[英]How to create an nginx service in a docker swarm at port 443 and 80
I am trying to create an nginx service with 2 replicas in a docker swarm with 2 nodes in a production environment. 我正在尝试在生产环境中的2个节点的docker群中创建2个副本的nginx服务。 The nodes are created in digital ocean.
节点是在数字海洋中创建的。 This nginx service is to act as a reverse proxy (https<–> http) for the apache virtual hosts.
此nginx服务将充当apache虚拟主机的反向代理(https <–> http)。 To create the nginx service i use:
要创建nginx服务,请使用:
docker service create --replicas 2 -p 80:80 --p 443:443 --name webserver --mount type=bind,source=/environments/ssl-env,destination=/etc/nginx/ssl --mount type=bind,source=/conf/nginx.conf,destination=/etc/nginx/nginx.conf --mount type=bind,source=/middleware,destination=/etc/nginx/conf.d nginx
docker服务create --replicas 2 -p 80:80 --p 443:443 --name webserver --mount type = bind,source = / environments / ssl-env,destination = / etc / nginx / ssl --mount类型= bind,source = / conf / nginx.conf,目的地= / etc / nginx / nginx.conf-挂载类型= bind,source = /中间件,目的地= / etc / nginx / conf.d nginx
After i run this command the service fails to start, with not any helpful error message. 运行此命令后,服务无法启动,没有任何有用的错误消息。 However, only in the worker node the docker daemon listens to port 443:
但是,仅在工作程序节点中,docker守护程序会侦听端口443:
netstat -tulpn | grep :443
tcp6 0 0 :::443 :::* LISTEN 5797/dockerd
Also, when I comment the https sections in nginx.conf which listen to 443, my nginx service is created and runs successfully, but i want of course to use the https sections. 另外,当我在nginx.conf中对监听443的https部分进行注释时,我的nginx服务已创建并成功运行,但是我当然想使用https部分。 Do you have any idea?
你有什么主意吗? Docker version 17.05.0-ce, build 89658be.
Docker版本17.05.0-ce,内部版本89658be。 Here is a part of nginx.conf:
这是nginx.conf的一部分:
#http
server {
listen 80 ;
server_name api.hotelgenius.net;
# redirect http to https ##
rewrite ^ https://$server_name$request_uri permanent;
}
#https
#server {
listen 443 ;
server_name api.hotelgenius.net;
error_log /var/log/nginx/api_error.log;
access_log /var/log/nginx/api_access.log;
ssl on;
ssl_certificate /etc/nginx/ssl/api.hotelgenius.crt;
ssl_certificate_key /etc/nginx/ssl/api.hotelgenius.key;
ssl_client_certificate /etc/nginx/ssl/api.hotelgenius.cer;
location / {
proxy_pass http://hotelgenius/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
}
Nginx service is successfully deployed after replacing container names in nginx.conf with corresponding service names from the docker stack. 将nginx.conf中的容器名称替换为docker堆栈中的相应服务名称后,Nginx服务已成功部署。 For example before fix I had in nginx.conf
例如,在修复之前,我在nginx.conf中
location / {
proxy_pass http://hotelgenius/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
}
where 'hotelgenius' is the name of a container.I had to replace 'hotelgenius' with the service name, since in docker-compose.yml version 3 container names are no longer supported. 其中'hotelgenius'是容器的名称。我不得不用服务名称替换'hotelgenius',因为在docker-compose.yml版本中不再支持3容器名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.