I am trying to create an nginx service with 2 replicas in a docker swarm with 2 nodes in a production environment. The nodes are created in digital ocean. This nginx service is to act as a reverse proxy (https<–> http) for the apache virtual hosts. To create the nginx service i use:
docker service create --replicas 2 -p 80:80 --p 443:443 --name webserver --mount type=bind,source=/environments/ssl-env,destination=/etc/nginx/ssl --mount type=bind,source=/conf/nginx.conf,destination=/etc/nginx/nginx.conf --mount type=bind,source=/middleware,destination=/etc/nginx/conf.d nginx
After i run this command the service fails to start, with not any helpful error message. However, only in the worker node the docker daemon listens to port 443:
netstat -tulpn | grep :443
tcp6 0 0 :::443 :::* LISTEN 5797/dockerd
Also, when I comment the https sections in nginx.conf which listen to 443, my nginx service is created and runs successfully, but i want of course to use the https sections. Do you have any idea? Docker version 17.05.0-ce, build 89658be. Here is a part of nginx.conf:
#http
server {
listen 80 ;
server_name api.hotelgenius.net;
# redirect http to https ##
rewrite ^ https://$server_name$request_uri permanent;
}
#https
#server {
listen 443 ;
server_name api.hotelgenius.net;
error_log /var/log/nginx/api_error.log;
access_log /var/log/nginx/api_access.log;
ssl on;
ssl_certificate /etc/nginx/ssl/api.hotelgenius.crt;
ssl_certificate_key /etc/nginx/ssl/api.hotelgenius.key;
ssl_client_certificate /etc/nginx/ssl/api.hotelgenius.cer;
location / {
proxy_pass http://hotelgenius/;
proxy_set_header Host $host;
proxy_redirect http:// https://;
}
Nginx service is successfully deployed after replacing container names in nginx.conf with corresponding service names from the docker stack. For example before fix I had in nginx.conf
where 'hotelgenius' is the name of a container.I had to replace 'hotelgenius' with the service name, since in docker-compose.yml version 3 container names are no longer supported.