I do have a DOCKER_HOST specified by :
DOCKER_HOST=tcp://g3-docker-1:2375
secured by TLS. On this host I could have quite a view "jboss/wildfly" containers in different configurations and loaded with different apps. They can be started on request by some people for software testing purposes. The following docker-compose is used :
version: '2'
services:
wildfly:
build:
dockerfile: Dockerfile.wildfly
context: .
ports:
- "8080:8080"
depends_on:
- logvolume
- mariadb
volumes_from:
- logvolume
mariadb:
image: mariadb:latest
ports:
- "3307:3307"
environment:
- MYSQL_ROOT_PASSWORD=secret
logvolume:
build:
dockerfile: Dockerfile.logvolume
context: .
volumes:
- /opt/jboss/wildfly/standalone/log:/opt/jboss/wildfly/standalone/log
I am planning to build quite a view containers each one with different preloaded data and different webapps inside "wildfly"
When I start these containers each one is assigned a IP addres inside the _dirname_default network (bridged). Jboss is reachable by the outside world with $DOCKER_HOST:8080 and maria_db is reachable so fine so good ...
But what if I have a couple of this. Do I have to map different ports to the different wildflys or is there another way to access the dockerized wildflys by the outside eg. via the containerid or so ?
I am now using nginx as reverse proxy in order to decide based on the url which wildfly to talk to
This needs an addtional service in docker-compose.yml like this :
reverseproxy:
build:
dockerfile: Dockerfile.nginx
context: .
ports:
- 80:80
depends_on:
- wildfly
and the following nginx.conf:
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream docker-wildfly {
server wildfly:8080;
}
server {
listen 80;
location /wildfly/ {
proxy_pass http://docker-wildfly/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Each wildfly will get its own location
Related
I have a containerized app that uses nginx as a reverse proxy. If I map nginx ports as 1337:80 I am only able to reach my website at <MY_INSTANCE_IP>:1337. If I instead map nginx ports as 80:80 I am able to reach my website at <MY_INSTANCE_IP>. Changing the ports in my docker-compose file worked but I'd like to know why.
My docker-compose config:
version: '3.7'
services:
web:
build:
context: .
dockerfile: ./compose/production/flask/Dockerfile
image: flask_web
command: /start
volumes:
- .:/app
expose:
- 5000
env_file:
- .env/.prod
environment:
- FLASK_APP=app
nginx:
build: ./compose/production/nginx
ports:
- 80:80
depends_on:
- web
My nginx config:
upstream flask-app {
server web:5000;
}
server {
listen 80;
server_name <MY_INSTANCE_IP>;
location / {
proxy_pass http://flask-app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
# client_max_body_size 20M;
}
}
So, you have nginx set to listen on port 80 (default http). When you set the port for your nginx service in docker-compose the first number is the port that docker will "publish" the service on the host and the second number, after the colon (:), is the port the server is listening on "inside" the container. See:
https://docs.docker.com/config/containers/container-networking/#published-ports for more detail.
My docker compose looks like this:
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
image: nginx:stable-alpine
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
#...
Where mediawiki is a docker container that runs on port 80 in docker and does not appear to have a way to change the port number.
I'm trying to expose mediwiki through ngninx and the nginx config looks like this:
events {
}
http {
server {
listen 80;
location / {
client_max_body_size 2M;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
proxy_pass http://mediawiki:80;
}
}
}
Since both nginx and mediawiki is running at port 80, I can't set portmap mediwiki 80:80.
I've tried mapping it to another port under mediawiki such as 7001:80 and in nginx config replace http://mediawiki:80 with http://mediawiki:7001 but this produces bad gateway error when loading the site url at port 80.
How might I fix this?
Let's have a look at reverse proxy in which case I use.
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
build: .
image: A_NEW_NAME:VERSION_TAG
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./wiki.conf:/etc/sites-available/wiki.conf
ports:
- 80:80
This should be your wiki.conf contents:
server {
listen 80;
server_name THE_DOMAIN_NAME_OF_YOUR_MEDIAWIKI;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://mediawiki:80;
proxy_redirect off;
# Socket.IO Support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
And add a Dockerfile in the directory where your docker-compose file is:
FROM nginx:stable-alpine
COPY wiki.conf /etc/sites-available/
RUN cd /etc/sites-enabled/ && ln -s /etc/sites-available/wiki.conf
And keep your nginx.conf as default values, or change some values on your own but do not add any directives to serve wiki.
You can replace THE_DOMAIN_NAME_OF_YOUR_MEDIAWIKI wit the actual domain name. Like if you have media.com and your wiki wants to be accessible at wiki.media.com.
Now you can run docker-compose up -d --build and see the result.
Change the service port for media wiki to 8080, like
8080:80
and
Change the nginx port to 7001 inside the local nginx.conf and
proxy_pass http://mediawiki:8080;
./nginx.conf:/etc/nginx/nginx.conf
So, nginx will run on port 7001 and mediawiki on 80.
version: '3.2'
services:
mediawiki:
image: mediawiki:lts
nginx:
image: nginx:stable-alpine
depends_on:
- mediawiki
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:7001
#...
Then access the app at http://mediawiki:80
I am trying to run a nginx proxy server with a ktor java server behind. However, nginx throws "111: Connection refused" with those configurations. I've tried the "setting upstream server name from localhost to docker compose name" on web but it didn't help anything.
Thank you in advance, and sorry for my poor english.
docker-compose.yml
version: "3.8"
services:
nginx:
image: nginx:1.19.3
ports:
- 80:80
- 443:443
volumes:
- ./Nginx/logs:/var/log/nginx
- ./Nginx/confs:/etc/nginx/conf.d
- ./Nginx/confs:/etc/nginx/keys
mariadb:
image: mariadb:10.5.6
ports:
- 3306:3306
volumes:
- ./Mariadb/data:/var/lib/mysql
- ./Mariadb/confs:/etc/mysql/conf.d
- ./Mariadb/inits:/docker-entrypoint-initdb.d
env_file:
- .env
environment:
TZ: Asia/Seoul
MYSQL_USER: dockhyub
yangjin208:
build: ./Yangjin208
ports:
- "3000:8080"
env_file:
- .env
- ./Yangjin208/.env
links:
- mariadb:sql
yangjin208.conf under ./Nginx/confs
upstream yangjin208_app {
server yangjin208:3000;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://yangjin208_app;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
localhost:3000 is accessible by browser, and has no problems.
So, I've found the problem - It seems like the docker internal network uses the original port instead of the port changed from docker-compose.yml's "ports" configuration. I was using the port 3000 (Port declared from docker-compose) instead of 8080 (The original port), and that was the reason it didn't work. Thanks for everyone.
I think you're not using the yangjin208.conf in nginx. Rename yangjin208.conf to default.conf.
As the title says, my nginx container is not working as expected unless I restart it. I have several services defined in a docker-compose.yml file that looks like this: reverseproxy is my nginx container, and service-a and service-b are Node.js servers.
version: "3.4"
services:
reverseproxy:
container_name: reverseproxy
build:
context: ./proxy
ports:
- "80:80"
service-a:
container_name: service-a
build:
context: ./service-a
ports:
- "3500:3500"
command: ["yarn", "run", "watch-debug"]
service-b:
container_name: service-b
build:
context: ./service-b
ports:
- "3501:3501"
command: ["yarn", "run", "watch-debug"]
The Dockerfile used to build my reverseproxy service simply removes the default.conf file and then copies the nginx.conf file from my host to the image:
FROM nginx:alpine
RUN rm /etc/nginx/conf.d/default.conf
COPY nginx.conf /etc/nginx/nginx.conf
And my nginx.conf file that gets copied into the image looks like this:
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
server {
listen 80;
location /api/customers {
proxy_pass http://service-a:3500;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
location /api/products {
proxy_pass http://service-b:3501;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
When I docker-compose up everything spins up fine, but when I POST to one of my endpoints (for example, localhost:80/api/customers) then nginx responds with a 502. But if I docker container stop reverseproxy and then docker container start reverseproxy, then everything works as expected and I'm able to hit my endpoints with localhost:80.
I was able to docker exec -it reverseproxy /bin/sh and was able to verify that default.conf is gone and nginx.conf was copied over from my host as expected. I have followed the sample configuration from the nginx page on Docker Hub and most tutorials online show a nearly identical set up.
What may be causing this? How could make my nginx revereproxy service work as expected without restarting the container?
Edit: I am using Postman to make my requests localhost:80
#DavidMaze had the correct solution -- thank you!
reverseproxy:
container_name: reverseproxy
build:
context: ./proxy
ports:
- "80:80"
depends_on:
- "service-a"
- "service-b"
Makes sense that it only works as expected on a restarted because the other services were available by then. Just tried it out and it works as expected.
I'm looking for a way to configure Nginx to access hosted services through a subdomain of my server. Those services and Nginx are instantiated with Docker-compose.
In short, when typing jenkins.192.168.1.2, I should access to Jenkins hosted on 192.168.1.2 redirected with Nginx proxy.
A quick look of what I currently have. It doesn't work without a top domain name, so it works fine on play-with-docker.com, but not locally with for example 192.168.1.2.
server {
server_name jenkins.REVERSE_PROXY_DOMAIN_NAME;
location / {
proxy_pass http://jenkins:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
To have a look of what I want: https://github.com/Ivaprag/devtools-compose
My overall goal is to access remote docker containers without modifying clients' DNS service.
Unfortunately nginx doesn't support sub-domains on IP addresses like that.
You would either have to modify the clients hosts file (which you said you didn't want to do)...
Or you can just set your nginx to redirect like so:
location /jenkins {
proxy_pass http://jenkins:8080;
...
}
location /other-container {
proxy_pass http://other-container:8080;
}
which would allow you to access jenkins at 192.168.1.2/jenkins
Or you can try and serve your different containers through different ports. E.g:
server {
listen 8081;
location / {
proxy_pass http://jenkins:8080;
...
}
}
server {
listen 8082;
location / {
proxy_pass http://other-container:8080;
...
}
}
And then access jenkins from 192.168.1.2:8081/
If you are already using docker-compose I recommend using the jwilder nginx-proxy container.
https://github.com/jwilder/nginx-proxy
This allows you to add unlimited number of web service containers to the backend of the defined nginx proxy, for example:
nginx-proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- "/etc/nginx/vhost.d"
- "/usr/share/nginx/html"
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "nginx_certs:/etc/nginx/certs:rw"
nginx:
build:
context: ./docker/nginx/
dockerfile: Dockerfile
volumes_from:
- data
environment:
VIRTUAL_HOST: www.host1.com
nginx_2:
build:
context: ./docker/nginx_2/
dockerfile: Dockerfile
volumes_from:
- data
environment:
VIRTUAL_HOST: www.host2.com
apache_1:
build:
context: ./docker/apache_1/
dockerfile: Dockerfile
volumes_from:
- data
environment:
VIRTUAL_HOST: www.host3.com
The nginx-proxy mount the host docker sock file in order to get information about the other containers running, if any of them have the env variable VIRTUAL_HOST set then it will add it to its configuration.
I was trying to configure subdomains in nginx (host), for two virtualhosts in one LXC container.
The way it worked for me:
For apache (in the container), I created two virtual hosts: one in port 80 and the other one in port 90.
For enabling port 90 in apache2 (container), it was necessary to add the line "Listen 90" below "Listen 80" in /etc/apache2/ports.conf
For NGINX (host machine), configured two DOMAINS, both in port 80 creating independent .conf files in /etc/nginx/sites-available. Created symbolic link for each file to /etc/nginx/sites-enabled.
In the first NGINX myfirstdomain.conf file, redirect to http://my.contai.ner.ip:80.
In the second NGINX myseconddomain.conf file, redirect to http://my.contai.ner.ip:90
That was it for me !