2

I am trying to create an nginx service with 2 replicas in a docker swarm with 2 nodes in a production environment. The nodes are created in digital ocean. This nginx service is to act as a reverse proxy (https<–> http) for the apache virtual hosts. To create the nginx service i use:

docker service create --replicas 2 -p 80:80 --p 443:443 --name webserver --mount type=bind,source=/environments/ssl-env,destination=/etc/nginx/ssl --mount type=bind,source=/conf/nginx.conf,destination=/etc/nginx/nginx.conf --mount type=bind,source=/middleware,destination=/etc/nginx/conf.d nginx

After i run this command the service fails to start, with not any helpful error message. However, only in the worker node the docker daemon listens to port 443:

netstat -tulpn | grep :443
tcp6 0 0 :::443 :::* LISTEN 5797/dockerd

Also, when I comment the https sections in nginx.conf which listen to 443, my nginx service is created and runs successfully, but i want of course to use the https sections. Do you have any idea? Docker version 17.05.0-ce, build 89658be. Here is a part of nginx.conf:

#http
server {
    listen 80 ;
    server_name api.hotelgenius.net;
    # redirect http to https ##
    rewrite ^ https://$server_name$request_uri permanent;
}

#https
#server {
   listen 443 ;
   server_name api.hotelgenius.net;
   error_log /var/log/nginx/api_error.log;
   access_log /var/log/nginx/api_access.log;
   ssl on;
   ssl_certificate /etc/nginx/ssl/api.hotelgenius.crt;
   ssl_certificate_key /etc/nginx/ssl/api.hotelgenius.key;
   ssl_client_certificate /etc/nginx/ssl/api.hotelgenius.cer;

   location / {
       proxy_pass http://hotelgenius/;
       proxy_set_header Host $host;
       proxy_redirect http:// https://;
}
Tarun Lalwani
  • 142,312
  • 9
  • 204
  • 265
themis
  • 21
  • 1
  • 2
  • Check if something is already running on port `80`, one flag in your command is `-p` and one is `--p`, hope that is a typo – Tarun Lalwani Aug 29 '17 at 12:49
  • No nothing runs in 80. yes --p is a typo – themis Aug 29 '17 at 15:02
  • did you try `docker service logs` and also try `journalctl -n 10 -f` and then create service in another terminal and see if you can find any issues – Tarun Lalwani Aug 29 '17 at 20:11
  • i have a number of docker containers that i can deploy in a docker swarm such as apache, mysql, mongo, prerender. The problem is shown when i try to deploy the nginx container. I deploy the first 4 containers with docker-compose, and then i try to attach the nginx service in the docker swarm network created by the first 4 containers. I'm not sure if this is exactly right. Currently, i see from the docker service logs that nginx cannot find the prerender service – themis Aug 30 '17 at 08:05
  • Service discovery is only for docker services and not container run in non-swarm mode. So you should not be mixing both. Why don't you deploy nginx also using `stack` or `services` – Tarun Lalwani Aug 30 '17 at 08:28
  • Yes, of course. Now, I've attached the nginx service inside the docker compose,yml which is of version 3. Again, the nginx service fails with the following error: host not found in upstream "hotel-prerender-io:3000" in /etc/nginx/conf.d/nginx.conf:128. Note that if i deploy the containers not as services, with docker-compose.yml version 2 everything is fine – themis Aug 30 '17 at 08:43

1 Answers1

0

Nginx service is successfully deployed after replacing container names in nginx.conf with corresponding service names from the docker stack. For example before fix I had in nginx.conf

location / {
       proxy_pass http://hotelgenius/;
       proxy_set_header Host $host;
       proxy_redirect http:// https://;
}

where 'hotelgenius' is the name of a container.I had to replace 'hotelgenius' with the service name, since in docker-compose.yml version 3 container names are no longer supported.

themis
  • 21
  • 1
  • 2