如何configurationnginx链接到docker集装箱?
需要帮助,花费超过30小时…真的需要帮助…谢谢
系统:centos 7
我有nginx和docker的容器(ps:gitlab) ,我有问题与nginx连接 – docker容器(gitlab),我什么时候使用git.xxx.com:8800尝试连接,我认为是configuration问题,在这里是我的configuration:
docker集装箱(gitlab):
sudo docker run -d \ --hostname git.xxx.com \ --publish 127.0.0.1:8800:80 \ --publish 127.0.0.1:23:22 \ --name gitlab \ --memory 4gb \ --cpus 2 \ --restart always \ --volume /Volumes/docker_gitlab/config:/etc/gitlab \ --volume /Volumes/docker_gitlab/logs:/var/log/gitlab \ --volume /Volumes/docker_gitlab/data:/var/opt/gitlab \ --env GITLAB_OMNIBUS_CONFIG="external_url 'http://git.xxx.com:8800'; gitlab_rails['gitlab_shell_ssh_port']=23;" \ gitlab/gitlab-ce:latest nginx的:
server { listen *:8800; server_name git.xxx.com; location / { proxy_pass http://172.17.0.2:80; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; } }
iptables -s:
[root@localhost ~]# iptables -S -P INPUT ACCEPT -P FORWARD DROP -P OUTPUT ACCEPT -N DOCKER -N DOCKER-ISOLATION -N DOCKER-USER -A FORWARD -j DOCKER-USER -A FORWARD -j DOCKER-ISOLATION -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o docker0 -j DOCKER -A FORWARD -i docker0 ! -o docker0 -j ACCEPT -A FORWARD -i docker0 -o docker0 -j ACCEPT -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT -A DOCKER -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 22 -j ACCEPT -A DOCKER-ISOLATION -j RETURN -A DOCKER-USER -j RETURN
尝试在centos中testingurl连接:
curl -vvv 'http://127.0.0.1:8800' * About to connect() to 127.0.0.1 port 8800 (#0) * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8800 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 127.0.0.1:8800 > Accept: */* > * Recv failure: Connection reset by peer * Closing connection 0 curl: (56) Recv failure: Connection reset by peer
刚刚完成 ! 更新,当你使用docker运行..docker将写入/ etc / sysconfig / iptables的iptables规则,所以不需要写规则manualy
docker集装箱(gitlab):
sudo docker run -d \ --hostname git.xxx.com \ --publish 30000:30000 \ --publish 30001:22 \ --name gitlab \ --memory 4gb \ --cpus 2 \ --restart always \ --volume /Volumes/docker_gitlab/config:/etc/gitlab \ --volume /Volumes/docker_gitlab/logs:/var/log/gitlab \ --volume /Volumes/docker_gitlab/data:/var/opt/gitlab \ --env GITLAB_OMNIBUS_CONFIG="external_url 'http://git.xxx.com:30000'; gitlab_rails['gitlab_shell_ssh_port']=30001;" \ gitlab/gitlab-ce:latest
nginx:不需要改变任何东西