I am new to Docker, and I am trying to run multiple Docker containers on the same server.
I searched and found out that I can do this Assigning vhosts to Docker ports.
Unfortunately, I cannot use wildcard DNS. Therefore, I'd like to configure using subdirectory so that (or are there any alternative solutions?):
test.com/app1 -> app1 (test.com:1234)
test.com/app2 -> app2 (test.com:0987)
Thank you!
The easiest way would be to use nginx like mentioned in the link you posted:
upstream container-1 { server 127.0.0.1:49162; }
server {
listen 80;
server_name container-1.yourdomain.com;
location /<your subdir> {
proxy_pass http://container-1;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
It is not possible directly via Docker.
You would need to use a reverse proxy like nginx or haproxy to do this.
Related
I am running Nexus3 in a docker container on a server that also uses nginx reverse-proxy. The problem is that when try to access to nexus repository from a browser, I am getting a broken page that has many console errors. Here's what I see:
After looking at the network tab, I noticed that my server is not setting the proper content-type for my requests. This is an example of a request to a js file:
Does anyone know what this could be? This is what my nginx.conf looks like:
server {
listen 443 ssl http2;
ssl_certificate /etc/ssl/confidential.com/fullchain.cer;
ssl_certificate_key /etc/ssl/confidential.com/*.confidential.com.key;
server_name confidential.com;
location /test {
proxy_pass http://nexus:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
}
}
You have:
location /test {
proxy_pass http://nexus:8081/;
The context path of Nexus needs to match the context path served through the reverse proxy. Edit $workdir/etc/nexus.properties and set "nexus-context-path=/test". And change the proxy_pass to be "proxy_pass http://nexus:8081/test".
I'm trying to implement ssl in my application using Docker with nginx image. I have two apps, one for back-end (api) and other for front-end (admin). It's working with http on port 80, but I need to use https. This is my nginx config file...
upstream ulib-api {
server 10.0.2.229:8001;
}
server {
listen 80;
server_name api.ulib.com.br;
location / {
proxy_pass http://ulib-api;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
client_max_body_size 100M;
}
upstream ulib-admin {
server 10.0.2.229:8002;
}
server {
listen 80;
server_name admin.ulib.com.br;
location / {
proxy_pass http://ulib-admin;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
client_max_body_size 100M;
}
I get some tutorials but all is using docker-compose. I need to install it with Dockerfile. Can anyone give me a light?
... I'm using ECS instance on AWS and project is building with CI/CD
This is just one of possible ways:
First issue certificate using certbot. You will end up with a couple of *.pem files.
There are pretty tutorials on installing and running certbot on different systems, I used Ubuntu with command certbot --nginx certonly. You need to run this command on your domain because certbot will check that you are the owner of the domain by a number of challenges.
Second, you create nginx containers. You will need proper nginx.conf and link certificates to this containers. I use docker volumes but that is not the only way.
My nginx.conf looks like following:
http {
server {
listen 443 ssl;
ssl_certificate /cert/<yourdomain.com>/fullchain.pem;
ssl_certificate_key /cert/<yourdomain.com>/privkey.pem;
ssl_trusted_certificate /cert/<yourdomain.com>/chain.pem;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
...
}
}
Last, you run nginx with proper volumes connected:
docker run -d -v $PWD/nginx.conf:/etc/nginx/nginx.conf:ro -v $PWD/cert:/cert:ro -p 443:443 nginx:1.15-alpine
Notice:
I mapped $PWD/cert into container as /cert. This is a folder, where *.pem files are stored. They live under ./cert/example.com/*.pem
Inside nginx.conf you refer these certificates with ssl_... directives
You should expose port 443 to be able to connect
I'm stucking with configuring a Nginx instance embedded in a Docker container which should implement a dynamic reverse proxy for not-enabled CORS web sites.
I was expecting it was an easy task, but it doesn't work under some conditions. This is a working location block:
location ~* ^/proxy/(.*) {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
proxy_pass https://google.com;
}
This configuration works. The google page appears. So it seems Docker is able to resolve google name.
This configuration (which I'm more interested to) doesn't work:
location ~* ^/proxy/(.*) {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
proxy_pass http://$1$is_args$args;
}
It seems that Docker is not able to resolve the name extracted by the first regex group.
If I add in the location block the resolver directive it starts working.
location ~* ^/proxy/(.*) {
resolver 192.168.31.2;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
proxy_pass http://$1$is_args$args;
}
So, where's the difference? Why the resolver directive is needed? Why in the first case (if the proxy path name is hardcoded) everything's working while not in the other case? Is the host resolv.conf file should be used inside the container itself?
I also tried to create the container passing the --dns option but still not working.
Ideas?
Thanks,
Fb
Nginx try to resolve domain_name with upstream directive: if it fail it will try to use resolver to solve your name as DNS. So, in the end, you need to set resolver directive.
Hi I have a machine (server) and nginx(native) installed on this server.
My domain is hotels.com(for example)
And subdomain api.hotels.com
this is the conf file for subdomain on machine (native nginx):
server {
listen 80;
server_name api.hotels.com;
location / {
proxy_pass http://127.0.0.1:3000$request_uri;;
}
}
I build my app with microservices architecture, 2 services:
users-service:3030 , payment-service:3080
i want to expose api.hotels.com/users/ AND api.hotels.com/payment
so i choose to use nginx(docker container) as apiGateway on port:3000 and i want to proxy to specific service, so use this config
server {
listen 3000;
location /users/ {
proxy_pass http://users:3030/;
}
location /payment/ {
proxy_pass http://users:3080/;
}
}
in localhost it work fine for me but in server and with domain something wrong happen.
if i try to get http://api.hotels.com i get nginx from nginx(machine): Good
but if try to get http://api.hotels.com/users it rewrite the url in browser to http://127.0.0.1/users and then break.
*Note: i use docker-compose to up this 2 services and nginx container.
Questions:
1) how to fix this?
2) my flow is ok, or have any other flow for this app?
My purpose flow example:
1) Client http://api.hotels.com/users
2) Server all api.hotels.com ==> http://localhost:3000(api gateway)
3) Nginx Container(on port:3000) ==> proxy to spesific service by name (users in this example)
Your application looks good, the problem is only configuration.
you can try this configuration:
server {
server_name api.hotels.com;
listen 80;
location /users/ {
proxy_pass http://users:3030/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host
}
location /payment/ {
proxy_pass http://users:3080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host
}
}
in this case your nginx container expose ports => INCOMING_PORT:80
then in your example it will look like this in docker-compose.yml
...
services:
api-gateway:
image: nginx:latest
ports:
- "3000:80"
...
in this way your api gateway is more dynamically. you can change the income port any time and nginx inside container will listen for port 80, and will proxy for spesific service by name.
good luck :)
I am a newbie in Ubuntu and generally server side and I have created a Rails app and have deployed it on Ubuntu Ec2.
I am using Nginx and Thin server on it.The app is running perfectly on it.
Now I want to deploy another app on the same server.
I have already put the app on the server and when i try to start the rails app it does not start.
I guess it is because of nginx.conf file.
Can someone please let me know how to run two apps on the same server
When you try to browse to a machine on Amazon's EC2, and you don't get any response, the best suspect is the AWS Security Group. Make sure that the port the application runs on is open in your machine's security group:
(source: amazon.com)
For nginx to run both you apps, you need to configure them both on its nginx.conf
upstream app1 {
server 127.0.0.1:3000;
}
upstream app2 {
server 127.0.0.1:3020;
}
server {
listen 80;
server_name .example.com;
access_log /var/www/myapp.example.com/log/access.log;
error_log /var/www/myapp.example.com/log/error.log;
root /var/www/myapp.example.com;
index index.html;
location /app1 {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app1;
}
location /app2 {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app2;
}
}
This configuration will listen for app1 on local port 3000, and app2 on local port 3020, and redirect data starting with http://my.example.com/app1 to the first app, and data starting with http://my.example.com/app2 to the second app.