1. 技术文章
  2. docker reverse proxy DNS/networking issues

docker reverse proxy DNS/networking issues

安稳与你 提交于 2019-12-07 14:50:15

问题


I'll try to explain and draw this out

What I want to achieve:

Sorry for the crappy paint diagram. Right now, it works perfectly if I hit it from the 10.10.10.0 network. The problem is DNS resolves jenkins.network.com to the 10.10.10.0 network. I want to go back through the proxy though as that has SSL termination to get to the sonarqube server. Is there a good way to accomplish this to keep the services behind the proxy? Do I need to create a second DNS server with the docker network on it? Is this possible to do with consul to have both the external and internal services point to the same domain name?

Edit: Doing something like this would work, since everything goes through the proxies. So when jenkins hits sonar, it think's its ip really is 10.10.10.51 and it can hit it through there.

What I need it to do: I need it to go out of the proxy, then come back in through the proxy. IE:

172.16.10.2 ---- 172.16.10.1 ----- 10.10.10.50 ----- Proxy then takes over to route to proper location (172.16.10.3:8080 or something)


回答1:


Since you didn't post your compose. I am making few assumptions. The compose assumed is below

version: '3'

services:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
  jenkins:
    image: jenkins
  sonar:
    image: sonarqube

And all of these run on 10.10.10.50. Now if you set the DNS to 10.10.10.20 inside and outside, both jenkins.network.com will resolve to 10.10.10.50. But inside the docker network you want jenkins.network.com to resolved to the IP of the container.

So if all above is correct then below is the simplest solution

version: '3'

service:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
  jenkins:
    image: jenkins
    networks:
      default:
        aliases:
          - jenkins.network.com
  sonar:
    image: sonar
    networks:
      default:
        aliases:
          - sonar.network.com

On the nginx image i can reach jenkins.network.com

root@be6492f18851:/# telnet jenkins.network.com 8080
Trying 172.23.0.3...
Connected to jenkins.network.com.
Escape character is '^]'.
Connection closed by foreign host.

And you can do that from both jenkins and sonar containers and get the same results

Edit-1

If you want the DNS to go through proxy, you can change the aliases to that network

version: '3'

service:
  nginx:
    image: nginx
    ports:
      - 80:80
      - 443:443
    depends_on:
      - jenkins
      - sonar
    networks:
      default:
        aliases:
          - sonar.network.com
          - jenkins.network.com
  jenkins:
    image: jenkins
  sonar:
    image: sonar



回答2:


how about use nginx to do reverse proxy?
if i didn't misunderstand, you want to listen 443 port
and reverse to 172.16.10.1
below is an nginx config example

server {
listen 443;
root /data/up1; 

location / {
  proxy_pass       172.16.10.1;
  proxy_set_header Host      $host;
  proxy_set_header X-Real-IP $remote_addr;
}

hope it helps



来源:https://stackoverflow.com/questions/46002372/docker-reverse-proxy-dns-networking-issues

标签
Docker
networking
proxy
consul
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!