无法将 Docker 图像上传到 Artifactory - 连接被对等方重置
Can't upload Docker image to Artifactory - connection reset by peer
我正在尝试将 docker 图像推送到同一本地网络中的 Artifactory,但它会在一段时间后停止并显示错误消息:
root@CI:/home/iggy# docker push 10.87.65.7:5000/tibco The push refers
to a repository [10.87.65.7:5000/tibco] da6d16ef19d5: Pushing [=>
] 551.4 kB/1.519 GB write tcp 10.87.65.33:54890->10.152.254.201:8080:
write: connection reset by peer
我可以使用 "docker login 10.87.65.7:5000" 和管理员凭据登录到 Artifactory。我已将“10.87.65.7:5000”添加到不安全的注册表中。我在 nginx 中看不到任何错误日志,但是我在 Artifactory 中看到了一些错误日志:
2017-08-31 09:24:03,076 [ACCEPTED CONFIGURATION_CHANGE] for
admin/10.87.65.9. 2017-08-31 09:24:19,947 [ACCEPTED
CONFIGURATION_CHANGE] for admin/10.87.65.9. 2017-08-31 09:24:24,404
[DENIED LOGIN] for NA/10.87.65.7. 2017-08-31 09:27:06,160 [DENIED
LOGIN] for NA/10.87.65.7.
更多信息:
root@CI:/home/iggy# docker -v Docker version 1.12.6, build 78d1802
Artifactory - jfrog-artifactory-pro-5.4.6
10.87.65.7 - Artifactory 虚拟机,
10.87.65.33 - Docker 虚拟机
知道为什么会这样吗?
PS。 journalctl -u docker.service 来自 10.87.65.33:
wrz 01 10:25:54 CI dockerd[10907]:
time="2017-09-01T10:25:54.102482175+02:00" level=error msg="Handler
for GET /v1.24/containers/c9d96afbfa84/json returned error: No such
container: c9d96afbfa84" wrz 01 10:27:54 CI dockerd[10907]:
time="2017-09-01T10:27:54.827236788+02:00" level=error msg="Attempting
next endpoint for push after error: Get https://10.87.65.7:5000/v2/:
Tunnel or SSL Forbidden" wrz 01 10:28:21 CI dockerd[10907]:
time="2017-09-01T10:28:21.191783057+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55014->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]:
time="2017-09-01T10:28:21.250673504+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55016->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]:
time="2017-09-01T10:28:21.301091802+02:00" level=error msg="Upload
failed, retrying: read tcp 10.87.65.33:55022->10.152.254.201:8080:
read: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]:
time="2017-09-01T10:28:21.321781695+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55018->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]:
time="2017-09-01T10:28:51.250855040+02:00" level=error msg="Upload
failed, retrying: read tcp 10.87.65.33:55032->10.152.254.201:8080:
read: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]:
time="2017-09-01T10:28:51.314110199+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55034->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]:
time="2017-09-01T10:28:51.336208120+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55036->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]:
time="2017-09-01T10:28:51.357638907+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55038->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:28:57 CI dockerd[10907]:
time="2017-09-01T10:28:57.837608810+02:00" level=error msg="Upload
failed, retrying: received unexpected HTTP status: 502 Server Hangup"
wrz 01 10:29:26 CI dockerd[10907]:
time="2017-09-01T10:29:26.160819971+02:00" level=error msg="Upload
failed, retrying: read tcp 10.87.65.33:55048->10.152.254.201:8080:
read: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]:
time="2017-09-01T10:29:26.247001138+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55050->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]:
time="2017-09-01T10:29:26.345532227+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55056->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]:
time="2017-09-01T10:29:26.532987146+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55052->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:30:04 CI dockerd[10907]:
time="2017-09-01T10:30:04.385713563+02:00" level=error msg="Upload
failed, retrying: received unexpected HTTP status: 502 Server Hangup"
wrz 01 10:30:06 CI dockerd[10907]:
time="2017-09-01T10:30:06.191469609+02:00" level=error msg="Upload
failed, retrying: read tcp 10.87.65.33:55070->10.152.254.201:8080:
read: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]:
time="2017-09-01T10:30:06.215756304+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55072->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]:
time="2017-09-01T10:30:06.352755861+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55074->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]:
time="2017-09-01T10:30:06.599892629+02:00" level=error msg="Upload
failed, retrying: write tcp 10.87.65.33:55076->10.152.254.201:8080:
write: connection reset by peer" wrz 01 10:30:51 CI dockerd[10907]:
time="2017-09-01T10:30:51.246752156+02:00" level=error msg="Upload
failed: write tcp 10.87.65.33:55092->10.152.254.201:8080: write:
connection reset by peer" wrz 01 10:30:51 CI dockerd[10907]:
time="2017-09-01T10:30:51.246859375+02:00" level=error msg="Attempting
next endpoint for push after error: write tcp
10.87.65.33:55092->10.152.254.201:8080: write: connection reset by peer"
您是否有企业防火墙或需要使用 HTTP 代理的东西?看起来 HTTP_PROXY 可能会在此设置中的某处设置(在 Docker 侧),因为正在尝试写入 10.152.254.201:8080 而不是你的 Artifactory 地址。这看起来可能是 8080 上的 HTTP 代理 运行。鉴于您的两台机器似乎在同一子网上,我假设您不希望为它们之间的流量设置 HTTP 代理。 Artifactory 的初始身份验证也因此失败:
time="2017-09-01T10:27:54.827236788+02:00" level=error msg="Attempting next endpoint for push after error: Get https://10.87.65.7:5000/v2/: Tunnel or SSL Forbidden"
如果您搜索 Tunnel or SSL Forbidden 消息,您会发现很多人都在谈论 HTTP proxy/firewall 问题。
我正在尝试将 docker 图像推送到同一本地网络中的 Artifactory,但它会在一段时间后停止并显示错误消息:
root@CI:/home/iggy# docker push 10.87.65.7:5000/tibco The push refers to a repository [10.87.65.7:5000/tibco] da6d16ef19d5: Pushing [=>
] 551.4 kB/1.519 GB write tcp 10.87.65.33:54890->10.152.254.201:8080: write: connection reset by peer
我可以使用 "docker login 10.87.65.7:5000" 和管理员凭据登录到 Artifactory。我已将“10.87.65.7:5000”添加到不安全的注册表中。我在 nginx 中看不到任何错误日志,但是我在 Artifactory 中看到了一些错误日志:
2017-08-31 09:24:03,076 [ACCEPTED CONFIGURATION_CHANGE] for admin/10.87.65.9. 2017-08-31 09:24:19,947 [ACCEPTED CONFIGURATION_CHANGE] for admin/10.87.65.9. 2017-08-31 09:24:24,404 [DENIED LOGIN] for NA/10.87.65.7. 2017-08-31 09:27:06,160 [DENIED LOGIN] for NA/10.87.65.7.
更多信息:
root@CI:/home/iggy# docker -v Docker version 1.12.6, build 78d1802 Artifactory - jfrog-artifactory-pro-5.4.6
10.87.65.7 - Artifactory 虚拟机, 10.87.65.33 - Docker 虚拟机
知道为什么会这样吗?
PS。 journalctl -u docker.service 来自 10.87.65.33:
wrz 01 10:25:54 CI dockerd[10907]: time="2017-09-01T10:25:54.102482175+02:00" level=error msg="Handler for GET /v1.24/containers/c9d96afbfa84/json returned error: No such container: c9d96afbfa84" wrz 01 10:27:54 CI dockerd[10907]: time="2017-09-01T10:27:54.827236788+02:00" level=error msg="Attempting next endpoint for push after error: Get https://10.87.65.7:5000/v2/: Tunnel or SSL Forbidden" wrz 01 10:28:21 CI dockerd[10907]: time="2017-09-01T10:28:21.191783057+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55014->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]: time="2017-09-01T10:28:21.250673504+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55016->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]: time="2017-09-01T10:28:21.301091802+02:00" level=error msg="Upload failed, retrying: read tcp 10.87.65.33:55022->10.152.254.201:8080: read: connection reset by peer" wrz 01 10:28:21 CI dockerd[10907]: time="2017-09-01T10:28:21.321781695+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55018->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]: time="2017-09-01T10:28:51.250855040+02:00" level=error msg="Upload failed, retrying: read tcp 10.87.65.33:55032->10.152.254.201:8080: read: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]: time="2017-09-01T10:28:51.314110199+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55034->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]: time="2017-09-01T10:28:51.336208120+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55036->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:51 CI dockerd[10907]: time="2017-09-01T10:28:51.357638907+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55038->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:28:57 CI dockerd[10907]: time="2017-09-01T10:28:57.837608810+02:00" level=error msg="Upload failed, retrying: received unexpected HTTP status: 502 Server Hangup" wrz 01 10:29:26 CI dockerd[10907]: time="2017-09-01T10:29:26.160819971+02:00" level=error msg="Upload failed, retrying: read tcp 10.87.65.33:55048->10.152.254.201:8080: read: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]: time="2017-09-01T10:29:26.247001138+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55050->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]: time="2017-09-01T10:29:26.345532227+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55056->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:29:26 CI dockerd[10907]: time="2017-09-01T10:29:26.532987146+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55052->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:30:04 CI dockerd[10907]: time="2017-09-01T10:30:04.385713563+02:00" level=error msg="Upload failed, retrying: received unexpected HTTP status: 502 Server Hangup" wrz 01 10:30:06 CI dockerd[10907]: time="2017-09-01T10:30:06.191469609+02:00" level=error msg="Upload failed, retrying: read tcp 10.87.65.33:55070->10.152.254.201:8080: read: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]: time="2017-09-01T10:30:06.215756304+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55072->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]: time="2017-09-01T10:30:06.352755861+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55074->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:30:06 CI dockerd[10907]: time="2017-09-01T10:30:06.599892629+02:00" level=error msg="Upload failed, retrying: write tcp 10.87.65.33:55076->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:30:51 CI dockerd[10907]: time="2017-09-01T10:30:51.246752156+02:00" level=error msg="Upload failed: write tcp 10.87.65.33:55092->10.152.254.201:8080: write: connection reset by peer" wrz 01 10:30:51 CI dockerd[10907]: time="2017-09-01T10:30:51.246859375+02:00" level=error msg="Attempting next endpoint for push after error: write tcp 10.87.65.33:55092->10.152.254.201:8080: write: connection reset by peer"
您是否有企业防火墙或需要使用 HTTP 代理的东西?看起来 HTTP_PROXY 可能会在此设置中的某处设置(在 Docker 侧),因为正在尝试写入 10.152.254.201:8080 而不是你的 Artifactory 地址。这看起来可能是 8080 上的 HTTP 代理 运行。鉴于您的两台机器似乎在同一子网上,我假设您不希望为它们之间的流量设置 HTTP 代理。 Artifactory 的初始身份验证也因此失败:
time="2017-09-01T10:27:54.827236788+02:00" level=error msg="Attempting next endpoint for push after error: Get https://10.87.65.7:5000/v2/: Tunnel or SSL Forbidden"
如果您搜索 Tunnel or SSL Forbidden 消息,您会发现很多人都在谈论 HTTP proxy/firewall 问题。