nginx 配置
Docker Hub Container Registry
server {
listen 80;
listen 443 ssl;
server_name docker.example.com;
ssl_certificate /etc/nginx/ssl/docker.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/docker.example.com.key;
location / {
proxy_pass https://registry-1.docker.io;
proxy_set_header Host registry-1.docker.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
GitHub Container Registry
server {
listen 80;
listen 443 ssl;
server_name ghcr.example.com;
ssl_certificate /etc/nginx/ssl/ghcr.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/ghcr.example.com.key;
location / {
proxy_pass https://ghcr.io;
proxy_set_header Host ghcr.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
Google Container Registry
server {
listen 80;
listen 443 ssl;
server_name gcr.example.com;
ssl_certificate /etc/nginx/ssl/gcr.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/gcr.example.com.key;
location / {
proxy_pass https://gcr.io;
proxy_set_header Host gcr.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
Kubernetes Container Registry
server {
listen 80;
listen 443 ssl;
server_name k8s-gcr.example.com;
ssl_certificate /etc/nginx/ssl/k8s-gcr.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/k8s-gcr.example.com.key;
location / {
proxy_pass https://k8s.gcr.io;
proxy_set_header Host k8s.gcr.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
Quay Container Registry
server {
listen 80;
listen 443 ssl;
server_name quay.example.com;
ssl_certificate /etc/nginx/ssl/quay.example.com.pem;
ssl_certificate_key /etc/nginx/ssl/quay.example.com.key;
location / {
proxy_pass https://quay.io;
proxy_set_header Host quay.io;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
proxy_intercept_errors on;
recursive_error_pages on;
error_page 301 302 307 = @handle_redirect;
}
location @handle_redirect {
resolver 1.1.1.1;
set $saved_redirect_location '$upstream_http_location';
proxy_pass $saved_redirect_location;
}
}
使用
修改docker的daemon.json配置
vi /etc/docker/daemon.json
{
"registry-mirrors": [ "https://docker.example.com" ],
}
# 拉取nginx镜像
docker pull nginx:latest
或者使用自己域名地址拉取镜像
# Docker Hub Container Registry
docker pull docker.example.com/library/nginx:latest
# Google Container Registry
docker pull gcr.example.com/google-containers/pause:3.1