This is my docker-compose file.
version: "3.7"
services:
foo01:
shm_size: "1000000000"
build:
context: ./foo
tty: true
volumes:
- "./foo/src:/tmp/"
foo02:
shm_size: "1000000000"
build:
context: ./foo
tty: true
volumes:
- "./foo/src:/tmp/"
nginx:
build: ./nginx
tty: true
links:
- foo01
- foo02
ports:
- "80:80"
And this is my nginx conf file if it's needed.
events { worker_connections 1024; }
http {
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 64;
upstream TestApp {
# References to our app containers, via docker compose
server foo01:5000;
server foo02:5000;
}
server {
listen 80;
server_name domain.com;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
# proxy_redirect off;
proxy_buffers 8 24k;
proxy_buffer_size 4k;
proxy_pass http://TestApp;
proxy_set_header Host $host;
}
}
}
My question is, once I build and run docker-compose, how do I check if foo01:5000 is reachable from my nginx docker container? Is it possible to communicate from the bash shell of a docker?
You could open the bash of a docker container as fallow
docker exec -it <CONTAINER_ID> bash
And execute a curl command to other container, if you have curl in your container, otherwise you have to install it
curl foo01:5000
But I think the problem is in the docker-compose.yml file, you didn't specified the port 5000 for foo01 and expose it.
Related
I have a docker image running a metabase website instance, which I access like: <my-ip>:3000, this image is launched with:
docker run -d -p 3000:3000 \
-v /root/metabase_data:/metabase_data \
-e "MB_DB_FILE=/metabase_data/metabase.db" \
--name metabase metabase/metabase
This access is not secure and I'd like to use it via https, I tried using nginx to add a reverse proxy but I could not find a way to turn this port (or any other for that matter) into https.
Is there a better way to do that?
You can do it with nginx
Wrap your command to docker-compose:
version: '3.7'
services:
nginx:
image: nginx:latest
container_name: nginx
volumes:
- ./nginx:/etc/nginx:ro
ports:
- 80:80
- 443:443
- 3000:3000
restart: always
metabase:
image: metabase/matabase:latest
container_name: metabase
environment:
- MB_DB_FILE=/metabase_data/metabase.db
volumes:
- /root/metabase_data:/metabase_data
restart: always
Create SSL certs for nginx
Write conf for nginx
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream metabase {
server metabase:3000;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
server {
listen 3000 ssl;
ssl_certificate /etc/nginx/ssl/ca.crt;
ssl_certificate_key /etc/nginx/ssl/ca.key;
location / {
proxy_pass http://metabase;
proxy_redirect off;
}
}
}
Execute docker-compose up -d
My docker compose looks like this:
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
image: nginx:stable-alpine
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
#...
Where mediawiki is a docker container that runs on port 80 in docker and does not appear to have a way to change the port number.
I'm trying to expose mediwiki through ngninx and the nginx config looks like this:
events {
}
http {
server {
listen 80;
location / {
client_max_body_size 2M;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
proxy_pass http://mediawiki:80;
}
}
}
Since both nginx and mediawiki is running at port 80, I can't set portmap mediwiki 80:80.
I've tried mapping it to another port under mediawiki such as 7001:80 and in nginx config replace http://mediawiki:80 with http://mediawiki:7001 but this produces bad gateway error when loading the site url at port 80.
How might I fix this?
Let's have a look at reverse proxy in which case I use.
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
build: .
image: A_NEW_NAME:VERSION_TAG
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./wiki.conf:/etc/sites-available/wiki.conf
ports:
- 80:80
This should be your wiki.conf contents:
server {
listen 80;
server_name THE_DOMAIN_NAME_OF_YOUR_MEDIAWIKI;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://mediawiki:80;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
And add a Dockerfile in the directory where your docker-compose file is:
FROM nginx:stable-alpine
COPY wiki.conf /etc/sites-available/
RUN cd /etc/sites-enabled/ && ln -s /etc/sites-available/wiki.conf
And keep your nginx.conf as default values, or change some values on your own but do not add any directives to serve wiki.
You can replace THE_DOMAIN_NAME_OF_YOUR_MEDIAWIKI wit the actual domain name. Like if you have media.com and your wiki wants to be accessible at wiki.media.com.
Now you can run docker-compose up -d --build and see the result.
Change the service port for media wiki to 8080, like
8080:80
and
Change the nginx port to 7001 inside the local nginx.conf and
proxy_pass http://mediawiki:8080;
./nginx.conf:/etc/nginx/nginx.conf
So, nginx will run on port 7001 and mediawiki on 80.
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
image: nginx:stable-alpine
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:7001
#...
Then access the app at http://mediawiki:80
As the title says, my nginx container is not working as expected unless I restart it. I have several services defined in a docker-compose.yml file that looks like this: reverseproxy is my nginx container, and service-a and service-b are Node.js servers.
version: "3.4"
services:
reverseproxy:
container_name: reverseproxy
build:
context: ./proxy
ports:
- "80:80"
service-a:
container_name: service-a
build:
context: ./service-a
ports:
- "3500:3500"
command: ["yarn", "run", "watch-debug"]
service-b:
container_name: service-b
build:
context: ./service-b
ports:
- "3501:3501"
command: ["yarn", "run", "watch-debug"]
The Dockerfile used to build my reverseproxy service simply removes the default.conf file and then copies the nginx.conf file from my host to the image:
FROM nginx:alpine
RUN rm /etc/nginx/conf.d/default.conf
COPY nginx.conf /etc/nginx/nginx.conf
And my nginx.conf file that gets copied into the image looks like this:
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
server {
listen 80;
location /api/customers {
proxy_pass http://service-a:3500;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /api/products {
proxy_pass http://service-b:3501;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
When I docker-compose up everything spins up fine, but when I POST to one of my endpoints (for example, localhost:80/api/customers) then nginx responds with a 502. But if I docker container stop reverseproxy and then docker container start reverseproxy, then everything works as expected and I'm able to hit my endpoints with localhost:80.
I was able to docker exec -it reverseproxy /bin/sh and was able to verify that default.conf is gone and nginx.conf was copied over from my host as expected. I have followed the sample configuration from the nginx page on Docker Hub and most tutorials online show a nearly identical set up.
What may be causing this? How could make my nginx revereproxy service work as expected without restarting the container?
Edit: I am using Postman to make my requests localhost:80
#DavidMaze had the correct solution -- thank you!
reverseproxy:
container_name: reverseproxy
build:
context: ./proxy
ports:
- "80:80"
depends_on:
- "service-a"
- "service-b"
Makes sense that it only works as expected on a restarted because the other services were available by then. Just tried it out and it works as expected.
I have created a docker-compose file to spin up both an nginx and tomcat image. I use volumised files such /etc/nginx/nginx.conf and /etc/nginx/conf.d/app.conf
Same for Tomcat but with xml config files and webapps.
Both spin up and run fine… on their own. I can browse to Nginx and get the welcom page and the same for Tomcat on their respective ports, 81/8080.
However I cannot proxy the request to the backend tomcat. I’ll admit, I’m Apache and have been for years but I need to experiment.
My nginx.conf hasnt changed, its still default. I have an app.conf for the tomcat application (below). I do try and CMD mv the default.conf in teh tomcat Dockerfile but it still remains along side my app.conf so that maybe causing the issue?
my app.conf config is here: (apologies, couldnt get the code to output properly)
"server {
listen *:81;
set $allowOriginSite *;
proxy_pass_request_headers on;
proxy_pass_header Set-Cookie;
access_log /var/log/nginx/access.log combined;
error_log /var/log/nginx/error.log error;
# Upload size unlimited
client_max_body_size 0;
location /evf {
proxy_pass http://tomcat:8080;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
}
}
tomcat:8080 being the name of the service in my docker-compose file.
Any help would be appreciated!
Thank you,
Craig
docker-compose.yml for reference;
version: '3'
services:
nginx:
build: ./nginx
image: nginx:evf
command: nginx -g "daemon off;"
networks:
- evf
container_name: evf-nginx
volumes:
- ./volumes/config/nginx-evf.conf:/etc/nginx/conf.d/nginx-evf.conf
- ./volumes/config/default.conf.disabled:/etc/nginx/conf.d/default.conf.disabled
ports:
- "81:80"
tomcat:
image: tomcat
working_dir: /usr/local/tomcat
volumes:
- ./volumes/config/tomcat-users.xml:/usr/local/tomcat/conf/tomcat-users.xml
- ./volumes/webapps/EVF.war:/usr/local/tomcat/webapps/EVF.war
networks:
- evf
container_name: evf-tomcat
ports:
- "8080:8080" #expose 8080 externally to test connectivity.
networks:
evf:
Thanks,
In your nginx conf you have listen *:81 but you are exposing port 80 with "81:80".
So eiter expose port 81 with "81:81" or change you nginx config to listen *:80.
If the second option does not work try to replace the original nginx config by changing the volume file in your docker-compose.yml:
volumes:
- ./nginx/nginx-evf.conf:/etc/nginx/conf.d/default.conf
I have docker stack running 2 containers, first is Nginx, second - application.
The problem is that nginx shows Bad Gateway error:
Here is nginx conf:
upstream example {
server mystack_app1;
# Also tried with just 'app1'
# server mystack_app2;
keepalive 32;
}
server {
listen 80;
server_name example;
location / {
proxy_pass http://example;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 150;
proxy_send_timeout 100;
proxy_read_timeout 100;
proxy_buffers 4 32k;
client_max_body_size 8m;
client_body_buffer_size 128k;
}
}
Here is docker-compose.yml
version: "3"
services:
app1:
image: my-app:latest
ports:
- "9000:9000"
networks:
- webnet
web:
image: my-web:latest
ports:
- "81:80"
networks:
- webnet
deploy:
restart_policy:
condition: on-failure
networks:
webnet:
I use following command to deploy docker stack:
docker stack deploy -c docker-compose.yml mystack
So I can access application from host's browser by localhost:9000 - it works ok.
Also, from the nginx container, I can ping mystack_app1.
But when accessing localhost:81, nginx shows 502 Bad Gateway
Please help.
It looks like your upstream definition is not correct. It's trying to connect to port 80 instead of port 9000.
Try
upstream example {
server mystack_app1:9000;
# Also tried with just 'app1'
# server mystack_app2;
keepalive 32;
}
Btw, I suggest you to use the container_name in your docker-compose file.