Reputation: 2932
How do I define a Reverse Proxy to a docker windows container
I am run a docker windows container on windows 10 anniversary edition and am looking to setup IIS as a reverse proxy to the container. Per https://blogs.technet.microsoft.com/virtualization/2016/05/25/windows-nat-winnat-capabilities-and-limitations/ it seems to suggest that it is an impossibility as it is impossible to reference the internal NAT range using local host. Which leaves a dynamically assigned IP address which can only be discover by running a docker inspect command after running the image. I am hoping there is a more efficient way that I am overlooking.
Upvotes: 10
Views: 8116
Answers (2)
Reputation: 4348
We also used a fixed ip address on our containers but we used another container with nginx to do the reverse proxy. The idea is that on our Container Host (Windows Server 2016) we only install Docker and nothing else. All configuration is done in the containers. This way we can easily migrate to another host.
This is the Dockerfile for the nginx proxy
FROM microsoft/windowsservercore
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
ARG NgInxVersion="1.13.5"
ENV NgInxZipUrl="http://nginx.org/download/nginx-${NgInxVersion}.zip"
RUN Invoke-WebRequest -Uri $env:NgInxZipUrl -UseBasicParsing -Outfile c:\\nginx.zip
RUN Expand-Archive -Path c:\\nginx.zip -DestinationPath c:\\nginx
WORKDIR "c:\\nginx\\nginx-${NgInxVersion}"
COPY ./nginx.conf conf\\nginx.conf
ENTRYPOINT powershell .\\nginx.exe
Notice that the nginx.conf is copied to the nginx configuration folder. It contains the reverse proxy settings. Extract from http node for one of our sites:
server {
listen 80;
server_name somesite.mydomain.com;
location / {
proxy_pass http://172.22.108.6/;
}
}
The nginx container should be run with -p 80:80
When we add new containers we run a powershell script that updates the nginx.conf and reloads nginx. (this will be rare)
Example:
- A user browses to http://somesite.mydomain.com
- Our DNS redirects somesite.mydomain.com to ip of our Container Host
- Since port
80is exposed to nginx container, request goes there - nginx will proxy the request to
172.22.108.6 - User sees the webpage running on container with ip
172.22.108.6
Upvotes: 7
Reputation: 2932
We solved this problem by assigning an IP address on the default subnet to each Windows container and exporting port 80 out of the container. This gave us a stable address to put into an ARR Reverse proxy rule. For example the following creates a container at the address 172.20.118.129 and then verifies the container is running at the requested address.
PS C:\WINDOWS\system32> docker run -d --name myservice --ip=172.20.118.129 microsoft/iis:nanoserver
7d20d8a131805727868ddf85f7c1f455fa2489bb2607b250e694a9e530a61302
PS C:\WINDOWS\system32> docker inspect -f "{{ .NetworkSettings.Networks.nat.IPAddress }}" myservice
172.20.118.129
Upvotes: 3
Related Questions
- Docker container, how to use host proxy
- Docker at Windows 10 proxy propagation to containers not working
- Configure Docker to use a proxy server
- How to configure docker container proxy?
- Accessing a docker container URL on Windows host
- How to setup reverse proxy with nginx in windows server 2019 using docker?
- How to use nginx on Docker for Windows as reverse proxy for localhost?
- How to set proxy in docker toolbox?
- Docker on Windows with a proxy
- docker proxy pull windows 10