Nginx Docker 400 Bad Request

0
votes

I am currently trying to host nexus as a private registry for docker images within my organisation . My nginx configuration are as below .

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    server {

            listen 6666;   ### Docker Hosted Repo HTTPS port
            server_name box.company.net;  ### Nexus Server
            keepalive_timeout 60;

            ssl on;
            ssl_certificate /etc/ssl/certs/nexus.crt;
            ssl_certificate_key /etc/ssl/certs/nexus.key;
            ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
            ssl_session_cache shared:TLSSSL:16m;
            ssl_session_timeout 10m;
            ssl_prefer_server_ciphers on;

            client_max_body_size 0;
            chunked_transfer_encoding on;

            location /v2/ {


                    if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
                    return 404;
                    }
                    error_log               /var/log/nginx/error.log debug;
                    access_log              /var/log/nginx/docker.log;
                    proxy_set_header        Host $http_host;
                    proxy_set_header        X-Real-IP $remote_addr;
                    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header        X-Forwarded-Proto "https";
                    proxy_pass             http://box.company.net:4444/;
                    proxy_read_timeout      900;
        }

            location / {

                    error_log               /var/log/nginx/error.log debug;
                    access_log              /var/log/nginx/docker.log;
                    proxy_set_header        Host $http_host;
                    proxy_set_header        X-Real-IP $remote_addr;
                    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header        X-Forwarded-Proto "https";
                    proxy_pass              http://box.company.net:4444/;
                    proxy_read_timeout      90;
        }
    }

Have configured an hosted docker repo within nexus(running on port 4444) with https port 6666.

Currently we are able to login to docker registry .

[test@server ~]$ docker login -u admin -p admin123 box.company.net:6666 Login Succeeded

But when we try to push tagged images to the nexus hosted docker registry it throws back 400 Bad Request error .

[test@server ~]$ docker push box.company.net:6666/alpine The push refers to a repository [box.company.net:6666/alpine] 3fb66f713c9f: Preparing error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "\n\n\n\n 400 - Nexus Repository Manager\n \n\n\n \n (new Image).src=\"https://box.company.net:6666/favicon.ico?3.2.1-01\"</script>\n \n https://box.company.net:6666/favicon-32x32.png?3.2.1-01\" sizes=\"32x32\">\n https://box.company.net:6666/safari-pinned-tab.svg?3.2.1-01\" color=\"#5bbad5\">\n https://box.company.net:6666/favicon-16x16.png?3.2.1-01\" sizes=\"16x16\">\n https://box.company.net:6666/favicon.ico?3.2.1-01\">\n https://box.company.net:6666/mstile-144x144.png?3.2.1-01\">\n \n\n https://box.company.net:6666/static/css/nexus-content.css?3.2.1-01\"/>\n\n\n\n https://box.company.net:6666\">\n \n https://box.company.net:6666/static/images/nexus.png?3.2.1-01\"/>\n \n \n \n Nexus Repository Manager\n \n \n OSS 3.2.1-01\n \n \n \n\n\n\n \n https://box.company.net:6666/static/rapture/resources/icons/x32/exclamation.png?3.2.1-01\"/>\n Error 400\n Bad Request\n \n \n \n
HTTP method POST is not supported by this URL\n \n
\n\n\n\n\n"

Am I missing some important nginx configuration? Or are my requests getting malformed.

2
nginxdockernexushttp-status-code-400bad-request
Maybe serverfault.com is a better place to ask such question.Reporter
By the way: At the end of your error message you can find " Error 400\n Bad Request\n \n \n \n HTTP method POST is not supported by this URL". Maybe this will lead you into the right direction.Reporter
But it's not specifying what url it's forming to post the imagesAlim Azad
Then have a look at my first comment.Reporter
@reporter ok..I will post my question on the suggested linkAlim Azad

2 Answers

2
votes

Its working now . Below are my nginx configuration.

server {

    proxy_send_timeout 120;
    proxy_read_timeout 300;
    proxy_buffering    off;
    tcp_nodelay        on;

    server_tokens off;
    client_max_body_size 1G;

    listen 80;
    server_name box.company.net;
    location / {
          rewrite ^(.*) https://box.company.net$1 permanent;
    }
}

server {

    listen 443;
    server_name box.company.net;
    keepalive_timeout 60;
    ssl on;
    ssl_certificate /etc/ssl/certs/nexus.crt;
    ssl_certificate_key /etc/ssl/certs/nexus.key;
    ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
    ssl_session_cache shared:TLSSSL:16m;
    ssl_session_timeout 10m;
    ssl_prefer_server_ciphers on;

    location / {

      proxy_set_header        Host $http_host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header        X-Forwarded-Proto "https";
      proxy_pass              http://box.company.net:8082;
      proxy_read_timeout      90;

    }
}

# correlates to your nexus http connector
server {

    listen 6666;
    server_name box.company.net;
    keepalive_timeout 60;
    ssl on;
    ssl_certificate /etc/ssl/certs/nexus.crt;
    ssl_certificate_key /etc/ssl/certs/nexus.key;
    ssl_ciphers HIGH:!kEDH:!ADH:!MD5:@STRENGTH;
    ssl_session_cache shared:TLSSSL:16m;
    ssl_session_timeout 10m;
    ssl_prefer_server_ciphers on;
    client_max_body_size 1G;
    chunked_transfer_encoding on;

    ### Block for Search,Pull,Push of Docker Images via Nexus Hosted Repo ####
    location / {

      access_log              /var/log/nginx/docker.log;
      proxy_set_header        Host $http_host;
      proxy_set_header        X-Real-IP $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

        if ($request_method !~* GET) {
                proxy_pass              http://box.company.net:4444;
        }
        if ($request_method = GET) {
                proxy_pass              http://box.company.net:5555;
        }
      proxy_read_timeout      90;
    }
}
0
votes

You're missing the namespace when pushing your image.

Take a look into the documentation (https://books.sonatype.com/nexus-book/3.0/reference/docker.html#_accessing_repositories):

docker <command> <nexus-hostname>:<repository-port>/<namespace>/<image>:<tag>

You could try it with

docker push server.int.org.com:6666/alpine/alpine