I am using Jenkins and Nginx both in Docker,
From Jenkins docker documentation, it seems that jenkins need 2 ports, 50000 and 8080, Reference : https://github.com/jenkinsci/docker/blob/master/README.md
Nginx acting as reverse proxy has this configuration right now
server {
listen 80;
server_name jenkins.kryptohive.com
www.jenkins.kryptohive.com;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://jenkins.kryptohive.com$request_uri;
}
}
server {
listen 443 ssl http2;
server_name www.jenkins.kryptohive.com;
server_tokens off;
include /etc/nginx/conf.d/ssl.kryptohive;
return 301 https://jenkins.kryptohive.com$request_uri;
}
# configuration of the server
server {
listen 443 ssl http2;
server_name jenkins.kryptohive.com;
access_log /var/log/nginx/jenkins_access.log;
error_log /var/log/nginx/jenkins_error.log;
include /etc/nginx/conf.d/ssl.kryptohive;
include /etc/nginx/conf.d/gzip_conf;
server_tokens off;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the “It appears that your reverse proxy set up is broken" error.
proxy_pass http://jenkins:8080;
proxy_read_timeout 90;
proxy_redirect http://jenkins:8080 https://jenkins.kryptohive.com;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off;
add_header 'X-SSH-Endpoint' 'jenkins.kryptohive.com:50000' always;
}
}
Reference for nginx config : http://web.archive.org/web/20190723112236/https://wiki.jenkins.io/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy
and this works perfectly fine to serve Jenkins website ,but i get error
SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
Request headers:
Content-Type: application/json
User-Agent: GitLab/14.0.0-pre
X-Gitlab-Event: Push Hook
Request body:
{
"object_kind": "push",
"event_name": "push",
"before": "e7f7c62995e68446fb1c519fb7f2316eb083bb83",
"after": "9d62e92972ed32ca67c09108395ebad9a20f3e92",
"ref": "refs/heads/master",
"checkout_sha": "9d62e92972ed32ca67c09108395ebad9a20f3e92",
"message": null,
"user_id": 4642285,
"user_name": "Abstract Aesthetics",
"user_username": "4bstractanimation",
"user_email": "",
"user_avatar": "https://secure.gravatar.com/avatar/99a9286c8eaf9b7335f91c3ddbdad7fd?s=80&d=identicon",
"project_id": 26279073,
"project": {
"id": 26279073,
"name": "ucurs-default-shop",
"description": "",
"web_url": "https://gitlab.com/4bstractanimation/django-standard-shop",
"avatar_url": null,
"git_ssh_url": "git#gitlab.com:4bstractanimation/django-standard-shop.git",
"git_http_url": "https://gitlab.com/4bstractanimation/django-standard-shop.git",
"namespace": "Abstract Aesthetics",
"visibility_level": 0,
"path_with_namespace": "4bstractanimation/django-standard-shop",
"default_branch": "master",
"ci_config_path": "",
"homepage": "https://gitlab.com/4bstractanimation/django-standard-shop",
"url": "git#gitlab.com:4bstractanimation/django-standard-shop.git",
"ssh_url": "git#gitlab.com:4bstractanimation/django-standard-shop.git",
"http_url": "https://gitlab.com/4bstractanimation/django-standard-shop.git"
},
"commits": [
{
"id": "9d62e92972ed32ca67c09108395ebad9a20f3e92",
"message": "theme updated\n",
"title": "theme updated",
"timestamp": "2021-05-31T20:45:11+05:00",
"url": "https://gitlab.com/4bstractanimation/django-standard-shop/-/commit/9d62e92972ed32ca67c09108395ebad9a20f3e92",
"author": {
"name": "Abstract Aesthetics",
"email": "4bstractanimation#gmail.com"
},
"added": [
],
"modified": [
"public/index.html"
],
"removed": [
]
},
{
"id": "6eaf6296ce2a7215431ae2e641fd64159fd26be0",
"message": "theme updated\n",
"title": "theme updated",
"timestamp": "2021-05-31T20:44:57+05:00",
"url": "https://gitlab.com/4bstractanimation/django-standard-shop/-/commit/6eaf6296ce2a7215431ae2e641fd64159fd26be0",
"author": {
"name": "Abstract Aesthetics",
"email": "4bstractanimation#gmail.com"
},
"added": [
"src/components/admin-view/images/logo_feild.js"
],
"modified": [
"src/StateStore/reducer.js",
"src/components/admin-view/images/index.js",
"src/components/admin-view/information/TextView.js",
"src/components/admin-view/information/index.js",
"src/components/layout/footer/index.js",
"src/components/layout/header/index.js"
],
"removed": [
]
},
{
"id": "e7f7c62995e68446fb1c519fb7f2316eb083bb83",
"message": "theme updated\n",
"title": "theme updated",
"timestamp": "2021-05-31T19:38:49+05:00",
"url": "https://gitlab.com/4bstractanimation/django-standard-shop/-/commit/e7f7c62995e68446fb1c519fb7f2316eb083bb83",
"author": {
"name": "Abstract Aesthetics",
"email": "4bstractanimation#gmail.com"
},
"added": [
"src/components/customers-view/filter-product/price_filter.js"
],
"modified": [
"public/index.html",
"src/components/customers-view/filter-product/index.js",
"src/components/customers-view/populated-view/index.js",
"src/components/customers-view/single-product-card/index.js",
"src/components/customers-view/single-product-view/index.js"
],
"removed": [
]
}
],
"total_commits_count": 3,
"push_options": {
},
"repository": {
"name": "ucurs-default-shop",
"url": "git#gitlab.com:4bstractanimation/django-standard-shop.git",
"description": "",
"homepage": "https://gitlab.com/4bstractanimation/django-standard-shop",
"git_http_url": "https://gitlab.com/4bstractanimation/django-standard-shop.git",
"git_ssh_url": "git#gitlab.com:4bstractanimation/django-standard-shop.git",
"visibility_level": 0
}
}
when i try to connect GitLab to jenkins.
how can i configure nginx to also serv port 50000 of jenkins over ssl
My docker compose enviroment :
version: "3.4"
services:
# JENKINS
jenkins:
image: jenkins/jenkins:lts-jdk11
volumes:
- ${PWD}/Jenkins:/var/jenkins_home
# NGINX SERVER
nginx_server:
image: webdevops/php-nginx:7.3
volumes:
- ${PWD}/config/nginx/conf.d:/etc/nginx/conf.d
- ${PWD}/log/nginx:/var/log/nginx
- ${PWD}/../get-cert/data/certbot/conf:/certs
ports:
- 80:80 # app port
- 443:443
- 50000:50000
container_name: nginx_server
#####################################################
EDIT
The problem is actually with SSL in general, as i tried running
curl jenkins.kryptohive.com
and it gave the following error
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I recreated the SSL certificate, yet still the same error, although in browser it seems to validate my ssl certificate
It was probably some cache issue, as it worked when i commented some code in nginx for proxy headers.
and restarted the server
after that i un commented that code again and restarted server, it still worked.
Related
Help me please. I am trying to setup configuration with backend server in docker container and nginx container which is proxying requests to backend server.
Here is my configuration:
docker network inspect
[
{
"Name": "note",
"Id": "b58827aea0e606437a6be690f68c2f28226775da1cf060e5f3d66e8a7a5ecd2b",
"Created": "2023-01-14T21:09:25.741085061+05:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.19.0.0/16",
"Gateway": "172.19.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4afa74e27d45b9a8aba8f2f9135ee60ea1dc8900cf8eaacd7b23edb9524fbc47": {
"Name": "backend",
"EndpointID": "5d3f7920df2db22bbd4d62f1a362642660931626524d097b5c3c9f0fbcecd464",
"MacAddress": "02:42:ac:13:00:02",
"IPv4Address": "172.19.0.2/16",
"IPv6Address": ""
},
"cc60ab137301a32c6b5daee5e185eb732460616e35a85b140900d388b305366b": {
"Name": "mongo",
"EndpointID": "6e2ba2aeed86c09e10ee60c32fbc9977fce3d50ee927ecaa081be8a906be6709",
"MacAddress": "02:42:ac:13:00:03",
"IPv4Address": "172.19.0.3/16",
"IPv6Address": ""
},
"fddcabdf6d5a676d381e08edf45315697940e05a38b9ebc36728820fa778a6eb": {
"Name": "nginx",
"EndpointID": "a25f40ad8967844d26ab247e81c17e5316d1774441d544157e7742bc3dd115a9",
"MacAddress": "02:42:ac:13:00:04",
"IPv4Address": "172.19.0.4/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fddcabdf6d5a nginx "/docker-entrypoint.…" 11 minutes ago Up 11 minutes 0.0.0.0:8080->80/tcp, :::8080->80/tcp nginx
cc60ab137301 mongo:latest "docker-entrypoint.s…" 55 minutes ago Up 55 minutes 0.0.0.0:27017->27017/tcp, :::27017->27017/tcp mongo
4afa74e27d45 registry.gitlab.com/noteit/backend:master "/bin/sh -c 'npm run…" 55 minutes ago Up 55 minutes 0.0.0.0:3002->3001/tcp, :::3002->3001/tcp backend
nginx.conf
events {
worker_connections 1024;
}
http {
include mime.types;
upstream backend {
server backend:3002;
}
server {
listen 80;
location /api {
proxy_pass http://backend;
}
location /auth {
proxy_pass http://backend;
}
location / {
return 500;
}
}
}
So, request to http://localhost:8080/auth/login recives 502 response from nginx.
In nginx logs I see:
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2023/01/15 15:20:37 [error] 31#31: *2 connect() failed (111: Connection refused) while connecting to upstream, client: 172.19.0.1, server: , request: "POST /auth/login/ HTTP/1.1", upstream: "http://172.19.0.2:3002/auth/login/", host: "localhost:8080"
172.19.0.1 - - [15/Jan/2023:15:20:37 +0000] "POST /auth/login/ HTTP/1.1" 502 157 "-" "PostmanRuntime/7.29.2"
Explain me please, how can I solve it?
I tried to search the solution, but all my tries were unsucsessful.
I've created this docker compose file which build + runs without errors
version: '3.7'
volumes:
grafana:
driver: local
prometheus-data:
driver: local
services:
prometheus:
image: prom/prometheus:latest
container_name: prometheus
expose:
- 9090
volumes:
- prometheus-data:/prometheus
- ./prometheus:/etc/prometheus
restart: unless-stopped
command:
- "--config.file=/etc/prometheus/prometheus.yml"
grafana:
image: grafana/grafana-oss:latest
container_name: grafana
expose:
- 3000
volumes:
- grafana:/etc/grafana
restart: unless-stopped
nginx:
image: nginx
container_name: webserver
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- /opt/certs/:/etc/nginx/certs/
- ./nginx/gw-web/:/usr/share/nginx/html:ro
- ./nginx/nginx_proxy.conf:/etc/nginx/conf.d/default.conf
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
command: [nginx-debug, '-g', 'daemon off;']
nginx has the following reverse-proxy configuration:
server {
listen 80;
listen [::]:80;
server_name 10.23.225.72;
location /prometheus {
proxy_pass http://prometheus:9090;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
proxy_read_timeout 3000;
}
location /grafana {
proxy_pass http://grafana:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
proxy_read_timeout 3000;
}
location / {
root /usr/share/nginx/html;
}
}
The root page is accessible and works as expected but when I try to go to any of the containers I just get a '404: not found' error.
What I've also tried:
location /prometheus {
proxy_pass http://prometheus:9090/;
and
location /prometheus/ {
proxy_pass http://prometheus:9090/;
and
location /prometheus/ {
proxy_pass http://prometheus:9090;
I've also tried running nginx as a service on the host machine, no success there either and anyway my project requires me to containerize this.
For shits and giggles, I tried adding another nginx container to the docker compose file:
nginx2:
image: nginx
container_name: webserver2
restart: unless-stopped
expose:
- 8080
and nginx config:
location /webserver {
proxy_pass http://webserver2:8080/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
proxy_read_timeout 3000;
}
But that also returns 404.
Is there something going on with the docker networking maybe?
I check the network configuration json by inspecting it from vscode
{
"Name": "frp-6_default",
"Id": "940872d1cf151f8d1bb060edbf95c1bcfe29a544c7ea9561091b79a6c5588510",
"Created": "2023-01-25T11:52:01.520893117Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4a2c2b6ca8aec52f801ad554c6b2c14abbe616078393f1e8ef40bd82ad12aa2a": {
"Name": "webserver2",
"EndpointID": "86228e6678d82a9d6735b5440618be7fc281127e6d610d281d9ffc5bcb4f256f",
"MacAddress": "02:42:ac:12:00:05",
"IPv4Address": "172.18.0.5/16",
"IPv6Address": ""
},
"9e13cbc4805fedf4db05b5de989f726bc110b97596b99b933a93e701641294a9": {
"Name": "webserver",
"EndpointID": "1bbcfe058373b225e5f53e8ff4d907d39bed578d9ac14d514ccf8da2d3c9628a",
"MacAddress": "02:42:ac:12:00:04",
"IPv4Address": "172.18.0.4/16",
"IPv6Address": ""
},
"b846cc374fa09e90589c982613224f31135660a17a5f4585b24d876ea2abd53c": {
"Name": "grafana",
"EndpointID": "3c0dac6d612a48dc067a5c208334af4f90c8c1d9122e263ca464186c1cf19f35",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
},
"dbe81d7b88413f78a06ce94f86781242299a3f6eee0f96f607ebaf8fb0b17be6": {
"Name": "prometheus",
"EndpointID": "4792bbd19cc7b782ec522d148eef7dcb5e31b5e38d99e886ff728a3f519b4973",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {
"com.docker.compose.network": "default",
"com.docker.compose.project": "frp-6",
"com.docker.compose.version": "2.15.1"
}
}
The following stand out to me:
"Internal": false,
"Attachable": false,
Can those be the culprits? If so, how do I change them?
For the record, I also tried putting the IP addresses for the containers in the nginx config like so
location /prometheus {
proxy_pass http://172.18.0.2:9090/;
still unsuccessful...
The problem here is in your prometheus configuration. Because you have:
location /prometheus {
proxy_pass http://prometheus:9090;
...
}
When you access http://yourhost/prometheus/, that request gets proxied to http://prometheus:9090/prometheus/, and by default prometheus doesn't know what to do with that /prometheus path.
You need to tell it that it's being served from a non-root path using the --web.external-url command line option. That might look something like:
services:
prometheus:
image: prom/prometheus:latest
volumes:
- ./prometheus:/etc/prometheus
- prometheus-data:/prometheus
restart: unless-stopped
command:
- --config.file=/etc/prometheus/prometheus.yml
- --storage.tsdb.path=/prometheus
- --web.console.libraries=/usr/share/prometheus/console_libraries
- --web.console.templates=/usr/share/prometheus/consoles
- --web.external-url=http://localhost:8080/prometheus/
(I've preserved all the command line options that are used by default in the prometheus image; the only thing new thing here is the --web.external-url option.)
Before making this change:
$ curl -i http://localhost:8080/prometheus
HTTP/1.1 404 Not Found
Server: nginx/1.23.3
Date: Wed, 25 Jan 2023 13:17:42 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19
Connection: keep-alive
X-Content-Type-Options: nosniff
404 page not found
After making this change:
$ curl -i http://localhost:8080/prometheus
HTTP/1.1 302 Found
Server: nginx/1.23.3
Date: Wed, 25 Jan 2023 13:18:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 40
Connection: keep-alive
Location: /prometheus/graph
Found.
I'm trying to build a container image that I will later use to update the code inside of a virtual machine. The docker image works fine as I can build and run it inside of my terminal. However, I keep getting an error when I try to deploy it to cloud run: "Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable." How can I fix this error?
The build log contains this:
Deploying container to Cloud Run service [SERVICE] in project [PROJECT_ID] region [REGION]
Deploying...
Creating Revision.......................................................................................................................................................................failed
Deployment failed
ERROR: (gcloud.run.deploy) Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.
The revision log contains this:
{
"protoPayload": {
"#type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {
"code": 9,
"message": "Ready condition status changed to False for Revision {REVISION_NAME} with message: Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.\n\nLogs URL:{URL_LINK}"
},
"serviceName": "run.googleapis.com",
"resourceName": "{REVISION_NAME}",
"response": {
"metadata": {
"name": "{REVISION_NAME}",
"namespace": "{NAMESPACE}",
"selfLink": "{SELFLINK}",
"uid": "{UID}",
"resourceVersion": "{RESOURCEVER}",
"generation": 1,
"creationTimestamp": "{TIMESTAMP}",
"labels": {
"serving.knative.dev/route": "{SERVICE}",
"serving.knative.dev/configuration": "{SERVICE}",
"serving.knative.dev/configurationGeneration": "15",
"serving.knative.dev/service": "{SERVICE}",
"serving.knative.dev/serviceUid": "{SERVICE_UID}",
"cloud.googleapis.com/location": "{REGION}"
},
"annotations": {
"run.googleapis.com/client-name": "gcloud",
"serving.knative.dev/creator": "{NAMESPACE}#cloudbuild.gserviceaccount.com",
"client.knative.dev/user-image": "gcr.io/{PROJECT_ID}/{IMAGE}",
"run.googleapis.com/client-version": "357.0.0",
"autoscaling.knative.dev/maxScale": "100"
},
"ownerReferences": [
{
"kind": "Configuration",
"name": "{SERVICE}",
"uid": "{UID}",
"apiVersion": "serving.knative.dev/v1",
"controller": true,
"blockOwnerDeletion": true
}
]
},
"apiVersion": "serving.knative.dev/v1",
"kind": "Revision",
"spec": {
"containerConcurrency": 80,
"timeoutSeconds": 300,
"serviceAccountName": "{NAMESPACE}-compute#developer.gserviceaccount.com",
"containers": [
{
"image": "gcr.io/{PROJECT_ID}/{IMAGE}",
"ports": [
{
"name": "h2c",
"containerPort": 8080
}
],
"resources": {
"limits": {
"cpu": "1000m",
"memory": "512Mi"
}
}
}
]
},
"status": {
"observedGeneration": 1,
"conditions": [
{
"type": "Ready",
"status": "False",
"reason": "HealthCheckContainerError",
"message": "Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.\n\nLogs URL:{LOG_LINK}",
"lastTransitionTime": "{TIME}"
},
{
"type": "Active",
"status": "Unknown",
"reason": "Reserve",
"lastTransitionTime": "{TIME}",
"severity": "Info"
},
{
"type": "ContainerHealthy",
"status": "False",
"reason": "HealthCheckContainerError",
"message": "Cloud Run error: Container failed to start. Failed to start and then listen on the port defined by the PORT environment variable. Logs for this revision might contain more information.\n\nLogs URL:{LOG_LINK}",
"lastTransitionTime": "{TIME}"
},
{
"type": "ResourcesAvailable",
"status": "True",
"lastTransitionTime": "{TIME}"
},
{
"type": "Retry",
"status": "True",
"reason": "ImmediateRetry",
"message": "System will retry after 0:00:00 from lastTransitionTime for attempt 0.",
"lastTransitionTime": "{TIME}",
"severity": "Info"
}
],
"logUrl": "{LOG_LINK}",
"imageDigest": "gcr.io/{PROJECT_ID}/{IMAGE_SHA}"
},
"#type": "type.googleapis.com/google.cloud.run.v1.Revision"
}
},
"insertId": "{ID}",
"resource": {
"type": "cloud_run_revision",
"labels": {
"location": "{REGION}",
"configuration_name": "{SERVICE}",
"service_name": "{SERVICE}",
"project_id": "{PROJECT_ID}",
"revision_name": "{REVISION_NAME}"
}
},
"timestamp": "{TIME}",
"severity": "ERROR",
"logName": "projects/{PROJECT_ID}/logs/cloudaudit.googleapis.com%2Fsystem_event",
"receiveTimestamp": "{TIME}"
}
This is my cloudbuild.yaml:
steps:
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/PROJECT_ID/IMAGE', '.']
- name: 'gcr.io/cloud-builders/docker'
args: ['push', 'gcr.io/PROJECT_ID/IMAGE']
- name: 'gcr.io/google.com/cloudsdktool/cloud-sdk'
entrypoint: gcloud
args: ['run', 'deploy', 'SERVICE-NAME', '--image', 'gcr.io/PROJECT_ID/IMAGE', '--region', 'REGION', '--port', '8080']
images:
- gcr.io/PROJECT_ID/IMAGE
This is my Dockerfile:
FROM python:3.9.7-slim-buster
WORKDIR /app
COPY . .
CMD [ "python3", "hello.py" ]
This is the code in hello.py:
print("Hello World")
When Cloud Run starts your container, a health check is sent to the container. Your container is not responding to the health check. Therefore, Cloud Run determines that your service is failing.
Cloud Run requires that a container provide service/process/program that listens for and responds to HTTP requests.
Your hello.py file only prints a message to stdout. Your program does not start a process to listen for requests.
A very simple example that converts your example into a working program:
import os
from flask import Flask
app = Flask(__name__)
#app.route('/')
def home():
return "Hello world"
if __name__ == '__main__':
app.run(debug=True, host='0.0.0.0', port=int(os.environ.get('PORT', 8080)))
Note: You will need to add a file requirements.txt to your build to include Flask. Create requirements.txt in the same location as Dockerfile.
requirements.txt:
Flask==2.0.1
I use nginx inside a docker container and I'm unable to connect to it properly.
The error inside the browser is:
The connection was reset
if I try to curl inside the container I get:
/usr/share/nginx/html # curl localhost
curl: (7) Failed to connect to localhost port 80: Connection refused
My Dockerfile:
FROM nginx:alpine
COPY ./default.conf /etc/nginx/conf.d/default.conf
RUN chmod -R a+w /var/cache/nginx/ \
&& touch /var/run/nginx.pid \
&& chmod a+w /var/run/nginx.pid
WORKDIR /usr/share/nginx/html
COPY . .
EXPOSE 80
My command:
docker run -d -p 80:80 <mycontainer>
My default.conf:
server {
listen [::]:80;
sendfile on;
default_type application/octet-stream;
gzip on;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.";
gzip_min_length 256;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_comp_level 9;
root /usr/share/nginx/html;
location / {
try_files $uri$args $uri$args/ /pointeuse/index.html;
}
}
This is my container inspect:
[
{
"Id": "sha256:b431c5a40e599a69a31f482d52ba3a971953bece09d7de1a83d3ff78bd08e79b",
"RepoTags": [
"test:latest"
],
"RepoDigests": [],
"Parent": "sha256:52a9dfb246091e9a6fedc6e7bdc7c701dd39638bd3889ae098bb97d519889c2f",
"Comment": "",
"Created": "2020-05-23T12:27:30.123757764Z",
"Container": "70cfa14de670aaf2c599385b1afbf5d5f4a155ce2e655031b1adcaa3654e5442",
"ContainerConfig": {
"Hostname": "70cfa14de670",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.10",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1"
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"EXPOSE 80"
],
"ArgsEscaped": true,
"Image": "sha256:52a9dfb246091e9a6fedc6e7bdc7c701dd39638bd3889ae098bb97d519889c2f",
"Volumes": null,
"WorkingDir": "/usr/share/nginx/html",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint#nginx.com>"
},
"StopSignal": "SIGTERM"
},
"DockerVersion": "19.03.9",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"80/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NGINX_VERSION=1.17.10",
"NJS_VERSION=0.3.9",
"PKG_RELEASE=1"
],
"Cmd": [
"nginx",
"-g",
"daemon off;"
],
"ArgsEscaped": true,
"Image": "sha256:52a9dfb246091e9a6fedc6e7bdc7c701dd39638bd3889ae098bb97d519889c2f",
"Volumes": null,
"WorkingDir": "/usr/share/nginx/html",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"maintainer": "NGINX Docker Maintainers <docker-maint#nginx.com>"
},
"StopSignal": "SIGTERM"
},
"Architecture": "amd64",
"Os": "linux",
"Size": 31180356,
"VirtualSize": 31180356,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/462dd80fe58a733771808738b12b51fc08995c7a7f7b58c240404067e742fb13/diff:/var/lib/docker/overlay2/d91f7871375c57d25380a3f72afbe453cc3044ae6648037d7810c771ff34b873/diff:/var/lib/docker/overlay2/1b7177dbb104d4ad8da12fe2c0bf11e62d7c5a4e731572bf2677c3c0e576087f/diff:/var/lib/docker/overlay2/7f555e278efd118a189669ebf977d14e3ee0a9b1ac2440191bbcf77ceb693378/diff",
"MergedDir": "/var/lib/docker/overlay2/72bac5710e111f45c9ef6cd0cddfae079c91bb007d9fa3fe79eda283f2bbf318/merged",
"UpperDir": "/var/lib/docker/overlay2/72bac5710e111f45c9ef6cd0cddfae079c91bb007d9fa3fe79eda283f2bbf318/diff",
"WorkDir": "/var/lib/docker/overlay2/72bac5710e111f45c9ef6cd0cddfae079c91bb007d9fa3fe79eda283f2bbf318/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:3e207b409db364b595ba862cdc12be96dcdad8e36c59a03b7b3b61c946a5741a",
"sha256:3810cc0c140fd3afda75475ae08152cd1a6643962a18cc51a2de1c061f01ed7b",
"sha256:9bb57ece8be2135a6f230901f9a66353f9d0f9134b36f85570b93bd812c9938b",
"sha256:b3fc9f22b63668bb906ccefb28113ec4b7aab6cbdd569c3cbccfbcd9f49a6ca1",
"sha256:9f2edf038c0c3a17430487323ef682150a2c7a4aade35f30b42b76f84b88ebdc"
]
},
"Metadata": {
"LastTagTime": "2020-05-23T14:27:30.168712086+02:00"
}
}
]
You are unable to reach your nginx container because you try to connect to it with ipv4 and in your configuration file you use an ipv6 syntax.
Change to listen 80.
Your dockerfile doesn't start the nginx service. You need to run nginx -g daemon off; Use this Dockerfile instead:
FROM nginx:alpine
COPY ./default.conf /etc/nginx/conf.d/default.conf
RUN chmod -R a+w /var/cache/nginx/ \
&& touch /var/run/nginx.pid \
&& chmod a+w /var/run/nginx.pid
WORKDIR /usr/share/nginx/html
COPY . .
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
What I am working on:
nginx- openresty with mecached and docker-compose.
from nginx I am able to connect memcached container by specifying resolver = 127.0.0.11, in docker compose it working file.
But when I am deploying it on AWS multi container beanstalk I am getting time out error
failed to connect: memcache could not be resolved (110: Operation timed out)
but from nginx container I am able to ping memcahed.
NGINX.conf
location /health-check {
resolver 127.0.0.11 ipv6=off;
access_by_lua_block {
local memcached = require "resty.memcached"
local memc, err = memcached:new()
if not memc then
ngx.say("failed to instantiate memc: ", err)
return
end
memc: set_timeout(1000) -- 1 sec
local ok, err = memc:connect("memcache", 11211)
if not ok then
ngx.say("failed to connect: ", err)
return
end
DOCKER-COMPOSE.YML
version: "3"
services:
memcache:
image: memcached:alpine
container_name: memcached
ports:
- "11211:11211"
expose:
- "11211"
networks:
- default
nginx:
image: openresty/openresty:alpine
container_name: nginx
volumes:
# Nginx files
- ./nginx/:/etc/nginx/:ro
# Web files
- ./web/:/var/www/web/:ro
entrypoint: openresty -c /etc/nginx/nginx.conf
ports:
- "8080:8080"
networks:
- default
DOCKERRUN.AWS.JSON
{
"AWSEBDockerrunVersion": 2,
"volumes": [
{
"name": "current-nginx",
"host": {
"sourcePath": "/var/app/current/nginx"
}
},
{
"name": "web",
"host": {
"sourcePath": "/var/www/web/"
}
}
],
"containerDefinitions": [
{
"name": "memcache",
"image": "memcached:alpine",
"essential": true,
"memory": 1000,
"portMappings": [
{
"hostPort": 11211,
"containerPort": 11211
}
]
},
{
"name": "nginx",
"image": "openresty/openresty:alpine",
"essential": true,
"memory": 1000,
"entryPoint": [
"openresty",
"-c",
"/etc/nginx/nginx.conf"
],
"links": [
"memcache"
],
"portMappings": [
{
"hostPort": 8080,
"containerPort": 8080
},
{
"hostPort": 80,
"containerPort": 8080
}
],
"mountPoints": [
{
"sourceVolume": "web",
"containerPath": "/var/www/web/",
"readOnly": false
},
{
"sourceVolume": "current-nginx",
"containerPath": "/etc/nginx",
"readOnly": false
}
]
}
]
}
You have a typo:
memc:connect("memcache", 11211)
should be
memc:connect("memcached", 11211)
(you are missing a "d").