如何配置nginx链接到docker容器?

时间:2017-12-13 18:30:19

标签: docker nginx iptables

需要帮助,花费超过30小时......真的需要帮助......谢谢

  

system:centos 7

我有 nginx docker容器(ps:gitlab),我有与nginx - docker容器(gitlab)连接的问题,使用git时什么都没得到。 xxx.com:8800尝试连接,我认为是配置问题,这是我的配置:

  

docker container(gitlab):

    sudo docker run -d \
    --hostname git.xxx.com \
    --publish 127.0.0.1:8800:80 \
    --publish 127.0.0.1:23:22 \
    --name gitlab \
    --memory 4gb \
    --cpus 2 \
    --restart always \
    --volume /Volumes/docker_gitlab/config:/etc/gitlab \
    --volume /Volumes/docker_gitlab/logs:/var/log/gitlab \
    --volume /Volumes/docker_gitlab/data:/var/opt/gitlab \
    --env GITLAB_OMNIBUS_CONFIG="external_url 'http://git.xxx.com:8800'; gitlab_rails['gitlab_shell_ssh_port']=23;" \
gitlab/gitlab-ce:latest
  

nginx的:

 server {
        listen *:8800;
        server_name git.xxx.com;
        location / {
            proxy_pass         http://172.17.0.2:80;
            proxy_redirect     off;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
        }
}
  

iptables -s:

[root@localhost ~]# iptables -S
-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT
-N DOCKER
-N DOCKER-ISOLATION
-N DOCKER-USER
-A FORWARD -j DOCKER-USER
-A FORWARD -j DOCKER-ISOLATION
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -o docker0 -j DOCKER
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 22 -j ACCEPT
-A DOCKER-ISOLATION -j RETURN
-A DOCKER-USER -j RETURN
  

尝试在centos中测试url连接:

curl -vvv 'http://127.0.0.1:8800'
* About to connect() to 127.0.0.1 port 8800 (#0)
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8800 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 127.0.0.1:8800
> Accept: */*
>
* Recv failure: Connection reset by peer
* Closing connection 0
curl: (56) Recv failure: Connection reset by peer
  

刚刚完成 !更新,当你使用docker run时.. docker会将iptables规则写入/ etc / sysconfig / iptables,所以不需要写规则manualy

     

docker container(gitlab):

    sudo docker run -d \
    --hostname git.xxx.com \
    --publish 30000:30000 \
    --publish 30001:22 \
    --name gitlab \
    --memory 4gb \
    --cpus 2 \
    --restart always \
    --volume /Volumes/docker_gitlab/config:/etc/gitlab \
    --volume /Volumes/docker_gitlab/logs:/var/log/gitlab \
    --volume /Volumes/docker_gitlab/data:/var/opt/gitlab \
    --env GITLAB_OMNIBUS_CONFIG="external_url 'http://git.xxx.com:30000'; gitlab_rails['gitlab_shell_ssh_port']=30001;" \
gitlab/gitlab-ce:latest
  

nginx:不需要改变任何东西

0 个答案:

没有答案
相关问题
最新问题