在Artifactory的docker repos的Nginxconfiguration

我有以下的configuration让nginx在artifactory中设置docker repos 

upstream artifactory_lb { server backup_artifactory_server:8081 backup; server main_artifactory_server:8081; } log_format upstreamlog '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time'; ssl_certificate /etc/nginx/ssl/myCert.pem ssl_certificate_key /etc/nginx/ssl/myKey ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; ssl_session_cache shared:SSL:10m; server { listen 80; listen 443 ssl; client_max_body_size 2048M; location / { proxy_set_header Host $host; proxy_pass http://artifactory_lb; proxy_read_timeout 90; } access_log /var/log/nginx/access.log upstreamlog; location /basic_status { stub_status on; allow all; } } # Server configuration server { listen 2222 ssl; server_name this_proxy.com; if ($http_x_forwarded_proto = '') { set $http_x_forwarded_proto $scheme; } rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images/$1/$2; client_max_body_size 0; chunked_transfer_encoding on; location / { allow all; proxy_read_timeout 900; proxy_pass_header Server; proxy_cookie_path ~*^/.* /; proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_pass http://artifactory_lb; proxy_pass http://backup_artifactory_server:8081/artifactory/; } }

这工作正常,但通过设置'proxy_pass'指令指向loadbalancer实例引入单点故障。 为什么需要路由到'/ artifactory'?

什么是解决这个问题的最好方法? 创build一组新的上游服务器似乎是多余的

我通过更改以下来解决这个问题 

  rewrite ^/(v1|v2)/(.*) /api/docker/inhouse_images/$1/$2;

到以下 

  rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/inhouse_images/$1/$2;

并将proxy_pass指令指向上游服务器

Interesting Posts

IIS反向代理到虚拟专用IP

Apacheconfigurationredirect到不同的主机和端口的stream量

Docker Bitbucket。 git克隆从回购。 权限被拒绝(公钥)

反向代理golang docker容器

拒绝连接:Docker容器中的Nginx HTTPS反向代理

Gitlabdockerregistry拉失败EOF

traefik反向代理与docker后端 – 在traefik的configuration文件configuration前端规则,而不是通过容器标签

如何禁用对docker群中的覆盖networking的外部访问

Nginx作为HTTPS反向代理的多个子域名?

客户端无法通过nginx反向代理连接(https)到WebSocket服务器