How to run Nginx within a Docker container without halting?

Question

I have Nginx installed on a Docker container, and am trying to run it like this:

docker run -i -t -p 80:80 mydockerimage /usr/sbin/nginx

The problem is that the way Nginx works, is that the initial process immediately spawns a master Nginx process and some workers, and then quits. Since Docker is only watching the PID of the original command, the container then halts.

How do I prevent the container from halting? I need to be able to tell it to bind to the first child process, or stop Nginx's initial process from exiting.

johntellsall · Answer 1 · 2019-04-04T19:58:18.963

286

To expand on Charles Duffy's answer, Nginx uses the daemon off directive to run in the foreground. If it's inconvenient to put this in the configuration file, we can specify it directly on the command line. This makes it easy to run in debug mode (foreground) and directly switch to running in production mode (background) by changing command line args.

To run in foreground:

nginx -g 'daemon off;'

To run in background:

nginx

edited Apr 04 '19 at 19:58

answered Jan 22 '15 at 22:38

johntellsall

14,394
4
46
40

7

Can someone explain what "-g" actually is? I can't find this switch in the docs only this one example with nginx using it. – red888 Aug 19 '17 at 18:35
15

@red888, sets a global configuration option. – Charles Duffy Dec 04 '17 at 23:19
22

`CMD` will be `CMD ["nginx", "-g", "daemon off;"] ` [for docker](https://github.com/duwamish-os/nginx-base/blob/master/Dockerfile#L9) – prayagupa Aug 28 '19 at 01:15
4

And without the semicolon at the end it dies – blissweb Nov 26 '21 at 08:38
1

Strangely `-g 'daemon off;'` doesn't seem to work for me. Only putting that line in the config file seems to work. – Tom Ellis Dec 17 '21 at 22:14
http://nginx.org/en/docs/ngx_core_module.html#daemon – Mickey Perlstein Feb 02 '23 at 11:17

score 212 · Accepted Answer · answered Sep 17 '13 at 23:04

212

nginx, like all well-behaved programs, can be configured not to self-daemonize.

Use the daemon off configuration directive described in http://wiki.nginx.org/CoreModule.

answered Sep 17 '13 at 23:04

Charles Duffy

280,126
43
390
441

21

Thanks! To clarify, that means editing /etc/nginx/nginx.conf and adding "daemon off;" at the top (i.e. not inside a server or other directive) – Seldo Sep 17 '13 at 23:12
7

I'm somewhat concerned that [`daemon off` isn't endorsed by nginx](http://nginx.org/en/docs/faq/daemon_master_process_off.html). – Leonid Shevtsov Nov 22 '13 at 22:06
10

@LeonidShevtsov ...you mean _wasn't_ endorsed for production use prior to 1.0.9. The standing caveat, about in-place upgrades, doesn't matter to folks doing things The Docker Way. – Charles Duffy Nov 22 '13 at 22:39
They seem to have a redirection in place server-side now (to http://nginx.org/en/docs/ngx_core_module.html). – Charles Duffy May 10 '17 at 15:46
@Seldo nginx: [emerg] "daemon" directive is not allowed here in /etc/nginx/conf.d/nginx.conf:1 – Firsh - justifiedgrid.com May 23 '22 at 14:54
@Firsh-justifiedgrid.com, as the docs say, it's only allowed in the `main` context. I'd need to see how/where your `conf.d/nginx.conf` is included into the larger configuration to know which context is active for the line in question; no "edit this specific file" rule can be always accurate for every possible system, without knowing how the rest of that system is configured. – Charles Duffy May 23 '22 at 14:55
@CharlesDuffy Thank you I found the larger configuration! – Firsh - justifiedgrid.com May 23 '22 at 16:53

score 85 · Answer 3 · edited Aug 17 '17 at 14:33

85

To expand on John's answer you can also use the Dockerfile CMD command as following (in case you want it to self start without additional args)

CMD ["nginx", "-g", "daemon off;"]

edited Aug 17 '17 at 14:33

Paritosh Piplewar

7,982
5
26
41

answered Nov 27 '16 at 10:52

Tomer Ben David

8,286
1
43
24

score 37 · Answer 4 · answered Oct 22 '19 at 11:02

37

Just FYI, as of today (22 October 2019) official Nginx docker images all have line:

CMD ["nginx", "-g", "daemon off;"]

e.g. https://github.com/nginxinc/docker-nginx/blob/23a990403d6dbe102bf2c72ab2f6a239e940e3c3/mainline/alpine/Dockerfile#L117

answered Oct 22 '19 at 11:02

number5

15,913
3
54
51

score 16 · Answer 5 · answered Apr 26 '17 at 10:19

16

Adding this command to Dockerfile can disable it:

RUN echo "daemon off;" >> /etc/nginx/nginx.conf

answered Apr 26 '17 at 10:19

Afshin Mehrabani

33,262
29
136
201

score 10 · Answer 6 · answered Dec 24 '18 at 10:02

10

To add Tomer and Charles answers,

Syntax to run nginx in forground in Docker container using Entrypoint:

ENTRYPOINT nginx -g 'daemon off;'

Not directly related but to run multiple commands with Entrypoint:

ENTRYPOINT /bin/bash -x /myscripts/myscript.sh && nginx -g 'daemon off;'

answered Dec 24 '18 at 10:02

Nitb

366
5
15

1

Nitb is adding to Tomer, Tomer is adding to John, and John is adding to Charles. It would be nice if this site had a public editing function. – forresthopkinsa Nov 22 '20 at 03:43

score 8 · Answer 7 · answered Sep 17 '13 at 23:38

8

Here you have an example of a Dockerfile that runs nginx. As mentionned by Charles, it uses the daemon off configuration:

https://github.com/darron/docker-nginx-php5/blob/master/Dockerfile#L17

answered Sep 17 '13 at 23:38

creack

116,210
12
97
73

4

And the offical Nginx Dockerfile at: https://github.com/dockerfile/nginx/blob/master/Dockerfile#L15 – Ciro Santilli OurBigBook.com May 22 '14 at 14:24

score 3 · Answer 8 · answered Apr 08 '20 at 17:08

For all who come here trying to run a nginx image in a docker container, that will run as a service

As there is no whole Dockerfile, here is my whole Dockerfile solving the issue.

Nice and working. Thanks to all answers here in order to solve the final nginx issue.

FROM ubuntu:18.04
MAINTAINER stackoverfloguy "stackoverfloguy@foo.com"
RUN apt-get update -y
RUN apt-get install net-tools nginx ufw sudo -y
RUN adduser --disabled-password --gecos '' docker
RUN adduser docker sudo
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
USER docker
RUN sudo ufw default allow incoming
RUN sudo rm /etc/nginx/nginx.conf
RUN sudo rm /etc/nginx/sites-available/default
RUN sudo rm /var/www/html/index.nginx-debian.html
VOLUME /var/log
VOLUME /usr/share/nginx/html
VOLUME /etc/nginx
VOLUME /var/run
COPY conf/nginx.conf /etc/nginx/nginx.conf
COPY content/* /var/www/html/
COPY Dockerfile /var/www/html
COPY start.sh /etc/nginx/start.sh
RUN sudo chmod +x /etc/nginx/start.sh
RUN sudo chmod -R 777 /var/www/html
EXPOSE 80
EXPOSE 443
ENTRYPOINT sudo nginx -c /etc/nginx/nginx.conf -g 'daemon off;'

And run it with:

docker run -p 80:80 -p 443:443 -dit

Not very useful without your "start.sh" script. And if you have 777 permissions on your HTML content, if your container is compromised, attackers can change the content. Why does any user need to write to anything in your container? And why do you add the docker user and then use sudo to do everything? Again if you are compromised : having sudo could be a problem, you don't need it. Keep your container slim. Or use the nginx image from docker hub written by people who understand security. — Max Allan, Jun 10 '21 at 14:41
This line of code saved me : `ENTRYPOINT sudo nginx -c /etc/nginx/nginx.conf -g 'daemon off;'`. Thank you. — zahra_oveyedzade, Feb 11 '22 at 07:29

score 2 · Answer 9 · answered Aug 25 '14 at 14:52

2

It is also good idea to use supervisord or runit[1] for service management.

[1] https://github.com/phusion/baseimage-docker

answered Aug 25 '14 at 14:52

Kunthar

472
1
5
15

I think docker explicitly recommends against such configurations. Docker and all the tooling around docker is expecting that exactly one service is running inside the container. If you need to run a full-fledged Linux distribution inside a container, lxd or systemd-nspawn is a better choice. – Eugene Morozov Sep 22 '22 at 13:33
You are actually right @EugeneMorozov But as you know, sometimes someone needs a solution called as not a best practice but simply get the job done at year 2014. You would still run only one service and still would need the supervise it, if it is healthy or not. Now in 2022 it is not advisable to use supervisord though. One can use docker-compose container health check or Alpine derivatives to achieve success. – Kunthar Sep 23 '22 at 19:07

score 0 · Answer 10 · answered Dec 19 '21 at 00:25

In the official notes for the official NGINX image on DockerHub it states:

If you add a custom CMD in the Dockerfile, be sure to include -g daemon off; in the CMD in order for nginx to stay in the foreground, so that Docker can track the process properly (otherwise your container will stop immediately after starting)!

This makes me thing removing the CMD [] might prevent this issue from occurring in the first place?

score 0 · Answer 11 · answered May 29 '23 at 02:49

0

In new versions of the public container, a script is now default, so no need to add command/entrypoint

See also: https://stackoverflow.com/a/64991442/1736679

answered May 29 '23 at 02:49

Efren

4,003
4
33
75

How to run Nginx within a Docker container without halting?

11 Answers11

Linked