Skip to content

Docker

Jump to bottom
Joris edited this page Nov 6, 2018 · 2 revisions

Infrastructure

https://github.com/jwilder/nginx-proxy

https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion

Technology stack

  • Docker swarm (Cluster)
  • Portainer (Management UI)
  • nginx or Traefik (Reverse Proxy)
  • Let's encrypt (Certificates)
  • Auto Deployment (Watchtower)

Portainer

version: '2'

services:
  portainer:
    image: portainer/portainer
    ports:
      - "9000:9000"
    command: -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data

volumes:
  portainer_data:

Reverse Proxy

Without ssl

version: '2'

services:
  nginx-proxy:
    image: jwilder/nginx-proxy
    ports:
      - "80:80"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro

  whoami:
    image: jwilder/whoami
    environment:
      - VIRTUAL_HOST=whoami.local

Test

docker-compose up -d // -d detached mode (runs in background)
curl -H "Host: whoami.local" localhost

Architecture with ssl Docker Architecture

$ docker run -d -p 80:80 -p 443:443 \
    --name nginx-proxy \
    -v /path/to/certs:/etc/nginx/certs:ro \
    -v /etc/nginx/vhost.d \
    -v /usr/share/nginx/html \
    -v /var/run/docker.sock:/tmp/docker.sock:ro \
    --label com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy \
    jwilder/nginx-proxy

Compose Proxy

todo

Let's Encrypt

docker run -d \
    -v /path/to/certs:/etc/nginx/certs:rw \
    -v /var/run/docker.sock:/var/run/docker.sock:ro \
    --volumes-from nginx-proxy \
    jrcs/letsencrypt-nginx-proxy-companion

Compose let's encrypt

todo

Example Application with automatic ssl cert creation

docker run -d \
    --name example-app \
    -e "VIRTUAL_HOST=test.mobilegees.com" \
    -e "LETSENCRYPT_HOST=test.mobilegees.com" \
    -e "LETSENCRYPT_EMAIL=joris.baiutti@gmail.com" \
    tutum/apache-php

MQTTTalk

docker run -d \
    -p 5000:80/tcp \
    -e "VIRTUAL_HOST=mqttalk2.mobilegees.com" \
    -e "LETSENCRYPT_HOST=mqttalk2.mobilegees.com" \
    -e "LETSENCRYPT_EMAIL=joris.baiutti@gmail.com" \
    index.docker.io/mqttalk/dev:latest

Auto Deployment

Watchtower watch privat docker hub

docker run -d \
  --name watchtower \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -e "REPO_USER=<Docker Hub User>" \
  -e "REPO_PASS=<Docker Hub PW>" \
  v2tec/watchtower --interval 30 --debug

SQLServer

sudo docker run -e 'ACCEPT_EULA=Y' -e 'SA_PASSWORD=<YourStrong!Passw0rd>' \
   -p 1433:1433 --name sql1 \
   -d mcr.microsoft.com/mssql/server:2017-latest

Logo

Clone this wiki locally