Install Nginx In Docker Container

/ Comments off

Hey @Greg, this is a simple dockerfile to install nginx: #This is a sample Image FROM ubuntu MAINTAINER [email protected] RUN apt-get update RUN apt-get install –y nginx CMD “echo”,”Image created” answered Jul 23, 2019 by User101. Ask related question. There are a few ways to effectively configure HTTPs for an Nginx Docker Container. In this guide, we will quickly cover configuration through the use of free certificate authority Let’s Encrypt. For plenty of people, using Let’s Encrypt to configure HTTPS for an Nginx docker container is a good option.

  1. Install Nginx In Docker Container List
  2. Install Nginx In Docker Container
  3. Install Nginx In Docker Containers
  4. Install Nginx On Docker Container
  5. Install Nginx Inside Docker Container
  6. Install Nginx On Ubuntu Docker Container
  7. Install Nginx In Docker Container Code

If you are using Docker with Nginx as a Configuration Management System, learn how to use Logrotate to prevent the log files from growing out of control.

Jump to The Scenario, The Problem, or The Solution

Let’s turn on the Geek Mode for this article, and have a quick look at the summary on how tologrotate logs with Nginx running under a Docker container.

The Scenario

There are many ways one can automate the configuration of services. For example:

- Using Docker containers in clusters such as Kubernetes.
- Using Docker containers as Configuration Management Systems, to achieve infrastructure-as-code in a host.

The following scenario fits when you are using Docker as Configuration Management Systems. It does not suitif you are using Docker in clusters like kubernetes.

Example of Dockerfile with Nginx

The goal is to automate the configuration of a web server which runs Nginx. You decide,as part of the automation strategy, to use Docker containers for some services in the host.

You have Nginx running with docker. There are many ways to achieve this goal. Let’ssuppose that we have a Dockerfile such as the following:

This Dockerfile is capable of running a custom Nginx configuration, which is copied from the folder Nginx to/etc/nginx in the container with the command COPY nginx /etc/nginx.

Exporting the Nginx logs to the host

If we are using Docker as a Configuration Management System in a context of Infrastructure-as-Code, and notin a cluster such as Kubernetes, it is advisable to have the logs visible in the host.

Therefore, when we run this container in production, the folder in the container at /var/log/nginx must be accessibleat the host. The logs will also be persistent even when the container restarts.

This requires docker run to use the parameter --volume , -v. As an example, this commandcould be used to start the docker container:

- The previous commands assume that you have generated an image of the previous Dockerfile and namedit nginx-image.

- This running container binds the host ports 80 and 443.

- The logs at /var/log/Nginx/ are persistent and accessible from the host.

- The name of the running container is nginx-container

The previous example does not contemplate what actual website that you are exposing with Nginx. However,the example should be enough to understand the scenario.

The Problem

The advantage of this setup is rather than running Nginx in the host we are doing it in a container, effectivelyimplementing an infrastructure-as-code approach.

The problem is that the logs in /var/log/nginx/ folder will eventually grow out of control,as there is no log rotation set up.

The Solution

If we decide to configure logrotate to manage the log rotation, there are three potential options:

1. Configure logrotate in the Nginx container

It has the advantage that all the configuration of Nginx would beself-contained in the Dockerfile. The disadvantage is that you are running more than one process in the container(you need to have cron daemon as well as Nginx), therefore you won’t be followingDocker best practices.

2. Run logrotate in another Dockerfile, creating another Container with a very specific responsibility.

This would be consistent with the infrastructure-as-code approach, and it follows Docker best practices for containers,but somehow the container running logrotate needs to signal the container running Nginxto reopen the log files. I have not fully investigated this solution. Except for the container signal part,most of the configuration would be pretty similar to option 3.

3. Configure logrotate in the host.

The advantage is that it is easy to implement, the downfall is that youmight not be following the infrastructure-as-code approach. However, in our case, we have another configurationmanagement system that handles the host configuration (including the containers running in it). This is the solutionthat we have decided to implement.

Configuring logrotate with Nginx in the context of Docker containers

1 - Install logrotate:

2 - Add the configuration file for Nginx under Docker at the file /etc/logrotate.d/docker-Nginx

This configuration is pretty standard with logrotate. The only line which is worth mentioning isdocker kill --signal='USR1' nginx-container.

According to Nginx documentationsending the signal USR1 to a Nginx process forces it to reopen the logs.

Container

In the context of Docker, you can send a signal to the process running in the container withdocker kill command.

As Docker manages the configuration of Nginx, and requires things such as binding the host ports 80and 443, we know that we are not going to run more than one Nginx container in a host.This means that we also can define a meaningful name for the running container,which in this example is Nginx-container, allowing us to configure logrotateto signal the correct running container in the host.

To test the logrotate configuration:

1 - Make a dry run of this configuration with the following command:

2 - Once the dry run works as expected, force the execution of logrotate to fully confirm that is working and thatthere is no undesired side effects.

That’s all folks!

Deploy NGINX and NGINX Plus as the Docker container.

NGINX Plus, the high‑performance application delivery platform, load balancer, and web server, is available as the Docker container.

Prerequisites

Install Nginx In Docker Container List

Install nginx in docker container
  • Docker installation
  • Docker Hub account (NGINX Open Source)
  • nginx-repo.crt and nginx-repo.key files, Dockerfile for Docker image creation (NGINX Plus)

Running NGINX Open Source in a Docker Container

You can create an NGINX instance in a Docker container using the NGINX Open Source image from the Docker Hub.

Install Nginx In Docker Container

  1. Launch an instance of NGINX running in a container and using the default NGINX configuration with the following command:

    where:

    • mynginx1 is the name of the created container based on the NGINX image

    • the -d option specifies that the container runs in detached mode: the container continues to run until stopped but does not respond to commands run on the command line.

    • the -p option tells Docker to map the ports exposed in the container by the NGINX image (port 80) to the specified port on the Docker host. The first parameter specifies the port in the Docker host, the second parameter is mapped to the port exposed in the container

    The command returns the long form of the container ID: fcd1fb01b14557c7c9d991238f2558ae2704d129cf9fb97bb4fadf673a58580d. This form of ID is used in the name of log files.

  2. Verify that the container was created and is running with the docker ps command:

This command also allows viewing the port mappings set in the previous step: the PORTS field in the output reports that port 80 on the Docker host is mapped to port 80 in the container.

Running NGINX Plus in a Docker Container

Docker can also be used with NGINX Plus. The difference between using Docker with NGINX Open Source is that you first need to create an NGINX Plus image, because as a commercial offering NGINX Plus is not available at Docker Hub.

Note: Never upload your NGINX Plus images to a public repository such as Docker Hub. Doing so violates your license agreement.

Creating NGINX Plus Docker Image

To generate an NGINX Plus image:

  1. Create the Docker build context, or a Dockerfile:

  2. As with NGINX Open Source, default NGINX Plus image has the same default settings:

    • access and error logs are linked to the Docker log collector
    • no volumes are specified: a Dockerfile can be used to create base images from which you can create new images with volumes specified, or volumes can be specified manually:
    • no files are copied from the Docker host as a container is created: you can add COPY definitions to each Dockerfile, or the image you create can be used as the basis for another image
  3. Log in to MyF5 Customer Portal and download your nginx-repo.crt and nginx-repo.key files. For a trial of NGINX Plus, the files are provided with your trial package.

  4. Copy the files to the directory where the Dockerfile is located.

  5. Create a Docker image, for example, nginxplus (note the final period in the command).

    The --no-cache option tells Docker to build the image from scratch and ensures the installation of the latest version of NGINX Plus. If the Dockerfile was previously used to build an image without the --no-cache option, the new image uses the version of NGINX Plus from the previously built image from the Docker cache.

  6. Verify that the nginxplus image was created successfully with the docker images command:

  7. Create a container based on this image, for example, mynginxplus container:

  8. Verify that the mynginxplus container is up and running with the docker ps command:

NGINX Plus containers are controlled and managed in the same way as NGINX Open Source containers.

Managing Content and Configuration Files

Content served by NGINX and NGINX configuration files can be managed in several ways:

  • files are maintained on the Docker host
  • files are copied from the Docker host to a container
  • files are maintained in the container

Maintaining Content and Configuration Files on the Docker Host

When the container is created, you can mount a local directory on the Docker host to a directory in the container. The NGINX image uses the default NGINX configuration, which uses /usr/share/nginx/html as the container’s root directory and puts configuration files in /etc/nginx. For a Docker host with content in the local directory /var/www and configuration files in /var/nginx/conf, run the command:

Install Nginx In Docker Containers

Any change made to the files in the local directories /var/www and /var/nginx/conf on the Docker host are reflected in the directories /usr/share/nginx/html and /etc/nginx in the container. The readonly option means these directories can be changed only on the Docker host, not from within the container.

Copying Content and Configuration Files from the Docker Host

Docker can copy the content and configuration files from a local directory on the Docker host during container creation. Once a container is created, the files are maintained by creating a new container when files change or by modifying the files in the container.

A simple way to copy the files is to create a Dockerfile with commands that are run during generation of a new Docker image based on the NGINX image. For the file‑copy (COPY) commands in the Dockerfile, the local directory path is relative to the build context where the Dockerfile is located.

Let’s assume that the content directory is content and the directory for configuration files is conf, both subdirectories of the directory where the Dockerfile is located. The NGINX image has the default NGINX configuration files, including default.conf, in the /etc/nginx/conf.d directory. To use the configuration files from the Docker host only, delete the default files with the RUN command:

Install Nginx On Docker Container

Create NGINX image by running the command from the directory where the Dockerfile is located. The period (“.”) at the end of the command defines the current directory as the build context, which contains the Dockerfile and the directories to be copied:

Create a container mynginx3 based on the mynginx_image1 image:

To make changes to the files in the container, use a helper container as described in the next section.

Maintaining Content and Configuration Files in the Container

As SSH cannot be used to access the NGINX container, to edit the content or configuration files directly you need to create a helper container that has shell access. For the helper container to have access to the files, create a new image that has the proper Docker data volumes defined for the image:

  1. Copy nginx content and configuration files and define the volume for the image with the Dockerfile:

  2. Create the new NGINX image by running the following command:

  3. Create an NGINX container mynginx4 based on the mynginx_image2 image:

  4. Start a helper container mynginx4_files that has a shell, providing access the content and configuration directories of the mynginx4 container we just created:

    where:

    • the new mynginx4_files helper container runs in the foreground with a persistent standard input (the -i option) and a tty (the -t option). All volumes defined in mynginx4 are mounted as local directories in the helper container.
    • the debian argument means that the helper container uses the Debian image from Docker Hub. Because the NGINX image also uses Debian, it is most efficient to use Debian for the helper container, rather than having Docker load another operating system
    • the /bin/bash argument means that the bash shell runs in the helper container, presenting a shell prompt that you can use to modify files as needed

Install Nginx Inside Docker Container

To start and stop the container, run the commands:

To exit the shell but leave the container running, press Ctrl+p followed by Ctrl+q. To regain shell access to a running container, run this command:

Install Nginx On Ubuntu Docker Container

To exit the shell and terminate the container, run the exit command.

Managing Logging

You can use default logging or customize logging.

Using Default Logging

By default, the NGINX image is configured to send NGINX access log and error log to the Docker log collector. This is done by linking them to stdout and stderr: all messages from both logs are then written to the file /var/lib/docker/containers/container-ID/container-ID-json.log on the Docker host. The container‑ID is the long‑form ID returned when you create a container. To display the long form ID, run the command:

You can use both the Docker command line and the Docker Engine API to extract the log messages.

To extract log messages from the command line, run the command:

To extract log messages using the Docker Remote API, send a GET request using the Docker Unix sock:

Install Nginx In Docker Container Code

To include only access log messages in the output, include only stdout=1. To limit the output to error log messages, include only stderr=1. For other available options, see Get container logs section of the Docker Engine API documentation.

Using Customized Logging

If you want to configure logging differently for certain configuration blocks (such as server {} and location {}), define a Docker volume for the directory in which to store the log files in the container, create a helper container to access the log files, and use any logging tools. To implement this, create a new image that contains the volume or volumes for the logging files.

For example, to configure NGINX to store log files in /var/log/nginx/log, add a VOLUME definition for this directory to the Dockerfile (provided that content and configuration Files are managed in the container):

Then you can create an image and use it to create an NGINX container and a helper container that have access to the logging directory. The helper container can have any desired logging tools installed.

Container

Controlling NGINX

Install Nginx In Docker Container

Since there is no direct access to the command line of the NGINX container, NGINX commands cannot be sent to a container directly. Instead, signals can be sent to a container via Docker kill command.

To reload the NGINX configuration, send the HUP signal to Docker:

To restart NGINX, run this command to restart the container: