Is it possible to have a 2 docker containers serve on port 80 but different subdomains or hostnames?
Something like:
api.example.com goes to a node application
app.example.com goes to a Java application
Yes you can. using a proxy.
There is a project by jwilder/nginx-proxy which allows you to give your hostname via an enviroment variable which will than route your request to the appropriate container.
A good example of this implemented is given here: https://blog.florianlopes.io/host-multiple-websites-on-single-host-docker/
No. The first container you start will have exclusive access to the port, and if you try and start a second container on the same port it will fail.
Instead, use a load balancer such as Nginx or Traefik to handle the incoming traffic to port 80 and proxy it on to your two app containers based on host headers.
Related
I have a domain name https://example.com that points to a vps server on amazon lightsail. I have several applications i want to run. The apps are in vue js and some in spring and i am using nginx as the web server.
The landing page is basically an app running on port 3000 but using reverse proxy to display it at the root of example.com on port 80
I would like to run another app like:
example.com/one, example.com/two and example.com/three where one, two and three are applications each running inside a docker container.
How would i go about configuring my apps in this way keeping in mind the apps are running separately inside docker?
I highly suggest using Caddy for this type of setup.
Nginx is awesome and you could use that for the same purpose.
But for what you want to do caddy will work perfectly.
Just make sure to run each container on a different port.
Then use caddy as a reverse proxy to each container:
https://medium.com/bumps-from-a-little-front-end-programmer/caddy-reverse-proxy-tutorial-faa2ce22a9c6
Lets say you have containers running on port 5000,8800 and 9000
the you could do:
example.com
reverse_proxy /one localhost:5000
reverse_proxy /two localhost:8800
reverse_proxy /three localhost:9000
Caddy is cool because it will also setup SSL via Letsencrypt.
I didn't have time or a server to test this now, but let me know if it works.
God bless :)
Docker can only route to different ports. It can not determine the container by a http-path.
You need a reverse proxy (RP).
You have two options:
Install RP on host
You can install the RP on your host machine. There are many pros, like you can use the certbot for automatic lets encrypt certs. And you have the opportunity to use more docker-containers.
For this you have to publish ports in docker to your hostmachine.
Use your docker-nginx as RP
You can also set your frontend as RP. Just put your docker-containers in a docker-network and add the RP-config to your nginx.
I have three tomcat containers running on different bridge networks with different subnet and gateway
For example:
container1 172.16.0.1 bridge1
container2 192.168.0.1 bridge2
container3 192.168.10.1 bridge3
These containers are running on different ports like 8081, 8082, 8083
Is there any way to run all three containers in same 8081?
If it is possible, how can I do it in docker.
You need to set-up a reverse proxy. As the name suggests, this is a proxy that works in an opposite way from the standard proxy. While standard proxy gets requests from internal network and serves them from external networks (internet), the reverse proxy gets requests from external network and serves them by fetching information from internal network.
There are multiple applications that can serve as a reverse proxy, but the most used are:
NginX
Apache
HAProxy mainly as a load-balancer
Envoy
Traefik
Majority of the reveres proxies can run as another container on your docker. Some of this tools are easy to start since there is ample amount of tutorials.
The reverse proxy is more than just exposing single port and forwarding traffic to back-end ports. The reverse proxy can manage and distribute the load (load balancing), can change the URI that is arriving from the client to a URI that the back-end understands (URL rewriting), can change the response form the back-end (content rewriting), etc.
Reverse HTTP/HTTP traffic
What you need to do to set a reverse proxy, assuming you have HTTP services, in your example is foloowing:
Decide which tool to use. As a beginner, I suggest NginX
Create a configuration file for the proxy which will take the requests from the port 80 and distribute to ports 8081, 8082, 8083. Since the containers are on different network, you will need to decide if you want to forward the traffic to their IP addresses (which I don't recommend since IP can change), or to publish the ports on the host and use the host IP. Another alternative is to run all of them on the same network.
Depending on the case, you need to setup the X-Forwarding-* flags and/or URL rewriting and content rewriting.
Run the container and publish the port 80 as 8080 (if you expose the containers on host, your 8081 will be already taken).
Reverse TCP/UDP traffic
If you have non-HTTP services (raw TCP or UDP services), then you can use HAProxy. Steps are same apart from the configuration step #2. The configuration is different due to non-HTTP nature of the traffic and you can find example in this SO
I am using docker for windows. There are 2 containers running Windows IIS on ports listed below:
Container 1: 0.0.0.0:50095->80/tcp
Container 2: 0.0.0.0:50093->80/tcp
My host machine IP is 192.168.25.110
As shown above, both containers map to port 80. So when external users browse to 192.168.25.110:80, which of the 2 containers will be accessed? Is there a deterministic behavior?
As David mentioned in the comments, you are backwards on your port mappings. Based on what you've given, for example, you would navigate to http://192.168.25.110:50095/ in order to reach Container1.
That's probably not what you want as you likely want to use the default HTTP port (80).
You should look into a reverse proxy solution for your situation. The reverse proxy will listen on port 80 for ALL traffic and then decide (based on configuration) which container to send the request to.
Traefik is a popular solution for this. Traefik listens on port 80 and then you can configure it to route traffic to different containers based on rules.
You could do something like:
http://192.168.25.110/container1 => Container1
http://192.168.25.110/container2 => Container2
OR
http://container1.docker.local => Container1
http://container2.docker.local => Container2
Take a look at Traefik's quick start guide: https://docs.traefik.io/getting-started/quick-start/
Hi i have a url called :
https://wona.logs.co.za
And i need it to redirect to the speciic docker container at port 3000
( http://156.43.123.226:3000)
However when i try link https://wona.logs.co.za to 156.43.123.226:3000 i cannot enter a port number in the redirection to specify my docker container
Multiple things that do not fit.
you try to redirect https traffic to an http endpoint. That won't wortk
you are trying to directly redirect to another port (from 443, to 3000). That won't work either.
Solution
Create a proxy container. e.g. nginx that serves port 80 / 443 and redirects traffic to your application on port 3000. I recommend that you do not directly expose your application - only via the proxy.
Once you have a proxy container that listens to the same ports you can easily use the redirect as you described.
The question lacks the current setup of docker on mentioned server. From what i understood, is you already have docker running with orchestrator and a proxy server for main domain, and now you want to put up a subdomain which forwards traffic to one specific container.
For this, you need to spin an image of your application which listens on port 3000, add an entry in proxy server to forward traffic to your new container. Handle the ssl handshaking at proxy level.
I have two docker-compose files set up - one for the frontend application, and one for the backend.
Frontend runs on 3000 port and is exposed on 80: 0.0.0.0:80:3000
Backend runs on 3001 port and is exposed on the same port also publicly: 0.0.0.0:3001:3001
From the host machine, I can easily make a request to the backend:
$ curl 127.0.0.1:3001
But I cannot do it from the frontend container - nothing is listening on that port because those are two different containers in different networks.
I tried to connect both of them in one network - then I can use the IP of the backend container, or a hostname, to make a valid request. But it's still not the localhost. How can I solve this?
When using Docker, localhost points to the container itself, not to your computer. There are a few ways to do what you want. But none of them will work with localhost from a container.
The cleanest way to do it is by setting up hostnames for your services within the yml and set up your applications to look for those hostnames instead of localhost.
Let me know if you need examples and I will look for them at home and post it here to you.