TrueCloudLab/distribution
13
0
Fork 3
Code Issues 3 Pull requests Projects Releases 2 Packages Wiki Activity Actions

Merge pull request #338 from dmcgowan/nginx_v1_v2_deployment

Browse source 
docs: add nginx configuration for v1 and v2 registry
This commit is contained in:
Stephen Day 2015-04-10 16:35:50 -07:00
commit aa752f68a1
1 changed files with 58 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

58
docs/deploying.md
View file

@ -406,3 +406,61 @@ middleware:
**TODO(stevvooe): Need a "best practice" configuration overview. Perhaps, we can point to a documentation section. **TODO(stevvooe): Need a "best practice" configuration overview. Perhaps, we can point to a documentation section.
# Configure nginx to deploy alongside v1 registry
This sections describes how to configure nginx to proxy to both a v1 and v2
registry. Nginx will handle routing of to the correct registry based on the
URL and Docker client version.
## Example configuration
With v1 registry running at `localhost:5001` and v2 registry running at
`localhost:5002`. Add this to `/etc/nginx/conf.d/registry.conf`.
```
server {
listen 5000;
server_name localhost;
ssl on;
ssl_certificate /etc/docker/registry/certs/domain.crt;
ssl_certificate_key /etc/docker/registry/certs/domain.key;
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
location /v2/ {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
proxy_pass http://localhost:5002;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_read_timeout 900;
}
location / {
proxy_pass http://localhost:5001;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header Authorization ""; # see https://github.com/docker/docker-registry/issues/170
proxy_read_timeout 900;
}
}
```
## Running nginx without a v1 registry
When running a v2 registry behind nginx without a v1 registry, the `/v1/` endpoint should
be explicitly configured to return a 404 if only the `/v2/` route is proxied. This
is needed due to the v1 registry fallback logic within Docker 1.5 and 1.6 which will attempt
to retrieve content from the v1 endpoint if no content was retrieved from v2.
Add this location block to explicitly block v1 requests.
```
localhost /v1/ {
return 404;
}
```