I would like to forward traffic using (reverse) proxy for both ingress and egress while manipulating the request and response URI's.
The scenario is this:
Ingress
Request from the internet (with request uri of "/test/") enters an ec2 instance on port 8888, it then goes into a Nginx docker container that listens on this port and proxy pass it to a second docker container while 'replacing' the request uri to be "/" on port 12345 (then inside the container forward it onto port 8787 to a web application).
Egress
The response that comes back from the second docker container to the Nginx container has to be "rebuild" again to the original uri ("/test/") and sent back as a response to the original client.
I think I got the ingress part by configuring the Nginx like this:
server {
listen 8888;
server_name 172.17.0.1;
location / {
proxy_pass "http://172.17.0.1:12345";
}
}
but it seems not quite right as I thought it should be using the Nginx itself (172.17.0.3) as the "server_name" and the web application (172.17.0.2) as the upstream, but that didnt work (502 error).
I'm attaching an image for this scenario, Thanks.
You can run both NGINX and Web App docker containers on the same network by creating a docker network and specifying the network while running the containers with the --network flag. With this setup, you wouldn't have to bind the host port (12345) while running the Web App and it would be accessible from the Nginx container on <webapp_container_name>:8787. So you can specify this in proxy pass - http://<webapp_container_name>:8787
Related
Hi i have a url called :
https://wona.logs.co.za
And i need it to redirect to the speciic docker container at port 3000
( http://156.43.123.226:3000)
However when i try link https://wona.logs.co.za to 156.43.123.226:3000 i cannot enter a port number in the redirection to specify my docker container
Multiple things that do not fit.
you try to redirect https traffic to an http endpoint. That won't wortk
you are trying to directly redirect to another port (from 443, to 3000). That won't work either.
Solution
Create a proxy container. e.g. nginx that serves port 80 / 443 and redirects traffic to your application on port 3000. I recommend that you do not directly expose your application - only via the proxy.
Once you have a proxy container that listens to the same ports you can easily use the redirect as you described.
The question lacks the current setup of docker on mentioned server. From what i understood, is you already have docker running with orchestrator and a proxy server for main domain, and now you want to put up a subdomain which forwards traffic to one specific container.
For this, you need to spin an image of your application which listens on port 3000, add an entry in proxy server to forward traffic to your new container. Handle the ssl handshaking at proxy level.
I'm running a Gitlab instance with Nginx and force HTTP to HTTPS. On the same server I' running a Docker container (Jetty) on Port 9000 which can only deal with HTTP. The setup ist
Server:80 (HTTP) -> Server:443 (HTTP) - Redirect by NGINX works
Server:443 (HTTPS) - direct NGINX call works
Server:9000 (HTTP) - Docker container works
Now I would like to add a HTTPS call for the Docker Container through NGINX, to get:
Server:9001 (HTTPS by NGINX) -> Server:9000 - NGINX should manage the HTTPS and pass the data to the HTTP Docker container
I have found this description but I'm not sure how to do it correctly. Gitlab can deal with a custom NGINX configuration, so how can I deal with a crrect configuration
I have a docker container that is listening on port 80 (and 443) running on a server and accepting request for a sub-domain https://<subdomain1>.<domain>.com
Now I need to deploy another container on the same server and accept connections for another subdomain https://<subdomain2>.<domain>.com. The problem is that the container for subdomain1 is already running on port 80. For the new one, I can choose a different port on the host.
Is it possible to put nginx 'before' the container so it can redirect the traffic to different dockers accordingly? Also, ideally I wouldn't want to commit the old docker container and run it on a new port. I can stop and restart though.
You must use a reverse proxy (serve at port 80 and 443), maybe jwilder/nginx-proxy or Traefik stand in front of other containers.
This container will serve and redirect traffic to other Container running "random" port (not 80 and 443) like the image below.
I had 2 service on a server that run on 2 different ports. One of them on port 80 and another on port 3000. I want to address them like this:
http://xxx.ttt.example : the one that run on port 3000
http://xxx.ttt.example/zzz : the one that run on port 80
what should I do?
You need to use a reverse proxy server such as nginx to achieve this. As port can be mentioned only in SRV records at DNS level, and most browser ignore this record while resolving a dns query for a http request.
The domain will point to a reverse proxy server and at proxy server you can configure where to pull response from based on the request.
Setup -
Setup nginx reverse proxy server.
point your domain xxx.ttt.example to the nginx server.
In nginx config set a rule based on request uri fetch the response from port 3000.
Is it possible to have a 2 docker containers serve on port 80 but different subdomains or hostnames?
Something like:
api.example.com goes to a node application
app.example.com goes to a Java application
Yes you can. using a proxy.
There is a project by jwilder/nginx-proxy which allows you to give your hostname via an enviroment variable which will than route your request to the appropriate container.
A good example of this implemented is given here: https://blog.florianlopes.io/host-multiple-websites-on-single-host-docker/
No. The first container you start will have exclusive access to the port, and if you try and start a second container on the same port it will fail.
Instead, use a load balancer such as Nginx or Traefik to handle the incoming traffic to port 80 and proxy it on to your two app containers based on host headers.