This guide helps you to deploy an NGINX in a Docker container using the D2C platform. It is an edge service which serve HTTP and HTTPS. D2C supports free Let’s Encrypt certificates, and you can see how it is easy in use. The guide might be helpful for beginners as well as for advanced developers.
Denis Zaripov
Product manager
Why Docker?
A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings. Containers isolate software from its surroundings, for example, differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.
Please, check out the original Docker post about containers for better understanding of all the benefits of the technology.
Preparing
I’m going to start with a project which already has a deployed application service. If you missed that guide, check out our guides for starting the runtime you need. In my case, it is a project with a Python app deployed on three hosts.
Creating NGINX service
Let’s click “+Create service” and find the NGINX bar.
Creating NGINX service. Service settings
Name
The name should start with a letter and contain up to 16 characters (Latin letters, numbers, hyphen).
Each service has its unique name. Services can communicate with each other by container names (or alias-names, e.g. finn).
Version
You can choose a version for your application from a list:
Creating NGINX service. Configure services
This is the most important block here. It is designed to configure any services from any project in your account. Sometimes it is useful to have just one NGINX which serves different application services from different projects.
You can choose what service NGINX serves by clicking on “+Add service config” button.
Let’s start with our python application called Shadow. After a click you can see a set of settings:
Protocol and Mode
You can choose the type of protocol: HTTP or HTTPS. The type can be changed after deployment. You may want to start with HTTP and then use HTTPS protocol.
Mode
The most common mode for applications is Proxy. There are also:
- uWSGI. Can be used for Ruby or Python applications
- FastCGI. Using for serving PHP-FPM applications
Config. HTTP
Clicking on “Generate config” button, you see an automatically generated config for the selected service:
The config is changeable. Click on “Edit” button if you need to change your config. You can back to defaults using “Generate new config” button.
Domains
By default, D2C generates a public domain like [servicename-www].[accountID].[at].d2c.io.
You can set your own domains clicking on “Own domains” selector.
Static
You can enable serving static files mode. It is required for PHP-FPM services. NGINX can serve static only on the same host.
Config. HTTPS
Let’s generate a new config with HTTPS.
Let’s Encrypt
After clicking on “Generate config” you see a generated config using Let’s Encrypt:
You can also change domains to your owns as described above.
Security Level
There are two security levels available:
- Medium (TLS 1, 1.1, 1.2)
- High (TLS 1.2)
Renewal
All Let’s Encrypt certificates issued using D2C renew automatically. The request for renewal is sent every day.
Own certificates
You can upload your own certificate. Use the left input for uploading HTTPS certificate (.crt) and the right one for HTTPS key (.key).
Creating NGINX service. Select hosts
In most of the cases, it is enough to set a name, version and choose what services NGINX should serve. You can now select hosts and create a service.
NGINX also has advanced settings. We show them below.
The one thing you need to understand at this step is that NGINX has enabled access from the Internet by default. 80 and 443 ports should be free at a host which you want to use for deploying NGINX. If D2C manages a host from scratch (using supported cloud providers, not the own one) the busy ports are shown on a host card:
After successful deployment your project should look like:
You can see a link to your application at a card of a service.
Creating NGINX service. Advanced settings
Click “Show advanced settings”.
Ports
The first block in this area is Ports.
Access from the Internet is enabled for NGINX by default. You can disable access from the Internet while creating or editing service.
Persistent data volumes
D2C separates the application itself from its data. Docker volumes are used to store persistent data. Data is stored locally on the hosts.
Configs
D2C creates a default nginx.conf for NGINX. You can change it using the “Edit” button.
Click on the “Generate new config” button if you need to return to default config.
Global dependencies
In this field, you can specify commands for installing global dependencies of your service.
Initial commands
Commands which are executed only once after deploying a service.
Environment variables
What next?
In the next article we talk about:
- maintaining edge services: checking container logs and metrics, updating version
