The behavior I want:
If the user goes to http://www.example.com/{anything-but-admin} one dokku app responds.
However if the user goes to http://www.example.com/admin a different dokku app responds.
Does dokku provide a simple way to do this? I believe I would have to disable the proxy port mapping and add a custom nginx implementation, but even if I do that, the docs specify
If a proxy is disabled, Dokku will bind your container's port to a random port on the host for every deploy, e.g. 0.0.0.0:32771->5000/tcp.
If this is the correct thing to do, how do I force a static port number, so I can add that port number to my custom nginx configuration?
You can deploy two apps and have one of the apps reference the other's upstream.
Related
I'm planning to build a website to host static files. Users will upload their files and I deploy bunch of deployments with nginx images on those to a Kubernetes node. My main goal is for some point, users will deploy their apps to a subdomain like my-blog-app.mysite.com. After some time users can use custom domains.
I understand that when I deploy an nginx image on a pod, I have to create a service to expose port 80 (or 443) to the internet via load balancer.
I also read about Ingress, looks like what I need but I don't think I understand that concept.
My question is, for example if I have 500 nginx pods running (each is a different website), do I need a service for every pod in that node (in this case 500 services)?
You are looking for https://kubernetes.io/docs/concepts/services-networking/ingress/#name-based-virtual-hosting.
With this type of Ingress, you route the traffic to the different nginx instances, based on the Host header, which perfectly matches your use-case.
In any case, yes, assuming your current architecture you need to have a service for each pod. Haven't you considered a different approach? Like having a general listener (nginx instances) and get the correct content based on authorization or something?
I have different versions of a backend service, and would like nginx to be like a "traffic cop", sending users ONLY to the currently online live backend service. Is there a simple way to do this without changing the nginx config each time I want to redirect users to a different backend service?
In this example, I want to shut down the live backend service and direct users to the test backend service. Then, vice-versa. I'm calling it a logical "traffic cop" which knows which backend service to direct users to.
I don't think adding all backend services to the proxy_pass using upstream load balancing will work. I think load balancing would not give me what I'm looking for.
I also do not want user root to update the /etc/hosts file on the machine, because of security and collision concerns with multiple programs editing /etc/hosts simultaneously.
I'm thinking of doing proxy_pass http://live-backend.localhost in nginx and using a local DNS server to manage the internal IP for live-backend-localhost which I can change (re-point to another backend IP) at any time. However, would nginx actually query the DNS server on every request, or does it resolve once then cache the IP forever?
Am I over-thinking this? Is there an easy way to do this within nginx?
You can use the backup parameter to the server directive so that the test server will only be used when the live one is down.
NGINX queries DNS on startup and caches it, so you'd still have to reload it to update.
I'm currently trying to run two containers on a single host, one being an application (Ruby on Rails) and the other Nginx as a reverse proxy and cache. The app is running on TCP port 80. What I want to be able to do is bring down my application container, remove it and then bring it up again without having to restart nginx. The problem is that Nginx only seems to look up the IP of the container once, so if it goes down then back up at a different address then Nginx will just complain that there's nothing there.
I've tried a few things:
Using resolver 127.0.0.11 valid=5 to use Docker's DNS
Using an upstream block
Using a variable to try to get nginx to resolve at runtime.
I'm not sure where else to look but none of these options work if the application is brought up on a different IP address. Is there something I'm missing making this impossible?
Thanks.
Ended up reading through the 12 factor app which inspired me to remove the Nginx proxying to Rails upstream altogether, and instead used it as a proxy cache which has an upstream of the external DNS name.
I've struggled for couple of weeks on this configuration.What I want to achieve can be listed as follows.
1.I registered a domain not long ago.And I've set up some web service on my VPS,such as a blog,a forum and Owncloud. Now I want to configured the Nginx so that I can run all the service on one VPS and one IP address. In order to run owncloud,I have to modify the /etc/php5/fpm/pool.d/www.confto listen = 9000.In this case,I can only get one service (Owncloud)function,because if I want to run the forum I must uncomment the listen = /var/run/php5-fpm.sock.What's more,I've tried to uncomment both of them,Nginx showed 502 afterwards.
2.I'm using Hexo as my blog.When I start the server,I can access into my blog on IP:4000.So I wonder if I could run my blog server on background and edit the posts online via a subdomain which has been redirected to port 4000.If it's possible,should I modify the nginx.conf or add something in sites-available?
3.Can I deploy different web services on different subdomain?Which file is to modify?It's said that I can achieve this by using reverse proxy?
Sorry for the pathetic English and expression.Thanks in advance.
Going at it point by point:
The advantage of PHP-FPM, which you are using, is that you can have multiple separate interpreters running in your pool. To do so, simply copy the file at /etc/php5/fpm/pool.d/www.conf to somewhere else, say /etc/php5/fpm/pool.d/forum.conf, change the listen directive, and you've got a second php interpreter running, entirely separate from the first one. That way owncloud (www) and your forum (forum) have their own distinct php.
This is called reverse-proxying. nginx does that well. You simply add a new site definition in sites-available that does reverse-proxying to port 4000 on your server, then symlink (or copy) that site definition to sites-enabled and restart nginx. You will have to setup Hexo to start automatically for that to work.
You can deploy different web services on different subdomains. As long as the dns is configured to point that name to your server, you can configure the server to respond differently for every subdomain using site definitions. You need to modify the files in sites-enabled to determine which names nginx knows how to respond to.
I have a dokku app configuring without a VHOST and the external port number changes upon each new deployment. How can I get access to a consistent external port? I noticed the internal port is consistent so I just need some direction on how to accomplish this.