在由Docker拉出的Spring Boot应用中实现LetsEncrypt [英] Implement LetsEncrypt in Spring Boot app that is being pulled by docker

问题描述

我正在尝试在Spring Boot应用程序中实现 LetsEncrypt .我正在使用docker进行部署，正在本地创建一个docker映像，将其推送到docker hub，然后使用此docker命令 docker run -d -p 80:80 myapp:latest 在Ubuntu中运行它这只是 http ，所以现在我尝试使用 LetsEncrypt ，但是我不知道该怎么做.任何帮助或对某些链接的任何方向将不胜感激.谢谢

I am trying to implement LetsEncrypt on Spring Boot app. I am using docker to deploy, I am creating a docker image locally, pushing it to docker hub and then running it in Ubuntu using this docker command docker run -d -p 80:80 myapp:latest and this is just http so now I am trying to use LetsEncrypt but I don’t know how to do it. Any help or any direction towards some links would be highly appreciated. Thanks

推荐答案

体系结构:需要反向代理+容器编排工具

如果您的Spring-Boot容器仅处理HTTP请求，则可以将其与 TLS终止代理链接，它将接受传入的TLS连接并将请求转发到您的容器.

Architecture: need for a reverse proxy + a container orchestration tool

If your Spring-Boot container serves HTTP-only requests, you can link it with a TLS termination proxy, which will accept incoming TLS connections and forward requests to your container.

有许多反向代理实现，它们可以起到TLS终止代理的作用(请参阅

Many implementations of reverse proxys are available, which can play this role of TLS termination proxy (see this paragraph on Wikipedia), using e.g. Let's Encrypt as you suggest.

这些实现中的大多数也可以作为Docker映像使用，因此您可能希望依赖于容器编排工具，例如 docker-compose.yml 创建一个专用网络，以使两个容器进行通信(或使用更复杂的 Kubernetes ).

Most of these implementations are also available as Docker images, so you may want to rely on a container orchestration tool such as docker-compose along with a docker-compose.yml to create a private network for the two containers to communicate (or, use a more involved orchestration solution such as Kubernetes).

要给出一些实现此目的的Docker映像示例，例如，您可以使用这些流行的反向代理之一(前两个在

To give a few examples of Docker images that implement this, you could for instance use one of these popular reverse proxys (the first two being mentioned in Gitea's doc):

• NGINX (也捆绑在 https-portal 以自动生成证书)，
• > Apache2 httpd ，
• Træfik ，它另外提供了一个监控仪表板"作为网络应用程序(另请参见官方文档，其中提供了有关自动证书生成的许多详细信息)

• NGINX (also bundled in projects like https-portal to automate the certificate generation),
• Apache2 httpd,
• Træfik, which additionally provides a "monitoring dashboard" as a webapp (see also the official doc that gives many details on automatic certificate generation)

这篇关于在由Docker拉出的Spring Boot应用中实现LetsEncrypt的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！