I would like to setup an Nginx reverse proxy, which works fine, but if I set network_mode: "host" it stops working because it is unable to find the hostname of other docker containers. I have a web container and an nginx container.
I get the following error:
reverseproxy_1 | nginx: [emerg] host not found in upstream "web:80" in /etc/nginx/nginx.conf:10
My Nginx conf file is:
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream docker-web {
server web:80;
}
server {
listen 8080;
location / {
proxy_pass http://docker-web;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
and my docker-compose.yml file is:
version: '2'
services:
redis:
image: "redis:alpine"
web:
depends_on:
- redis
build: .\app
volumes:
- .\app:/code
restart: always
reverseproxy:
image: reverseproxy
network_mode: "host"
ports:
- 8080:8080
depends_on:
- web
I need to set network_mode to host else the the X-Forwarded-For will wrong.
I managed to get it working by using a Linux host instead of Windows which meant I didn't need to use network_mode: "host". I also had to change my Python code to
request.environ.get('HTTP_X_REAL_IP', request.remote_addr)
from
request.environ['REMOTE_ADDR']
Related
I am going to run the service with Minio and I run it with docker-compose:
version: '3.7'
services:
service_minio:
image: quay.io/minio/minio:latest
container_name: service_minio
restart: always
ports:
- 9000:9000
- 9001:9001
volumes:
- ./volumes/minio/data:/data
environment:
- MINIO_ROOT_USER=minioadmin
- MINIO_ROOT_PASSWORD=minioadmin
command: server /data --console-address ":9001"
networks:
service_network:
ipv4_address: 172.15.10.5
networks:
service_network:
external: true
And then i serve it with Nginx by below configuration:
server {
listen 3000 default_server;
listen [::]:3000 default_server;
server_name mydomain.com;
location / {
access_log /var/log/nginx/minio_access.log;
error_log /var/log/nginx/minio_error.log;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_pass http://172.15.10.5:9001;
}
}
The problem is here, When i logged in to Minio Console, I will redirect to /login page without any errors. Actually i enter correctlly credentials but return back to /login page.
Do you know where the problem is?
in most cases of configuring load balancer/proxy, MINIO_SERVER_URL needs to be set.
Please have a look at the documentation
Environment Variable Documentation
I have asp.net web api application in docker container and it's working good with below commands,
docker build -t hello-aspnetcore3 -f Api.Dockerfile .
docker run -d -p 5000:5000 --name hello-aspnetcore3 hello-aspnetcore3
Browse to: http://localhost:5000/weatherforecast works perfect.
Now I am trying to use Nginx as reverse proxy and running in another container and here is nginx conf and container files,
nginx.conf
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream web-api {
server api:5000;
}
server {
listen 80;
server_name $hostname;
location / {
proxy_pass http://web-api;
proxy_redirect off;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $server_name;
}
}
}
Nginx.Dockerfile
FROM nginx:latest
COPY nginx.conf /etc/nginx/nginx.conf
and here is my docker compose file,
docker-compose.yml
version: "3.7"
services:
reverseproxy:
build:
context: ./Nginx
dockerfile: Nginx.Dockerfile
ports:
- "80:80"
restart: always
api:
depends_on:
- reverseproxy
build:
context: ./HelloAspNetCore3.Api
dockerfile: Api.Dockerfile
expose:
- "5000"
restart: always
Building and running containers are fine docker-compose build and docker-compose up -d.
But when trying to browse http://localhost/weatherforecast, it's giving HTTP Error 404. The requested resource is not found. error. What's wrong here?
Note - when I browse using host ip address http://192.168.0.103/weatherforcast, then it's works fine.
Docker-Compose ps output is here....
I am trying to run a service called Grafana behind Nginx webserver,where both services are being run in a docker-compose file.
docker-compose.yml:
version: '3.1'
services:
nginx:
image: nginx
ports: ['443:443',"80:80"]
restart: always
volumes:
- ./etc/nginx.conf:/etc/nginx/nginx.conf:ro
- /home/ec2-user/certs:/etc/ssl
grafana:
image: grafana/grafana
restart: always
ports: ["3000:3000"]
nginx.conf:
events {
worker_connections 1024;
}
http {
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
server {
listen 443 ssl;
server_tokens off;
location /grafana/ {
rewrite /grafana/(.*) /$1 break;
proxy_pass http://127.0.0.1:3000/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_bind $server_addr;
}
}
}
The grafana service is running on port 3000.
My goal is to access this nginx server from outside, (lets assume its public ip address is: 1.1.1.1) on the address https://1.1.1.1/grafana. With the current configuration i get 502 Bad Gateway and the error on nginx side:
(111: Connection refused) while connecting to upstream, client: <<my-public-ip-here>>,
Your containers are running on two separate IP addresses in the docker network, usually 172.17.. by default.
By using a proxy pass like this in the nginx container:
proxy_pass http://127.0.0.1:3000/
You are essentially telling it to look for a process on port 3000 local to itself, because of the 127.0.0.1 right?
You need to point it in the direction of the Grafana container, try doing:
docker inspect <grafana ID> | grep IPAddress
Then set the proxy pass to that IP:
proxy_pass http://172.0.0.?:3000/
I've solved the same issue using something like #james suggested:
docker inspect <your inaccessible container is> | grep Gateway
Then use this IP address:
proxy_pass http://172.xx.0.1:3000/
I have been following a tutorial on how to make a load balanced application using docker-compose and nginx. However, my load balancer/coordinator doesn't work - what I am trying to do is have nginx accept requests and split them between three workers, and I want nginx and the three workers to be running in separate docker containers, but I get the following error. My compilerwebservice_worker does work correctly, and I can see all three in docker ps, and I can ping them with wget on the localhost post they are listening to.
The error message
$ docker-compose up
Starting compilerwebservice_worker1_1
Starting compilerwebservice_worker3_1
Starting compilerwebservice_worker2_1
Starting compilerwebservice_nginx_1
Attaching to compilerwebservice_worker1_1, compilerwebservice_worker3_1, compilerwebservice_worker2_1, compilerwebservice_nginx_1
nginx_1 | 2016/09/06 07:17:47 [emerg] 1#1: host not found in upstream "compiler-web-service" in /etc/nginx/nginx.conf:14
nginx_1 | nginx: [emerg] host not found in upstream "compiler-web-service" in /etc/nginx/nginx.conf:14
compilerwebservice_nginx_1 exited with code 1
NGINX Config
http {
upstream compiler {
least_conn;
server worker1:4567;
server worker2:4567;
server worker3:4567;
}
server {
listen 4567;
location / {
proxy_pass http://compiler;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
}
My Docker-compose file
nginx:
build: ./src/main/nginx
links:
- worker2:worker2
- worker3:worker3
- worker1:worker1
ports:
- "4567:4567"
worker1:
build: .
ports:
- "4567"
worker2:
build: .
ports:
- "4567"
worker3:
build: .
ports:
- "4567"
NGINX Docker file
# Set nginx base image
FROM nginx
# Copy custom configuration file from the current directory
COPY nginx.conf /etc/nginx/nginx.conf
In the below demo there are 2 express app running with port 1111 and 2222 in localhost, on calling http://localhost:8080 it should automatically choose any one of the port 1111 or 2222. here nginx uses round robin
index.js file
const express = require('express');
const app = express();
const appId = process.env.APPID;
const PORTNUMBER = appId;
app.get('/', (req, res) => {
res.send({
message: `Welcome to ${appId} home page running on port ${appId}`
});
});
app.listen(PORTNUMBER, () => {
console.log(`APP STARTED ON PORT ${appId} for APP id ${appId}`);
})
express app docker file
FROM node:12.13.0-alpine
WORKDIR /EXPRESSAPP
COPY ./API/package.json /EXPRESSAPP
RUN npm install
COPY ./API/. /EXPRESSAPP
CMD ["npm", "start"]
nginx file
http {
upstream backend {
server 127.0.0.1:1111;
server 127.0.0.1:2222;
}
server {
listen 8080 default_server;
listen [::]:8080 default_server;
# listen [::]:8080 default_server ipv6only=on;
server_name localhost;
proxy_read_timeout 5m;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_pass http://backend;
}
}
}
nginx dockercompose file
FROM nginx
COPY nginx.conf /etc/nginx/nginx.conf
docker-compose.yml file
version: '3'
services:
myapp1:
restart: always
container_name: myapp1
build: ./APICONTAINER
environment:
- APPID=1111
ports:
- "1111:1111"
network_mode: host
myapp2:
restart: always
container_name: myapp2
build: ./APICONTAINER
environment:
- APPID=2222
ports:
- "2222:2222"
network_mode: host
myproxy:
container_name: myproxy
build: ./NGINXCONTAINER
ports:
- "127.0.0.1:8080:8080"
depends_on:
- myapp1
- myapp2
network_mode: host
to spin up the containers use the below command
sudo docker-compose down && sudo docker-compose up --build --force-recreate
go to below link to see the round robin nginx load balancer
http://localhost:8080
reference github link to get the full code
I needed to rebuild with docker-compose build between configuration changes. As I changed the name of the app, the error message indicated a server, whose name was the original one that I selected instead of the one I kept changing.
I'm using boot2docker since I'm running Mac OSX. I can't figure out how serve up static files using nginx that is running inside a docker container (that also contains the static assets, like my html and js).
I have four docker containers being spun up with this docker-compose.yml:
web:
build: ./public
links:
- nodeapi1:nodeapi1
ports:
- "80:80"
nodeapi1:
build: ./api
links:
- redis
- db
ports:
- "5000:5000"
volumes:
- ./api:/data
redis:
image: redis:latest
ports:
- "6379:6379"
db:
image: postgres:latest
environment:
POSTGRES_USER: root
ports:
- "5432:5432"
This is my nginx.conf:
worker_processes auto;
daemon off;
events {
worker_connections 1024;
}
http {
server_tokens off;
upstream node-app {
ip_hash;
server 192.168.59.103:5000;
}
server {
listen 80;
index index.html;
root /var/www;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 1d;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_pass http://node-app;
proxy_cache_bypass $http_upgrade;
}
}
}
My Dockerfile for my web build (which contains my nginx.conf and static assets):
# Pull nginx base image
FROM nginx:latest
# Expost port 80
EXPOSE 80
# Copy custom configuration file from the current directory
COPY nginx.conf /etc/nginx/nginx.conf
# Copy static assets into var/www
COPY ./dist /var/www
COPY ./node_modules /var/www/node_modules
# Start up nginx server
CMD ["nginx"]
The contents of the ./dist folder is a bundle.js file and an index.html file. The file layout is:
public
-- Dockerfile
-- nginx.conf
-- dist (directory)
-- bundle.js
-- index.html
-- node_modules
...various node modules
It is properly sending requests to my node server (which is also in a docker container, which is why my upstream server points to the boot2docker ip), but I'm just getting 404s for attempts to retrieve my static assets.
I'm lost as to next steps. If I can provide any information, please let me know.
Your issue isn't related to docker but to your nginx configuration.
In your nginx config file, you define /var/www/ as the document root (I guess to serve your static files). But below that you instruct nginx to act as a reverse proxy to your node app for all requests.
Because of that, if you call the /index.html URL, nginx won't even bother checking the content of /var/www and will forward that query to nodejs.
Usually you want to distinguish requests for static content from requests for dynamic content by using a URL convention. For instance, all requests starting with /static/ will be served by nginx while anything else will be forwarded to node. The nginx config file would then be:
worker_processes auto;
daemon off;
events {
worker_connections 1024;
}
http {
server_tokens off;
upstream node-app {
ip_hash;
server 192.168.59.103:5000;
}
server {
listen 80;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 1d;
}
location /static/ {
alias /var/www/;
index index.html;
}
location / {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_pass http://node-app;
proxy_cache_bypass $http_upgrade;
}
}
}