NGINX 容器作为其他容器的代理
NGINX container as a proxy for other containers
我正在尝试 运行 我的 UBUNTU 服务器上的容器,这些容器是:
- 带 bind9 的 DNS 服务器。
- NTP 服务器 cturra/ntp。
- 用于反向代理的 NGINX => 用于 DNS 和 NTP 的反向代理
我在同一个 yaml 文件中有这些容器:
version: '3'
services:
reverse-proxy-engine:
image: nginx
container_name: reverse-proxy-engine
volumes:
- ~/core/reverse-proxy/:/usr/share/nginx/
ports:
- "80:80"
- "443:443"
- "53:53"
- "123:123/udp"
depends_on:
- "DNS-SRV"
- "ntp"
DNS-SRV:
container_name: DNS-SRV
image: ubuntu/bind9
user: root
environment:
- TZ=UTC
volumes:
- ~/core/bind9/:/etc/bind/
ntp:
image: cturra/ntp
container_name: ntp
restart: always
read_only: true
tmpfs:
- /etc/chrony:rw,mode=1750
- /run/chrony:rw,mode=1750
- /var/lib/chrony:rw,mode=1750
environment:
- NTP_SERVERS=time.cloudflare.com
- LOG_LEVEL=0
运行在这个 yaml 文件之后,容器被创建并且我看到正确映射的端口:
admin@main-srv:~/core/yamls$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4720bae2a44c nginx "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 0.0.0.0:53->53/tcp, 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:123->123/udp reverse-proxy-engine
1681814f651e cturra/ntp "/bin/sh /opt/startu…" 6 seconds ago Up 5 seconds (health: starting) 123/udp ntp
dde2f9094b45 ubuntu/bind9 "docker-entrypoint.sh" 6 seconds ago Up 5 seconds 53/tcp DNS-SRV
我可以通过 使用端口 80 在浏览器上访问 nginx 网页,但我无法使用相同的 IP 来解析同一网络上的 DNS 或 NTP,但在容器网络中,它正在工作。
所以我认为 NGINX 端口暴露给 UBUNTU 服务器,但 DNS 和 NTP 端口没有暴露给 NGINX,对吗?我错过了什么?
下面是我的 NginX 配置文件:
events {
worker_connections 1024;
}
stream {
upstream dns_servers {
server DNS-SRV:53;
}
upstream ntp_server {
server ntp:123;
}
server {
listen 53 udp;
listen 53; #tcp
proxy_pass dns_servers;
error_log /var/log/nginx/dns.log info;
proxy_responses 1;
proxy_timeout 1s;
}
server {
listen 123 udp;
listen 123; #tcp
proxy_pass ntp_server;
error_log /var/log/nginx/ntp.log info;
proxy_responses 1;
proxy_timeout 1s;
}
}
到目前为止我觉得合乎逻辑,有什么想法吗?
我认为那是因为你没有为 bind 和 ntp 容器设置主机名,我使用下面的配置并让它工作
version: '3'
services:
reverse-proxy-engine:
image: nginx
container_name: reverse-proxy-engine
volumes:
- ~/core/reverse-proxy/:/usr/share/nginx/
- $PWD/nginx.conf:/etc/nginx/nginx.conf
ports:
- "80:80"
- "443:443"
- "53:53"
- "123:123/udp"
depends_on:
- "DNS-SRV"
- "ntp"
DNS-SRV:
container_name: DNS-SRV
hostname: DNS-SRV
image: ubuntu/bind9
user: root
environment:
- TZ=UTC
volumes:
- ~/core/bind9/:/etc/bind/
ntp:
image: cturra/ntp
container_name: ntp
hostname: ntp
restart: always
read_only: true
tmpfs:
- /etc/chrony:rw,mode=1750
- /run/chrony:rw,mode=1750
- /var/lib/chrony:rw,mode=1750
environment:
- NTP_SERVERS=time.cloudflare.com
- LOG_LEVEL=0
在上面的配置中,我为绑定和 ntp 容器添加了主机名,我还挂载了 nginx 配置并替换了默认配置。
低于nginx.conf配置
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
upstream dns_servers {
server DNS-SRV:53;
}
upstream ntp_server {
server ntp:123;
}
server {
listen 53 udp;
listen 53; #tcp
proxy_pass dns_servers;
error_log /var/log/nginx/dns.log info;
proxy_responses 1;
proxy_timeout 1s;
}
server {
listen 123 udp;
listen 123; #tcp
proxy_pass ntp_server;
error_log /var/log/nginx/ntp.log info;
proxy_responses 1;
proxy_timeout 1s;
}
}
注意:请确保您使用的绑定端口 80、443、53、123 未被其他应用程序使用。
我正在尝试 运行 我的 UBUNTU 服务器上的容器,这些容器是:
- 带 bind9 的 DNS 服务器。
- NTP 服务器 cturra/ntp。
- 用于反向代理的 NGINX => 用于 DNS 和 NTP 的反向代理
我在同一个 yaml 文件中有这些容器:
version: '3'
services:
reverse-proxy-engine:
image: nginx
container_name: reverse-proxy-engine
volumes:
- ~/core/reverse-proxy/:/usr/share/nginx/
ports:
- "80:80"
- "443:443"
- "53:53"
- "123:123/udp"
depends_on:
- "DNS-SRV"
- "ntp"
DNS-SRV:
container_name: DNS-SRV
image: ubuntu/bind9
user: root
environment:
- TZ=UTC
volumes:
- ~/core/bind9/:/etc/bind/
ntp:
image: cturra/ntp
container_name: ntp
restart: always
read_only: true
tmpfs:
- /etc/chrony:rw,mode=1750
- /run/chrony:rw,mode=1750
- /var/lib/chrony:rw,mode=1750
environment:
- NTP_SERVERS=time.cloudflare.com
- LOG_LEVEL=0
运行在这个 yaml 文件之后,容器被创建并且我看到正确映射的端口:
admin@main-srv:~/core/yamls$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4720bae2a44c nginx "/docker-entrypoint.…" 5 seconds ago Up 4 seconds 0.0.0.0:53->53/tcp, 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:123->123/udp reverse-proxy-engine
1681814f651e cturra/ntp "/bin/sh /opt/startu…" 6 seconds ago Up 5 seconds (health: starting) 123/udp ntp
dde2f9094b45 ubuntu/bind9 "docker-entrypoint.sh" 6 seconds ago Up 5 seconds 53/tcp DNS-SRV
我可以通过
所以我认为 NGINX 端口暴露给 UBUNTU 服务器,但 DNS 和 NTP 端口没有暴露给 NGINX,对吗?我错过了什么?
下面是我的 NginX 配置文件:
events {
worker_connections 1024;
}
stream {
upstream dns_servers {
server DNS-SRV:53;
}
upstream ntp_server {
server ntp:123;
}
server {
listen 53 udp;
listen 53; #tcp
proxy_pass dns_servers;
error_log /var/log/nginx/dns.log info;
proxy_responses 1;
proxy_timeout 1s;
}
server {
listen 123 udp;
listen 123; #tcp
proxy_pass ntp_server;
error_log /var/log/nginx/ntp.log info;
proxy_responses 1;
proxy_timeout 1s;
}
}
到目前为止我觉得合乎逻辑,有什么想法吗?
我认为那是因为你没有为 bind 和 ntp 容器设置主机名,我使用下面的配置并让它工作
version: '3'
services:
reverse-proxy-engine:
image: nginx
container_name: reverse-proxy-engine
volumes:
- ~/core/reverse-proxy/:/usr/share/nginx/
- $PWD/nginx.conf:/etc/nginx/nginx.conf
ports:
- "80:80"
- "443:443"
- "53:53"
- "123:123/udp"
depends_on:
- "DNS-SRV"
- "ntp"
DNS-SRV:
container_name: DNS-SRV
hostname: DNS-SRV
image: ubuntu/bind9
user: root
environment:
- TZ=UTC
volumes:
- ~/core/bind9/:/etc/bind/
ntp:
image: cturra/ntp
container_name: ntp
hostname: ntp
restart: always
read_only: true
tmpfs:
- /etc/chrony:rw,mode=1750
- /run/chrony:rw,mode=1750
- /var/lib/chrony:rw,mode=1750
environment:
- NTP_SERVERS=time.cloudflare.com
- LOG_LEVEL=0
在上面的配置中,我为绑定和 ntp 容器添加了主机名,我还挂载了 nginx 配置并替换了默认配置。
低于nginx.conf配置
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
upstream dns_servers {
server DNS-SRV:53;
}
upstream ntp_server {
server ntp:123;
}
server {
listen 53 udp;
listen 53; #tcp
proxy_pass dns_servers;
error_log /var/log/nginx/dns.log info;
proxy_responses 1;
proxy_timeout 1s;
}
server {
listen 123 udp;
listen 123; #tcp
proxy_pass ntp_server;
error_log /var/log/nginx/ntp.log info;
proxy_responses 1;
proxy_timeout 1s;
}
}
注意:请确保您使用的绑定端口 80、443、53、123 未被其他应用程序使用。