本篇文章將從多個方面詳細闡述corsregistry.a,同時提供相應代碼示例。
一、什麼是corsregistry.a?
corsregistry.a是Docker Registry官方代理。它提供了對Docker Registry的訪問控制、路由、緩存和多棲支持。corsregistry.a使得Docker Registry在配置極其簡單的情況下變得更好的可用和高效。
二、corsregistry.a的優點
corsregistry.a的使用帶來了以下優點:
1、支持請求頻率限制和流量控制,有效的解決了Docker Registry的性能問題。
2、支持registry的緩存,可以降低registry的延遲。
3、支持多棲,可以同時支持多個registry,實現了高可用性。
三、如何使用corsregistry.a?
corsregistry.a的使用非常簡單,只需要在配置文件中加入corsregistry.a的域名和埠,同時正確地配置好證書即可。
version: '2'
services:
registry:
restart: always
image: registry:2
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.registry.redirectscheme.scheme=https"
- "traefik.http.middlewares.registry.redirectscheme.permanent=true"
- "traefik.http.middlewares.registry.headers.forceSTSHeader=true"
- "traefik.http.middlewares.registry.headers.STSSeconds=315360000"
- "traefik.http.middlewares.registry.headers.STSIncludeSubdomains=true"
- "traefik.http.middlewares.registry.headers.browserXSSFilter=true"
- "traefik.http.middlewares.registry.headers.contentTypeNosniff=true"
- "traefik.http.middlewares.registry.headers.SSLRedirect=true"
- "traefik.http.middlewares.registry.headers.SSLHost=your.domain"
- "traefik.http.middlewares.registry.headers.STSHeaderName=Strict-Transport-Security"
- "traefik.http.middlewares.registry.headers.customResponseHeaders.X-Content-Type-Options=nosniff"
- "traefik.http.services.registry.loadbalancer.server.port=5000"
- "traefik.http.routers.registry.rule=Host(`your.domain`) && PathPrefix(`/v2/`)"
- "traefik.http.routers.registry.entrypoints=websecure"
- "traefik.http.routers.registry.middlewares=registry-redirect-to-https"
volumes:
- ./data:/var/lib/registry
corsregistry:
restart: always
image: joxit/cors-registry-proxy:2.7.1
environment:
REGISTRIES__0__NAME: cors
REGISTRIES__0__LOCATION: http://registry:5000
REGISTRIES__0__CORS__ORIGINS__0: '*'
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.registry-redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.middlewares.registry-redirect-to-https.redirectscheme.permanent=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.SSLRedirect=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.SSLTemporaryRedirect=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.STSIncludeSubdomains=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.STSPreload=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.STSSeconds=315360000"
- "traefik.http.middlewares.registry-redirect-to-https.headers.forceSTSHeader=true"
- "traefik.http.middlewares.registry-redirect-to-https.headers.STSHeaderName=Strict-Transport-Security"
- "traefik.http.services.registry-secure.loadbalancer.server.port=8080"
- "traefik.http.routers.registry-secure.rule=Host(`your.domain`) && PathPrefix(`/`)"
- "traefik.http.routers.registry-secure.entrypoints=websecure"
depends_on:
- registry
ports:
- '127.0.0.1:5001:80'
networks:
- default
四、如何驗證corsregistry.a是否有效?
使用以下命令驗證是否使用了corsregistry.a:
$ curl -i https://your.domain/v2/
如果您的Docker Registry是可以允許跨域訪問的,您會得到下面的輸出:
HTTP/1.1 200 OK
Cache-Control: max-age=0
Content-Type: application/json; charset=utf-8
Docker-Distribution-Api-Version: registry/2.0
ETag: "0de2f61ecac4f2f96607a4a311ccfe53"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Date: Thu, 16 Jul 2020 11:26:38 GMT
Content-Length: 2
{}
五、總結
本篇文章對corsregistry.a進行了全面的闡述,並提供了相應代碼示例。通過corsregistry.a對Docker Registry的優化,使得Docker Registry更加可用和高效,並且可以支持多個registry,實現高可用性。
原創文章,作者:BKENE,如若轉載,請註明出處:https://www.506064.com/zh-tw/n/374745.html
微信掃一掃 
支付寶掃一掃 