Thursday, March 22, 2018

Using Nexus 3 as a Docker registry Proxy

http://books.sonatype.com/nexus-book/3.0/reference/docker.html#docker-proxy


If you are behind a firewall, you need to open :

https://registry-1.docker.io
https://index.docker.io/


As explained here https://hub.docker.com/r/sonatype/nexus3/ I run

docker run -d -p 8081:8081 -p 8082:8082 --name nexus sonatype/nexus3

You can open http://localhost:8081/ and login as admin/admin123

At this point, Docker is still not setup in Nexus:

In Nexus console, create a new Docker Proxy repo name "dockerproxy" , URL "https://registry-1.docker.io", Docker index "use docker hub". Also, "enable docker v1 api" checkbox. Choose port HTTP 8082 (it will accept logins only on port 8082, not on 8081!)

You should be able to see its (empty for now) index here http://localhost:8081/service/rest/repository/browse/dockerproxy/

To configure your docker engine to communicate to the registry:

sudo vi /etc/docker/daemon.json

Add this line:

{"insecure-registries" : [ "localhost:8081", "localhost:8082" ]}

Restart Docker Daemon:

sudo systemctl daemon-reload

sudo systemctl restart docker



WRONG:
docker login localhost:8081

Username: admin
Password:
Error response from daemon: login attempt to http://localhost:8081/v2/ failed with status: 404 Not Found


RIGHT:
docker login localhost:8082

Username: admin
Password:
Login Succeeded







Tag and push your first image:

#check your local images

docker images

#log into nexus registry

docker --debug=true login localhost:8082 -u admin -p admin123

sudo docker run localhost:8082/hello-world


You can also create a hosted Docker repository, better if you create a user pippo/pippo and give it access to the Repository,

then "docker login localhost:8082 -u pippo -p pippo" and to push something
docker tag <image>:<tag> localhost:8082/<image>:<tag> #example: docker tag service:1.2 localhost:8082/service:1.2

#push your tagged image to nexus
docker push localhost:8082/service:1.2

Troubleshooting:

Check what happens in nexus, in request.log (in /nexus-data/log) I see all HTTP requests issued by docker:

172.17.0.1 - - [21/Mar/2018:10:28:19 +0000] "GET /v2/ HTTP/1.1" 404 1783 8 "docker/18.03.0-ce-rc4 go/go1.9.4 git-commit/fbedb97 kernel/3.10.0-693.21.1.el7.x86_64 os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.0-ce-rc4 \(linux\))"




Posted by vernetto at 10:38 AM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)