How to host WordPress website on NGINX container using AWS FARGATE - wordpress

I need two containers in one task defination. One for wordpress and another for nginx, however the traffic should route from nginx to wordpress. This should be done using aws fargate.
How to connect two containers ? so that nginx should send traffic to wordpress container !

In AWS Fargate, all containers in the same task can access each other at 127.0.0.1 or localhost over their respective ports.
Let's say you have Nginx configured to listen on port 80 and WordPress configured to listen on port 9000. To setup Nginx and Wordpress as you describe, you would have your Application Load Balancer forward traffic to the Nginx container on port 80, and you would configure Nginx to forward traffic to WordPress at 127.0.0.1:9000.

Related

Magento2 website with nginx(with SSL termination) and varnish cache

I have hosted magento2 website with Nginx, SSL termination, and varnish cache. Varnish cache is running on port 8080 and the Magento2 website is hosted on Nginx port 8081. Http and Https traffic is accepted by the same Nginx and forwarded to the varnish cache(SSL terminated).
NGINX Varnish Magento2 all are running in the same server
I have two questions,
If I tried to access the magento2 website which is running on port 8081, directly from the internet, it bypasses the SSL termination and directly connects to the website. How can I restrict that?
When configuring magento2 baseurl, If I want to host it on a different port rather than the default 80 port, Do I need to give the port number at the baseurl configuring step? eg:- php bin/magento setup:install --base-url=http://www.example.com:8081
Assuming you want to block the port from the public internet, you have multiple options. Assuming you have SSH access, you can block the port with iptables:
/sbin/iptables -A INPUT -p tcp --destination-port 8081 -j DROP
/sbin/service iptables save
Assuming you're using a non-standard HTTP port (not 80 or 443), yes, you would need to specify that in the configuration.
nginx shouldn't be listening on 8081 to the outside world to begin with. You probably need something like
server_name localhost;
in your nginx configuration

Config nginx to listen to all ports

I have a flask app deployed in an EC2, configured with nginx/gunicorn3. Security group in the EC2 is both(inbound and outbound) set in all traffic.
I am having an issue with nginx configuration.
I have set it to listen to port 8080 and it only works on this port (neither port 80 will do).
What I want to do is to hit the domain without the port 8080 and return the desired results. Any ideas?
You can do the following to solve the issue:
1- Change the Nginx configuration to listen on port 80 and expose port 80
2- keep port 8080, but use a load balancer in front of the EC2 node and link the domain name to the load balancer instead of the EC2 node.

Elastic Beanstalk EC2 instance responses http request on both port 5000 and port 80

I setup an Elastic Beanstalk with load balancer forwarding port 80 to port 5000 on EC2 instance. My EC2 instance listens on port 5000, not port 80. The EC2 instance has a private ip 172.31.14.151. On another EC2 which is in the same subnet as the EC2 running the Springboot web server, I got http responses for the two following http request:
curl 172.31.14.151:5000
curl 172.31.14.151:80
I do not understand why I got http response from 172.31.14.15:80. The EC2 I am running the curl command is on the same subnet as the EC2 running webserver. The http request should not go through any router and not through load balancer. But the webserver is running on port 5000, not port 80.
Is there a Nginx instance running on the EC2 instance with webserver?
If I configure the webserver to listen on port 80 and let the Elastic loadbalancer forward port 80 to port 80 on EC2 instance, I got Nginx 502 bad gateway response from doing the curl request
curl 172.31.14.151:80
I don't know which Elastic Beanstalk Solution Stack you are using, but most of the AWS Solution Stacks come coupled with Proxy Servers by default. For example, if you're running Java SE the proxy server is NGINX, but if you're running Java with Tomcat the proxy server is Apache.
By default these proxies accept HTTP Traffic on the default HTTP port (80), manage the connections, then proxy the requests from the backing application server (In your case, port 5000). This helps manage the connection to the backing application, as well as serve static content, or if you configure them correctly, customized Error messages based on the HTTP Status code. I'd suggest that if you can, you send the load balancer traffic to port 80 because Apache or NGINX can usually handle connection load better than most custom applications.
Have you check inbound rules on the security group that you've use ?
Is there a Nginx instance running on the EC2 instance with webserver? - Yes is it. When you create new environment, you can choose pre-configured platform, and choose NodeJS Platform.
If your application is heterogeneous applications, is better to use container. You can deploy your containerized applications on Elasticbeanstalk or use Elastic Container Service instead.

Running docker container at specific URL(s)

Just started implementing docker containers, I'm not sure if it is possible or not yet. Is it possible to publish a docker container based on URL or at specific host header? For example, two containers running at port 192.168.1.2 and port 80 but the first container has website abc.com and the second container has website xyz.com.
Can we use some reverse proxy server e.g. NGINX (or any other that you suggest) to direct web request to respective docker container?
No, you can't have "two containers running at IP 192.168.1.2 and port 80", but you can have a reverse-proxy running at IP 192.168.1.2 and port 80 and route to containers running at different IP+port.
Yes, you could do that, you can run a nginx container (or in the host) and it will redirect the content to the right container using the requested server name.
You can map the nginx 80 port in the nginx container to the host and link the others containers to it and then configurate nginx to do the proxy.
Here is a post about how to do it:
http://www.yannmoisan.com/docker.html
If you want to generate nginx configuration dynamically when you start/stop docker containers, you can consider using jwilder/nginx-proxy project. This will give you more flexibility when deciding your domains.

Docker and Spring boot: how to hide port from url?

I try to deploy my Spring Boot on DigitalOcean. I built docker image and run it on server and everything is fine (docker run -p 8080:8080 hub_user/docker_image). I have my own domain and ip address (access url to my application is myapp.com:8080). But how I can hide port number from url to access my application? How I can use my domain without port 8080?
If you are using http, what I suppose, the default port is the 80. So if you write myapp.com is equivalent to myapp.com:80.
docker run -p 80:8080 hub_user/docker_image
This isn't really a docker question per se. As AxelWass says, port 80 is the default port that HTTP uses (browsers automatically try and go here when you visit your site myapp.com). Your application is actually running inside the container on port 8080, so if you just map 8080:8080 then docker will forward traffic coming to your host on port 8080 (the first one) to 8080 (the second one) inside your container.
Now, if you want traffic coming to the server on port 80 (which all web traffic will by default) to be forwarded to your container, you need to map it like 80:8080.

Resources