Deploy NGINX service with D2C.io

This guide helps you to deploy an NGINX in a Docker container using the D2C platform. It is an edge service which serve HTTP and HTTPS. D2C supports free Let’s Encrypt certificates, and you can see how it is easy in use. The guide might be helpful for beginners as well as for advanced developers. 

Denis Zaripov

Product manager

Why Docker?

A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings. Containers isolate software from its surroundings, for example, differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.

Please, check out the original Docker post about containers for better understanding of all the benefits of the technology.

Preparing

I’m going to start with a project which already has a deployed application service. If you missed that guide, check out our guides for starting the runtime you need. In my case, it is a project with a Python app deployed on three hosts.

Creating NGINX service

Let’s click “+Create service” and find the NGINX bar. 

You can also find there NGINX+Cluster and NGINX+Static. Check out guides about them.

Creating NGINX service. Service settings

Name

The name should start with a letter and contain up to 16 characters (Latin letters, numbers, hyphen).

Each service has its unique name. Services can communicate with each other by container names (or alias-names, e.g.  finn).

Version

You can choose a version for your application from a list:

Creating NGINX service. Configure services

This is the most important block here. It is designed to configure any services from any project in your account. Sometimes it is useful to have just one NGINX which serves different application services from different projects.

You can choose what service NGINX serves by clicking on “+Add service config” button.

Let’s start with our python application called Shadow. After a click you can see a set of settings:

Protocol and Mode

You can choose the type of protocol: HTTP or HTTPS. The type can be changed after deployment. You may want to start with HTTP and then use HTTPS protocol.

Mode

The most common mode for applications is Proxy. There are also:

  • uWSGI. Can be used for Ruby or Python applications
  • FastCGI. Using for serving PHP-FPM applications
Config. HTTP

Clicking on “Generate config” button, you see an automatically generated config for the selected service:

The config is changeable. Click on “Edit” button if you need to change your config. You can back to defaults using “Generate new config” button. 

Domains

By default, D2C generates a public domain like [servicename-www].[accountID].[at].d2c.io.

You can set your own domains clicking on “Own domains” selector.

Static

You can enable serving static files mode. It is required for PHP-FPM services. NGINX can serve static only on the same host.

Config. HTTPS

Let’s generate a new config with HTTPS. 

Let’s Encrypt

After clicking on “Generate config” you see a generated config using Let’s Encrypt:

You can also change domains to your owns as described above

Security Level

There are two security levels available:

  • Medium (TLS 1, 1.1, 1.2)
  • High (TLS 1.2)
Renewal

All Let’s Encrypt certificates issued using D2C renew automatically. The request for renewal is sent every day.

Own certificates

You can upload your own certificate. Use the left input for uploading HTTPS certificate (.crt) and the right one for HTTPS key (.key).

Creating NGINX service. Select hosts

In most of the cases, it is enough to set a name, version and choose what services NGINX should serve. You can now select hosts and create a service. 

NGINX also has advanced settings. We show them below.

The one thing you need to understand at this step is that NGINX has enabled access from the Internet by default. 80 and 443 ports should be free at a host which you want to use for deploying NGINX. If D2C manages a host from scratch (using supported cloud providers, not the own one) the busy ports are shown on a host card:

After successful deployment your project should look like:

You can see a link to your application at a card of a service.  

Creating NGINX service. Advanced settings

Click “Show advanced settings”.

Ports

The first block in this area is Ports.

Access from the Internet is enabled for NGINX by default. You can disable access from the Internet while creating or editing service.

Persistent data volumes

D2C separates the application itself from its data. Docker volumes are used to store persistent data. Data is stored locally on the hosts.

Configs

D2C creates a default nginx.conf for NGINX. You can change it using the “Edit” button.

Click on the “Generate new config” button if you need to return to default config.

Global dependencies 

In this field, you can specify commands for installing global dependencies of your service. 

Initial commands

Commands which are executed only once after deploying a service. 

Environment variables
You can specify environment variables for your application. They can be edited after creating a service.

What next?

In the next article we talk about:

  • maintaining edge services: checking container logs and metrics, updating version