Develop Reference

Setting up NGINX as reverse proxy for multiple containerized services

I developed a web app with vue and django however, I'm having problems deploying it.
I added another container to serve as reverse proxy so only port 80 would be exposed and when I finish struggling with this also port 443. I could not find exact anwser how to do it so I hope someone here will be kind enoug to give me some clues.
Here is the conf for the nginx.
The error I'm getting is on ui container.
2022/07/14 09:09:00 [emerg] 1#1: bind() to 0.0.0.0:8080 failed (98: Address already in use)
I looked it up of course, but it was always some different scenario.
BR and thanks in advance
server {
listen 0.0.0.0:80;
listen [::]:80;
location / {
proxy_pass http://0.0.0.0:3000;
}
location /predict {
proxy_pass http://0.0.0.0:5000/predict;
}
location /aggregate {
proxy_pass http://0.0.0.0:5000/aggregate;
}
location /media/pictures {
proxy_pass http://0.0.0.0:5000/media/pictures;
}
access_log /opt/bitnami/nginx/logs/anomaly_access.log;
error_log /opt/bitnami/nginx/logs/anomaly_error.log;
}
My docker-compose looks as follows.
version: '3.2'
services:
se-kpi-sim:
image: test-app:0.0.1
network_mode: "host"
restart: unless-stopped
environment:
MODEL_NAME: "model_final.pickle.dat"
se-kpi-sim-ui:
image: test-ui:0.0.3
network_mode: "host"
restart: unless-stopped
reverse-proxy:
image: test-proxy:0.0.7
network_mode: "host"
restart: unless-stopped
database:
image: postgres
environment:
POSTGRES_PASSWORD: password
POSTGRES_USER: kpi_sim_user
POSTGRES_DB: kpi_sim
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
volumes:
- database:/var/lib/postgresql/data
restart: unless-stopped
volumes:
database:

You can run containers on docker internal network and docker-compose by default creates an network for inter communication of containers. One can modify the port to expose the application to host. while you are trying to run most of the app on host network, there might be two application trying to use the same port (like port 8080 [in this case]), one port can only be used by one application in an OS . Please look at the below snippet for more information to solve this issue.
[port mapping <port on HOST>:<container port where app is exposed inside container>]
version: '3.2'
services:
se-kpi-sim:
image: test-app:0.0.1
ports:
- 5000:8080
restart: unless-stopped
environment:
MODEL_NAME: "model_final.pickle.dat"
se-kpi-sim-ui:
image: test-ui:0.0.3
ports:
- 3000:8080
restart: unless-stopped
reverse-proxy:
image: test-proxy:0.0.7
ports:
- 80:80
# this volume mount if you are using bitnami/nginx image
volumes:
- /path/to/my_server_block.conf:/opt/bitnami/nginx/conf/server_blocks/my_server_block.conf:ro
restart: unless-stopped
database:
image: postgres
environment:
POSTGRES_PASSWORD: password
POSTGRES_USER: kpi_sim_user
POSTGRES_DB: kpi_sim
POSTGRES_HOST_AUTH_METHOD: trust
ports:
- 5432:5432
volumes:
- database:/var/lib/postgresql/data
restart: unless-stopped
volumes:
database:
One have to specify either the IP address or DNS name of the application , in order to forward the traffic to specific application. docker-compose create Domain name for all the services defined in docker-compose.yaml file.
server {
listen 0.0.0.0:80;
listen [::]:80;
location / {
proxy_pass http://se-kpi-sim-ui:8080;
}
location /predict {
proxy_pass http://se-kpi-sim:8080/predict;
}
location /aggregate {
proxy_pass http://se-kpi-sim:8080/aggregate;
}
location /media/pictures {
proxy_pass http://se-kpi-sim:8080/media/pictures;
}
access_log /opt/bitnami/nginx/logs/anomaly_access.log;
error_log /opt/bitnami/nginx/logs/anomaly_error.log;
}
One can mount the nginx.conf like:[in bitnami/nginx image]
...
volumes:
- /path/to/my_server_block.conf:/opt/bitnami/nginx/conf/server_blocks/my_server_block.conf:ro
...
Note: all the above is an example for reference to solve the problem. entrypoint for containers might change according to one's requirements.

nginx basic auth not working in docker-compose

i'm setting up basic authentication(credential) for loki and promtail using nginx in docker-compose. i have created htpasswd to set the password for loki and promtail andcreated seperate config file for loki and promtail and passing it through volumes.
however its not triggering authentication for loki and promtail
docker-compose.yaml
version: "2"
services:
my-nginx-service:
image: nginx
ports:
- "8098:80"
container_name: nginx
volumes:
- ./config/sites-enabled/loki:/etc/nginx/sites-enabled/loki
- ./config/conf.d/loki.conf:/etc/nginx/conf.d/loki.conf
- ./config/conf.d/loki.conf:/etc/nginx/conf.d/promtail.conf
- ./config/sites-available/default:/etc/nginx/sites-available/default
- ./config/htpasswd/.htloki:/etc/nginx/.htloki
- ./config/htpasswd/.htloki:/etc/nginx/.htpromtail
loki:
image: grafana/loki:2.0.0
container_name: loki
volumes:
- ./config/loki.yaml:/etc/config/loki.yaml
entrypoint:
- /usr/bin/loki
- -config.file=/etc/config/loki.yaml
ports:
- "3100:3100"
promtail:
image: grafana/promtail:2.0.1
container_name: promtail
user: root
volumes:
- ./log:/var/log/test
- /var/log/system.log:/var/log/root/system.log
- ./config/promtail-local-config.yaml:/etc/config/promtail-local-config.yaml
entrypoint:
- /usr/bin/promtail
- -config.file=/etc/config/promtail-local-config.yaml
ports:
- "9080:9080"
loki.conf
server {
listen 443;
location / {
auth_basic "Protected Area";
auth_basic_user_file /etc/nginx/.htloki;
proxy_pass http://loki:3100;
}
}
promtail.conf
server {
listen 442;
location / {
auth_basic "Protected Area";
auth_basic_user_file /etc/nginx/.htpromtail;
proxy_pass http://promtail:9080;
}
}
has anybody faced this issue?

Apparently, I forgot to rebuild the container images after including the .htpasswd files. Rebuilding fixed this
docker compose up --build

Nginx proxy is not finding the backend services

I've an installation with 2 backend services that should be proxied by a third Nginx service.
I've deployed the 3 services succesfully but for some reason I can't get nginx to see the other 2 services giving the error:
GET / HTTP/1.1" 502 560
and
[error] 8#8: *1 no live upstreams while connecting to upstream
I have tried changing all the services to their own network but it seems the issue is not solved.
Adding my docker-compose.yml:
version: "3"
services:
nginx_web_1:
image: nginx:1.17
volumes:
- "./files_1:/usr/share/nginx/html:ro"
nginx_web_2:
image: nginx:1.17
volumes:
- "./files_2:/usr/share/nginx/html:ro"
nginx_balancer:
build: ./balancer
ports:
- 5000:80
depends_on:
- nginx_web_1
- nginx_web_2
and this is how I configured the proxy:
File moved to /etc/nginx/conf.d/default.conf
upstream backend_hosts {
server nginx_web_1;
server nginx_web_2;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://backend_hosts;
}
}

After some investigation, the issue was that I was running only docker-compose up/down which didn't rebuild my Nginx proxy image.
After cleaning up and running a docker build the proxy was configured properly and now runs fine.
That means that also the config listed in the question is a valid one

nginx docker compose not up and running

I have below docker-compose for nginx service: however I don't see up and running for any service request to forward, is there something I'm doing wrong? any suggestion will be really helpful.
container_name: nginx
image: nginx
ports:
- 80:80
- 443:443
entrypoint: /bin/sh -c
command: >
cat << EOF > /etc/nginx/conf.d/myproxy.conf
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/nginx/my.com.cert;
ssl_certificate_key /etc/nginx/my.com.key;
server_name my.app.com;
location / {
proxy_pass http://service-name:443;
}
}
EOF
nginx -s reload;
nginx -g 'daemon off;'
volumes:
- ./nginx/my.com.key:/etc/nginx/my.com.key
- ./nginx/my.com.cert:/etc/nginx/my.com.cert
networks:
nginx should up and running, but I don't see any container running for Nginx.
Solved:
I solved the issue by creating a custom conf file with all the server details and mapped that custom conf file to override existing conf and also, the deleted entrypoint and command block.

First of all, get rid of entire command and also entrypoint section! :).
write your nginx config in a file beside docker-compose.yml or where ever you want (lets name it myproxy.conf). Then, add ./myproxy.conf:/etc/nginx/conf.d/myproxy.conf to valumes section.
Nginx docker images handles entrypoint it self and there is no need to interfere!
Your compose should be something like this:
nginx:
container_name: nginx
image: nginx
ports:
- 80:80
- 443:443
volumes:
- ./myproxy.conf:/etc/nginx/conf.d/myproxy.conf
- ./nginx/my.com.key:/etc/nginx/my.com.key
- ./nginx/my.com.cert:/etc/nginx/my.com.cert
networks:

Properly mount Flask app at location using Nginx reverse proxy

I have a Flask app, which runs inside a Docker container and should be exposed under a specific URL: myserver.com/mylocation. I want to use another container running Nginx as a reverse proxy to achieve the routing. I am following an awesome tutorial that got me quite far already.
My Nginx-config (the relevant part) reads:
server {
server_name myserver.com;
location /mylocation {
proxy_pass http://myapp:5000;
proxy_set_header Host $host;
rewrite ^/mylocation(.*)$ $1 break;
}
}
My docker-compose.yml reads:
version: '2'
services:
nginx:
image: nginx:latest
container_name: production_nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- 80:80
- 443:443
myapp:
build: .
image: app_image
container_name: app_container
expose:
- "5000"
Now, when I run this, I successfully get my applications' index.html from myserver.com/mylocation, but subsequent requests (the CSS, JS etc) are being fired at myserver.com without the location part (/mylocation), and so Nginx does not route them to the container and they 404. The references to CSS, JS and such are all relative, they do not (and should not) contain the server name and location.
How can I achieve this? Am I missing something in my NGinx config that would let the app know it should run at /mylocation?