您可以在不公开任何端口的情况下将nginx反向代理用于Docker容器吗? [英] Can you use nginx reverse proxy to docker containers without exposing any ports?

问题描述

我想知道是否可以将nginx与docker compose一起用作api网关/反向代理/ssl终止点，而不会暴露其后面的容器上的任何端口. IE.当容器链接通过nginx进行通信时，我只想使用由docker compose创建的Intranet.理想情况下，唯一可公开访问的端口是nginx上的端口443(ssl).这可行吗?还是我必须公开容器上的端口?

I'd like to know if it's possible to use nginx with docker compose as an api gateway / reverse proxy / ssl termination point without exposing any ports on the containers behind it. I.e. I want to use only the intranet created by docker compose when the containers are linked to communicate past nginx. Ideally the only publicly accessible port will be port 443 (ssl) on nginx. Is this doable? Or do I have to expose ports on my containers?

推荐答案

是可行的.

只需在同一个docker-compose.yml中的一个容器中定义您的应用程序，在另一个容器中定义nginx.链接他们.并且只在nginx容器中公开443端口.

Just define your application in one container and nginx in another container, both in the same docker-compose.yml. Link them. And only expose the 443 port in nginx container.

docker-compose.yml

docker-compose.yml

nginx:
    image: nginx
    links:
        - node1:node1
        - node2:node2
        - node3:node3
    ports:
        - "443:443"
node1:
    build: ./node
node2:
    build: ./node
node3:
    build: ./node

更多信息: http://anandmanisankar.com/posts/docker-container-nginx-node-redis-example/

致谢

这篇关于您可以在不公开任何端口的情况下将nginx反向代理用于Docker容器吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！