I'm running a private docker-registry v2 with the following docker-compose.yml file:
registry:
restart: always
image: registry:2
ports:
- 5000:5000
environment:
REGISTRY_HTTP_TLS_CERTIFICATE: /certs/server-cert.pem
REGISTRY_HTTP_TLS_KEY: /certs/server-key.pem
REGISTRY_AUTH: htpasswd
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
volumes:
- /data/docker-registry:/var/lib/registry
- /certs/docker-registry:/certs
- /auth/docker-registry:/auth
and I'm able to do the login locally (SSH, Jenkins,...) at http://localhost:5000.
Now I would like to expose this registry with Apache httpd. I'm running the following version of httpd on CentOS 7:
[root@dev-machine conf.d]# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Jun 27 2018 13:48:59
This is my vhosts.conf:
<VirtualHost *:443>
ServerName dev-machine.com
ServerAlias www.dev-machine.com
ErrorLog logs/dev-machine.com-error_log
CustomLog logs/dev-machine.com-access_log common
SSLEngine on
SSLCertificateFile /certs/docker-registry/server-cert.pem
SSLCertificateKeyFile /certs/docker-registry/server-key.pem
Header set Host "dev-machine.com"
Header set "Docker-Distribution-Api-Version" "registry/2.0"
RequestHeader set X-Forwarded-Proto "https"
ProxyRequests off
ProxyPreserveHost on
ProxyPass /registry http://127.0.0.1:5000/
ProxyPassReverse /registry http://127.0.0.1:5000/
<Location /registry>
Order deny,allow
Allow from all
AuthName "Registry Authentication"
AuthType basic
AuthUserFile "/auth/htpasswd"
Require valid-user
</Location>
</VirtualHost>
The problem I'm facing is that when I try to login on the registry I get the following error:
izio@1z10:~$ docker login https://dev-machine.com/registry
Username: user
Password:
Error response from daemon: login attempt to https://dev-machine/v2/ failed with status: 404 Not Found
It seems like redirecting to /v2 instead of using the assigned url in vhosts. What is missing or wrong with this configuration?
Just update your httpd.conf
like this:
ProxyPass /registry http://127.0.0.1:5000/v2
ProxyPassReverse /registry http://127.0.0.1:5000/v2
Note the "/v2"