Nginx reverse proxy with ssl termination for rancher server
maintained by codedevote
This Dockerfile gives you a secured nginx reverse proxy that terminates ssl and proxy passes to a rancher server.
This image is based on marvambass/docker-nginx-ssl-secure and adds a nginx configuration file for rancher server (rancher/rancher).
View in Docker Hub codedevote/nginx-ssl-proxy-rancher
View in GitHub codedevote/docker-nginx-ssl-proxy-rancher
Environment variables and defaults
Inherited from base image
- default: 2048 (which takes a long time to create), for demo or unsecure applications you can use smaller values like 512
Required by this image
- default: localhost
- default: 8080
- default: rancher
Running codedevote/nginx-ssl-proxy-rancher container
All the information on running the base image also applies to this container.
- Since the nginx container needs to communicate with the rancher container, you need to make sure, there is a link between those two containers. You can either use the (deprecated) --link option to link the rancher container to the nginx container or you put both containers on a docker network (by creating one useing docker network create). There seems to be an issue (see #2) using the default docker bridge network, so make sure, you create a dedicated network and hook both containers to this network by adding the --net option to your docker run command.
- The rancher server can be reached from nginx container on the docker network at http://$RANCHER\_CONTAINER_NAME:$RANCHER\_PORT (for information on how to setup a rancher server refer to https://github.com/rancher/rancher).
- You bind-mount a directory to /etc/nginx/external with the following minimum contents:
- SSL certificate (chained for intermediate CAs) in a file called cert.pem
- Private key in a file called key.pem
- You can also put a dh.pem file here (see base image docs). If not, one will be created on first start.
To run this image you can use the following command:
docker run -d \ -p 80:80 -p 443:443 \ -e 'RANCHER_URL=rancher.example.org' \ -e 'RANCHER_CONTAINER_NAME=rancher' \ -e 'RANCHER_PORT=8080' \ -v $EXT_DIR:/etc/nginx/external/ \ codedevote/nginx-ssl-proxy-rancher
ashbyj: I am not sure if you still have the problem. Adding --link option to the command 'docker run --link <rancher container name> xxx xxx' should solve the problem.
Hi, sorry for late response, I did not receive a notification on this comment.
It should be quite simple to use another rancher server. The rancher.conf file has this hard-coded, but I can make it an environment variable.
Would that help you?
Hi, is there a way to pass the rancher server to use, other than assuming rancher:8080? I'm getting the following
foo.example.com> docker run -d -p 80:80 -p 8443:443 -e 'RANCHER_URL=foo.example.com' -v /etc/nginx/external/:/etc/nginx/external/ codedevote/nginx-ssl-proxy-rancher codedevote/nginx-ssl-rancher-server based on marvambass/nginx-ssl-secure Nginx reverse proxy with ssl termination for running rancher/server over https. >> no $DH_SIZE specified using default >> setting rancher url to foo.example.com >> copy /etc/nginx/external/*.conf files to /etc/nginx/conf.d/ >> exec docker CMD nginx 2016/04/22 18:33:27 [emerg] 1#1: host not found in upstream "rancher:8080" in /etc/nginx/conf.d/rancher.conf:5 nginx: [emerg] host not found in upstream "rancher:8080" in /etc/nginx/conf.d/rancher.conf:5