Home > Back-end >  how to communicate between two containers: nginx and nodjs
how to communicate between two containers: nginx and nodjs

Time:03-06

Ii'm having a hard time figuring out how to proxypass into a nodejs container from a nginx container.

seems to me that http://localhost:3000 would fall inside the nginx container...so I thought this setup would make sense:

nginx container:

podman run -d \
            --name nginx.main \
            -p 0.0.0.0:8081:8080 \
            -p 0.0.0.0:4431:4430 \
            -p 0.0.0.0:3001:3000 \
            -u root \
            -v /home/_secrets/certbot/_certs:/etc/nginx/_cert \
            -v /home/mee/_volumes/nginx_main:/etc/nginx \
            nginx

nodjs container:

podman run -d \
            -v /home/mee/dev/abd/:/usr/src/app -w /usr/src/app \
            -p 3000:3000 \
            --name next.dev node:latest \
            npm run dev

firewalld, routing from 3001 to 3000:

sudo firewall-cmd --add-port=3000/tcp --permanent
sudo firewall-cmd --add-port=3001/tcp --permanent
sudo firewall-cmd --permanent \
   --zone=mee_fd \
   --add-forward-port=port=3001:proto=tcp:toport=3000
sudo firewall-cmd --reload

nginx config:

location / {
                proxy_pass http://localhost:3000;
                add_header X-Frame-Options "SAMEORIGIN" always;
                add_header X-XSS-Protection "1; mode=block" always;
                add_header X-Content-Type-Options "nosniff" always;
                add_header Referrer-Policy "no-referrer-when-downgrade" always;
                add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
                # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
                # enable strict transport security only if you understand the implications
        }

really not sure how this should communicate... I've tried using the ipaddress instead of 'localhost', but I get the same response.

thanks

CodePudding user response:

To allow communication between containers you need to setup a shared networks, e.g. in .yaml (this can be done as well as on ci, report in .yaml only for sake of code):

version: '2'
services:
proxy:
build: ./
networks:
- example1
- example2
ports:
- 80:80
- 443:443

networks:
example1:
external:
name: example1_default
example2:
external:
name: example2_default

Then in your nginx config:

location / {
                proxy_pass http://myServiceName:3000; <-- note is not localhost but the name of node service
                add_header X-Frame-Options "SAMEORIGIN" always;
                add_header X-XSS-Protection "1; mode=block" always;
                add_header X-Content-Type-Options "nosniff" always;
                add_header Referrer-Policy "no-referrer-when-downgrade" always;
                add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
                # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
                # enable strict transport security only if you understand the implications
        }

Let me know

  • Related