubuntu:1 The push refers to a repository [server908.int.org.com:6666/ubuntu] 0566c118947e: Pushed 6f9cf951edf5: Pushed 182d2a55830d: Pushed 5a4c2c9a24fc: Pushed cb11ba605400: Pushed latest: digest: sha256:a0ee7647e24c8494f1cf6b94f1a3cd127f423268293c25d924fbe18fd82db5a4 size: 1357

从Nexus回购拉（这应该比从码头集线器拉）

 [dockertest@server446 ~]$ docker pull server908.int.org.com:6666/ubuntu:1 Trying to pull repository server908.int.org.com:6666/ubuntu ... sha256:a0ee7647e24c8494f1cf6b94f1a3cd127f423268293c25d924fbe18fd82db5a4: Pulling from server908.int.org.com:6666/ubuntu 75c416ea735c: Pull complete c6ff40b6d658: Pull complete a7050fc1f338: Pull complete f0ffb5cf6ba9: Pull complete be232718519c: Pull complete Digest: sha256:a0ee7647e24c8494f1cf6b94f1a3cd127f423268293c25d924fbe18fd82db5a4 Status: Downloaded newer image for server908.int.org.com:6666/ubuntu:1

确保检查泊坞窗证书

确保像上面的图片一样检查证书。

另外请确保您在Nexus SSL证书部分添加了代理服务器证书。

 keytool -J-Dhttps.proxyHost=<proxy_hostname> -J-Dhttps.proxyPort=<proxy_port> -printcert -rfc -sslserver <remote_host_name:remote_ssl_port>

替换并在管理 – >服务器下使用配置了Nexus的HTTP代理服务器。替换为具有认证问题的远程主机和端口之一。如果它是默认的443，您可以省略端口。

您应该看到至少两个由上述命令打印的条目。取出最后打印的证书内容，并将其全部复制到剪贴板。这应该是您的代理服务器的证书，添加到证书链的末尾。

复制的证书内容应以—– BEGIN CERTIFICATE —–开头，并以—– END CERTIFICATE —–结尾。

然后在Nexus UI中，转到管理 – > SSL证书，然后单击添加…，然后选择粘贴PEM。将证书内容粘贴到打开的对话框中。

点击加载证书。在下一个窗口中验证证书内容。验证列出的颁发者详细信息来自您的代理服务器证书。当您满意时，点击添加证书。

希望这可以帮助你。