Closed BraunreutherA closed 9 years ago
giovannicandido
commented
9 years ago Hi,
What is the output of docker logs nginx?
When jira and others start, the nginx container will use the VIRTUAL_HOST variable to create the vhost, and will force the use of SSL if that is configured (my example have SSL). Do you have SSL?
BraunreutherA
commented
9 years ago Hi,
the docker logs gave me this:
dockergen.1 | 2015/05/12 15:59:01 Generated '/etc/nginx/conf.d/default.conf' from 1 containers dockergen.1 | 2015/05/12 15:59:01 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:01 Watching docker events dockergen.1 | 2015/05/12 15:59:01 Received event start for container 57fa7efbb327 dockergen.1 | 2015/05/12 15:59:01 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:01 Received event die for container 57fa7efbb327 dockergen.1 | 2015/05/12 15:59:01 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:02 Received event start for container fcf1ec8475a3 dockergen.1 | 2015/05/12 15:59:02 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:02 Received event start for container ee9bf8b36f73 dockergen.1 | 2015/05/12 15:59:02 Generated '/etc/nginx/conf.d/default.conf' from 3 containers dockergen.1 | 2015/05/12 15:59:02 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:03 Received event start for container 291d78fe6c9f dockergen.1 | 2015/05/12 15:59:03 Generated '/etc/nginx/conf.d/default.conf' from 4 containers dockergen.1 | 2015/05/12 15:59:03 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:03 Received event start for container 0233ca725daa dockergen.1 | 2015/05/12 15:59:03 Generated '/etc/nginx/conf.d/default.conf' from 5 containers dockergen.1 | 2015/05/12 15:59:03 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:04 Received event start for container 053eba6bd3e5 dockergen.1 | 2015/05/12 15:59:04 Generated '/etc/nginx/conf.d/default.conf' from 6 containers dockergen.1 | 2015/05/12 15:59:04 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:04 Received event start for container edc9b44370f1 dockergen.1 | 2015/05/12 15:59:04 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:04 Received event die for container edc9b44370f1 dockergen.1 | 2015/05/12 15:59:04 Contents of /etc/nginx/conf.d/default.conf did not change. Skipping notification 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:05 Received event start for container cffb6fbf3aa3 dockergen.1 | 2015/05/12 15:59:05 Generated '/etc/nginx/conf.d/default.conf' from 7 containers dockergen.1 | 2015/05/12 15:59:05 Running 'nginx -s reload' dockergen.1 | 2015/05/12 15:59:05 Error running notify command: nginx -s reload, exit status 1 nginx.1 | 2015/05/12 15:59:12 [error] 37#0: 4 connect() failed (111: Connection refused) while connecting to upstream, client: 92.75.72.172, server: internal.ibalopo.de, request: "GET / HTTP/1.1", upstream: "http://172.17.0.63:8080/", host: "internal.ibalopo.de" nginx.1 | 2015/05/12 15:59:13 [error] 37#0: 4 connect() failed (111: Connection refused) while connecting to upstream, client: 92.75.72.172, server: internal.ibalopo.de, request: "GET /favicon.ico HTTP/1.1", upstream: "http://172.17.0.63:8080/favicon.ico", host: "internal.ibalopo.de", referrer: "https://internal.ibalopo.de/"
Yes i configured ssl the way you described it. I created the certs and placed hem in /opt/certs. SSL seams to work correctly but then i get a bad gateway again.
Thanks, Alex
giovannicandido
commented
9 years ago By the logs, the problem is the connection between the containers. To make a diagnostic:
publish: ["8080:8080"]There are two ways to expose ports to containers:
The first is to link then, the link is like a private network. I do that for the postgresql container, the port on postgresql is accessible only for the containers and not for the outside world.
The second way is by exposing the port. All other application use this approach because the link between then is combinatory of N factorial, or we have to force the communication through the proxy
Here is a working crane.yml file it could help you. Is a little complex as I use several applications linked and with Single Single On, and with secondary ports to bypass a problem in atlassian application links with SSL
containers:
pgsql_datastore:
image: busybox
run:
volume: ["/data"]
cmd: ["echo","'pgsql data'"]
detach: true
postgresql:
image: atende/postgresql:9.4
run:
volumes-from: ["pgsql_datastore"]
detach: true
postgresql_test:
image: atende/postgresql:9.4
run:
env: ["USER=super","PASS=pass"]
detach: true
nginx:
image: atende/nginx-proxy
run:
volume: ["/opt/certs:/etc/nginx/certs","/var/run/docker.sock:/tmp/docker.sock"]
publish: ["80:80","443:443"]
detach: true
jira_home:
image: busybox
run:
volume: ["/opt/jira-home"]
cmd: ["echo","'jira data'"]
detach: true
confluence_home:
image: busybox
run:
volume: ["/opt/confluence-home"]
cmd: ["echo","'confluence data'"]
detach: true
stash_home:
image: busybox
run:
volume: ["/opt/stash-home"]
cmd: ["echo","'stash data'"]
detach: true
crowd_home:
image: busybox
run:
volume: ["/opt/crowd-home"]
cmd: ["echo","'crowd data'"]
detach: true
bamboo_home:
image: busybox
run:
volume: ["/opt/bamboo-home"]
cmd: ["echo","'bamboo data'"]
detach: true
jira:
image: atende/jira
run:
env: ["VIRTUAL_HOST=projetos.atende.info","PROXY_SCHEME=https","VIRTUAL_PORT=8080","PROXY_PORT=443","PROXY_SECURED=true","SECONDARY_NO_SSL_PORT=8081","CROWD_URL=https://auth.atende.info","CROWD_APPLICATION_NAME=jira","CROWD_PASSWORD=pass"]
volumes-from: ["jira_home"]
publish: ["8080:8080","8081:8081"]
link: ["postgresql:db"]
detach: true
confluence:
image: atende/confluence
run:
env: ["VIRTUAL_HOST=wiki.atende.info","VIRTUAL_PORT=8090","PROXY_SCHEME=https","PROXY_PORT=443","PROXY_SECURED=true","SECONDARY_NO_SSL_PORT=8091","CROWD_URL=https://auth.atende.info","CROWD_APPLICATION_NAME=confluence","CROWD_PASSWORD=pass"]
volumes-from: ["confluence_home"]
publish: ["8090:8090","8091:8091"]
link: ["postgresql:db"]
detach: true
stash:
image: atende/stash
run:
env: ["VIRTUAL_HOST=code.atende.info","VIRTUAL_PORT=7990","PROXY_SCHEME=https","VIRTUAL_PORT=7990","PROXY_PORT=443","PROXY_SECURED=true","SECONDARY_NO_SSL_PORT=7991","CROWD_URL=https://auth.atende.info","CROWD_APPLICATION_NAME=stash","CROWD_PASSWORD=pass"]
volumes-from: ["stash_home"]
publish: ["7990:7990","7991:7991","7999:7999"]
link: ["postgresql:db"]
detach: true
crowd:
image: atende/crowd
run:
env: ["VIRTUAL_HOST=auth.atende.info","PROXY_SCHEME=https","PROXY_PORT=443","PROXY_SECURED=true"]
volumes-from: ["crowd_home"]
publish: ["8095:8095"]
link: ["postgresql:db"]
detach: true
bamboo:
image: atende/bamboo
run:
env: ["VIRTUAL_HOST=build.atende.info","PROXY_SCHEME=https","VIRTUAL_PORT=8085","PROXY_PORT=443","PROXY_SECURED=true","SECONDARY_NO_SSL_PORT=8086","CROWD_URL=https://auth.atende.info","CROWD_APPLICATION_NAME=bamboo","CROWD_PASSWORD=pass"]
volumes-from: ["bamboo_home"]
publish: ["8085:8085","8086:8086"]
link: ["postgresql:db","postgresql_test:testdb"]
detach: true
Wow, thank you a lot! I used your crane file, chnged the urls to mine and now it works :)
Thanks for the great support!
Ps.: You could change the sample crane file in the repo for this one. I tried it first with the other one and got the errors.
giovannicandido
commented
9 years ago Yeah, I will change the sample file, thanks for the tip
Hi,
I've tried now several times to get you're atlassian docker images up and running but it dosn't work. I always get bad gateway responses. I followed your tutorial and set up the sub domains to the server ip and had the crane script running which worked well. I checked the nginx and tomcat configurations which seam to be right.
Can you help me there?