Use Docker to create nginx Reverse proxy

Source: Internet
Author: User
Tags nginx reverse proxy
Automatically create a reverse nginx proxy for the docker container.

A reverse proxy server is a type of server usually located before a web server. it can provide attachments that are not provided by the web server itself.

For example, the reverse proxy can provide SSL termination, server load balancer, request routing, cache, compression, and even A/B testing.

When a docker container is used to run the web service, running a reverse proxy can simplify the deployment.

**

Why is reverse proxy used for docker?

**
Docker containers are assigned random IP addresses and ports, which makes it difficult to locate these containers from the client perspective. By default, these IP addresses and ports are private and cannot be accessed from outside unless they are bound to the host machine.

Binding a container to a host prevents containers running on the same port. For example, only one docker can be bound to port 80 at a time. In addition, this makes deploying new versions of containers more complex. Because the new version can only start the service after the old version stops the service.

Reverse proxy can solve these problems and improve reliability by providing zero downtime.

**

Generate reverse proxy configuration

**

When the container starts and stops, setting the reverse proxy configuration is a responsibility. The configuration usually needs to be updated manually, which takes a lot of time and is prone to errors.

Fortunately, docker provides a Remote Call API that can be observed easily and access the container's IP address and port. metadata has been configured. In addition, docker provides a real-time event API that can be used to send notifications when the container starts or stops. These APIs can be used to automatically generate reverse proxy configurations.

Docker-gen is a small application. It uses the docker API to import container metadata into the template. After the template is generated, you can use it to restart the service.

With docker-gen, you can automatically generate nginx configurations and reload nginx when the configurations change. The same method can be used in docker log management.

**

Nginx Reverse proxy for docker

**
The following nginx template example can be used to generate reverse proxy configurations for docker containers. This template uses golang. The groupby template function is used to group running containers. groups are based on VIRTUAL_HOST environment variables. This method simplifies the traversal of containers to generate the server load balancer backend and supports deployment with zero downtime.

{Range

Containers: = groupBy "Env. VIRTUAL_HOST "}}
Upstream {{

Host }}{

{Range

Value: = containers }}
{

Address: = index value. Addresses 0 }}
Server {{

Address. IP }}:{{ $ address. Port }};
{End }}
{End }}

}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name {{ $host }};location / {    proxy_pass http://{{ $host }};    include /etc/nginx/proxy_params;}

}
{End }}

This template runs with the following command:
Docker-gen-only-exposed-watch-restart y "/etc/init. d/nginx reload" templates/nginx. tmpl/etc/nginx/sites-enabled/default

-Only-exposed-only use the container that exposes the port. -watch-after running, observe the container events and regenerate the template. -policy "/etc/init. d/nginx reload "-reload nginx. templates/nginx. tmpl-nginx template. /etc/nginx/sites-enabled/default-target file.

The following is a template with two containers demo1 and demo2 configured:

Upstream demo1.localhost {
Server 172.17.0.4: 5000;
Server 172.17.0.3: 5000;
}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name demo1.localhost;location / {    proxy_pass http://demo.localhost;    include /etc/nginx/proxy_params;}

}

Upstream demo2.localhost {
Server 172.17.0.5: 5000;
}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name demo2.localhost;location / {    proxy_pass http://demo2.localhost;    include /etc/nginx/proxy_params;}

}

**

Try it

**

You can try to build it. Https://index.docker.io/u/jwilder/nginx-proxy/
Run the nginx proxy container:

Docker run-e VIRTUAL_HOST = foo.bar.com-t...

If you want to run other containers using HTTPS, you can view the github project to get more information.

**

Conclusion

**
Generate nginx Reverse proxy configuration for the docker container, which can be automatically completed by using the docker API. This method simplifies deployment and provides availability.

This solution is convenient for containers running on a single host. Provides configuration dependency service discovery for distributed hosts. You can check the docker service and find the solution.

Translation. See: http://jasonwilder.com/blog/2014/03/25/automated-nginx-reverse-proxy-for-docker/

A reverse proxy server is a type of server usually located before a web server. it can provide attachments that are not provided by the web server itself.

For example, the reverse proxy can provide SSL termination, server load balancer, request routing, cache, compression, and even A/B testing.

When a docker container is used to run the web service, running a reverse proxy can simplify the deployment.

**

Why is reverse proxy used for docker?

**
Docker containers are assigned random IP addresses and ports, which makes it difficult to locate these containers from the client perspective. By default, these IP addresses and ports are private and cannot be accessed from outside unless they are bound to the host machine.

Binding a container to a host prevents containers running on the same port. For example, only one docker can be bound to port 80 at a time. In addition, this makes deploying new versions of containers more complex. Because the new version can only start the service after the old version stops the service.

Reverse proxy can solve these problems and improve reliability by providing zero downtime.

**

Generate reverse proxy configuration

**

When the container starts and stops, setting the reverse proxy configuration is a responsibility. The configuration usually needs to be updated manually, which takes a lot of time and is prone to errors.

Fortunately, docker provides a Remote Call API that can be observed easily and access the container's IP address and port. metadata has been configured. In addition, docker provides a real-time event API that can be used to send notifications when the container starts or stops. These APIs can be used to automatically generate reverse proxy configurations.

Docker-gen is a small application. It uses the docker API to import container metadata into the template. After the template is generated, you can use it to restart the service.

With docker-gen, you can automatically generate nginx configurations and reload nginx when the configurations change. The same method can be used in docker log management.

**

Nginx Reverse proxy for docker

**
The following nginx template example can be used to generate reverse proxy configurations for docker containers. This template uses golang. The groupby template function is used to group running containers. groups are based on VIRTUAL_HOST environment variables. This method simplifies the traversal of containers to generate the server load balancer backend and supports deployment with zero downtime.

{Range

Containers: = groupBy "Env. VIRTUAL_HOST "}}
Upstream {{

Host }}{

{Range

Value: = containers }}
{

Address: = index value. Addresses 0 }}
Server {{

Address. IP }}:{{ $ address. Port }};
{End }}
{End }}

}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name {{ $host }};location / {    proxy_pass http://{{ $host }};    include /etc/nginx/proxy_params;}

}
{End }}

This template runs with the following command:
Docker-gen-only-exposed-watch-restart y "/etc/init. d/nginx reload" templates/nginx. tmpl/etc/nginx/sites-enabled/default

-Only-exposed-only use the container that exposes the port. -watch-after running, observe the container events and regenerate the template. -policy "/etc/init. d/nginx reload "-reload nginx. templates/nginx. tmpl-nginx template. /etc/nginx/sites-enabled/default-target file.

The following is a template with two containers demo1 and demo2 configured:

Upstream demo1.localhost {
Server 172.17.0.4: 5000;
Server 172.17.0.3: 5000;
}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name demo1.localhost;location / {    proxy_pass http://demo.localhost;    include /etc/nginx/proxy_params;}

}

Upstream demo2.localhost {
Server 172.17.0.5: 5000;
}

Server {
# Ssl_certificate/etc/nginx/certs/demo. pem;
# Ssl_certificate_key/etc/nginx/certs/demo. key;

gzip_types text/plain text/css application/json application/x-javascript           text/xml application/xml application/xml+rss text/javascript;server_name demo2.localhost;location / {    proxy_pass http://demo2.localhost;    include /etc/nginx/proxy_params;}

}

**

Try it

**

You can try to build it. Https://index.docker.io/u/jwilder/nginx-proxy/
Run the nginx proxy container:

Docker run-e VIRTUAL_HOST = foo.bar.com-t...

If you want to run other containers using HTTPS, you can view the github project to get more information.

**

Conclusion

**
Generate nginx Reverse proxy configuration for the docker container, which can be automatically completed by using the docker API. This method simplifies deployment and provides availability.

This solution is convenient for containers running on a single host. Provides configuration dependency service discovery for distributed hosts. You can check the docker service and find the solution.

The above describes how to create an nginx Reverse proxy using Docker. For more information, see other related articles in the first PHP community!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.