We Keep Coding

AWS Elastic Beanstalk with docker-compose.yml

I am trying to deploy several services using AWS Elastic Beanstalk with Docker running on Amazon Linux 2 platform.
Since, there are two services in my docker-compose.yml file:
version: '3.8'
services:
beanstalk-flask:
image: "anotheruserdocker/beanstalk-flask"
ports:
- "5000:5000"
tasks:
image: "xxxxx.dkr.ecr.us-east-1.amazonaws.com/xxx:xxx"
ports:
- "8080:8080"
I need to change nginx service configuration in order to proxy traffic to specific service.
I was following the documentation, in which it was noted that you can override the default nginx.conf with your own and in order to do it, you need to place your config file in the application source bundle, like so .platform/nginx/nginx.conf.
I have also included this include conf.d/elasticbeanstalk/*.conf; line in order to override it.
nginx.conf file:
# Elastic Beanstalk Nginx Configuration File
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
worker_rlimit_nofile 32633;
include conf.d/elasticbeanstalk/*.conf;
upstream service_1 {
server 172.17.0.1:8080;
keepalive 256;
}
upstream serivce_2 {
server 172.17.0.1:5000;
keepalive 256;
}
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include conf.d/*.conf;
map $http_upgrade $connection_upgrade {
default "upgrade";
}
server {
listen 80 default_server;
gzip on;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
access_log /var/log/nginx/access.log main;
location / {
proxy_pass http://service_1;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api {
proxy_pass http://service_2;
proxy_http_version 1.1;
}
# Include the Elastic Beanstalk generated locations
include conf.d/elasticbeanstalk/*.conf;
}
}
Once I'm uploading the application source bundle that looks like this:
docker-compose.yml
.platform/nginx/nginx.conf
the configuration doesn't change.
Am I missing something, is it a bug, or are there any other ways to change/modify the default nginx configuration?
Also, I have noticed that upon booting nginx.service isn't in running state, is it possible to start this service upon boot?
Thank you.

Found a possible solution.
During the creation of AWS Elastic Beanstalk environment (if you are using Load Balanced deployment type), you can add processes which Load Balancer will register(?).
Once I've added the processes (that run on 8080 and 5000 ports), I created additional listener for the Application Load Balancer that listens to traffic on port 5000 (I only did this for this port, because by default AWS Elastic Beanstalk environment creates a listener that forwards traffic to the target group of EC2 instance that was running on the specified 8080 port) and forwards it to the target group of the process that runs it on this port.
After doing these steps it worked.
Interestingly enough, I don't really know how this worked, I've connected to the EC2 instance and noticed that nginx.service was in inactive state.
Probably I don't understand clearly how this works behind the scenes, any clarifications would be much appreciated.
Thank you!
P.S.: Once I get enough reputation points, I'll attach some screenshots of the steps taken.

The Nginx service is not configured at all. With AWS Elastic Beanstalk with Docker running on Amazon Linux 2 + docker compose they assume you run Nginx in a container.
It's documented here: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/create_deploy_docker.container.console.html#docker-software-config

Bad Gateway when configuring nginx with. Django app container and Gunicorn

I'm using docker-compose to deploy a Django app on a VM with Nginx installed on the VM as a web server.
but I'm getting " 502 Bad gateway" I believe it's a network issue I think Nginx can't access the docker container! however, when I use the same configuration in an Nginx container it worked perfectly with the Django app but I need to use the installed one not the one with docker.
This is my docker-compose file:
version: "3.2"
services:
web:
image: ngrorra/newsapp:1.0.2
restart: always
ports:
- "8000:8000"
volumes:
- type: volume
source: django-static
target: /code/static
- type: volume
source: django-media
target: /code/media
environment:
- "DEBUG_MODE=False"
- "DB_HOST=…”
- "DB_PORT=5432"
- "DB_NAME=db_1”
- "DB_USERNAME=username1111"
volumes:
django-static:
django-media:
And this is my nginx.conf file:
upstream web_app {
server web:8000;
}
server {
listen 80;
location /static/ {
autoindex on;
alias /code/static/;
}
location /media/ {
autoindex on;
alias /code/media/;
}
location / {
proxy_pass http://web_app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
#For favicon
location /favicon.ico {
alias /code/assets/favicon.ico;
}
# Error pages
error_page 404 /404.html;
location = /404.html {
root /code/templates/;
}
}
Does anyone know what is the issue?
Thank you!

As commented above, using "web" as host name will not work, you could try localhost or the docker ip (you can get it using ifconfig in Ubuntu, for example).
For the network issue, I think you could create a new docker external network using docker network create and adding to your "network" [definition inside compose] (https://docs.docker.com/compose/networking/#use-a-pre-existing-network). Another possibility is to use the host as network
When I run docker aplications with Nginx, usualy I create first an external docker network with defined IP (using some docker network IP - usualy 172.x.x.x), then add a Nginx container to my docker-compose.yaml and my server inside nginx.conf is something like this:
upstream web_app {
server 172.x.x.x:8000;
}
.
.
.
It works without problems. Hope this can help you.

Elasticbeanstalk Nginx Reverse Proxy Conf for Different Server

I am looking to reverse proxy a different server IP from my application when a user goes to /blog on my website. I have set up what I believe to be the correct nginx location block configuration and successfully deployed an ebextension with the configuration, but when I navigate to /blog I receive the 404 page that is rendered from my application's server. On further inspection the request shows that the request was made to the application IP and not the IP address found in the /blog location block in my nginx setup. Can anyone help determine what might be wrong with either my ebextension, nginx or application setup that is preventing the nginx location block to work? I'm not sure how to test beyond requesting the url and checking the network resource tab in my develop tools.
Here is my ebextensions folder setup:
> ebextensions
=> nginx
==> conf.d
==- 01_nginx_blog_rp.config
-00_nginx_https_rw.config
-02_sequelize_db_migration.config
01_nginx_blog_rp.config:
files:
"/etc/nginx/conf.d/01_blog_proxy.conf":
mode: "000644"
owner: root
group: root
content: |
client_max_body_size 10M;
"/etc/nginx/conf.d/02_blog_location_block.conf":
mode: "000644"
owner: root
group: root
content: |
server {
location /blog {
proxy_pass http://xxx.xxx.xxx.xxx:2368;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
container_commands:
01_reload_nginx:
command: "sudo service nginx reload"

What you trying to achieve is not possible with just adding simple location block in conf.d.
You basically defining a new server block with location inside. This new server block is never used by nginx because you already have default server config generated by ElasticBeanstalk with configured listen and server_name directives. This two directives are used by nginx to decide where to forward request, therefore all incoming requests going to your application server and ignoring your customizations.
What you really need to do is to modify existing server block and add your location into it.
This can be done in a few different ways:
- Create new nginx config and delete default one.
In this aws documentation example they just adding a new .ebextensions/proxy.config and replace default nginx config with the custom one. Using this approach you can have a full control of your nginx configuration.
- Create new config and make it processed before default one.
If you still want to keep default config around you can just keep using your 00_nginx_https_rw.config name of config, this way nginx will process your config first, and if in your config you will have correct server_name and listen it will be used by nginx to process incoming request.
- Add hook to modify default config.
On AWS forum you can find another solution - add bash script hook to
modify existing config.

docker nginx connection refused while connecting to upstream

I use shiny server to build a web-app on port 3838, when i use nginx in my server it works well. But when I stop nginx on my server and try to use docker nginx, I find the site comes to a '502-Bad Gate Way' error and nginx log shows:
2016/04/28 18:51:15 [error] 8#8: *1 connect() failed (111: Connection refused) while connecting to upstream, ...
I install docker-nginx by this command:
sudo docker pull nginx
My docker command line is something like (for clear i add some indent):
sudo docker run --name docker-nginx -p 80:80
-v ~/docker-nginx/default.conf:/etc/nginx/conf.d/default.conf
-v /usr/share/nginx/html:/usr/share/nginx/html nginx
I create a folder name 'docker-nginx' in my home dir, move my nginx conf file in this folder, and then remove my original conf in etc/nginx dir just in case.
My nginx conf file looks like this:
server {
listen 80 default_server;
# listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
proxy_pass http://127.0.0.1:3838/;
proxy_redirect http://127.0.0.1:3838/ $scheme://$host/;
auth_basic "Username and Password are required";
auth_basic_user_file /etc/nginx/.htpasswd;
# enhance the performance
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}

You have to define upstream directly. Currently your nginx can not proxy to your web application.
http://nginx.org/en/docs/http/ngx_http_upstream_module.html
upstream backend {
server backend1.example.com weight=5;
server backend2.example.com:8080;
server unix:/tmp/backend3;
server backup1.example.com:8080 backup;
server backup2.example.com:8080 backup;
}
server {
location / {
proxy_pass http://backend;
}
}

My situation was running 3 containers, a nginx container and two containerized services. I was using the Nginx container as a reverse proxy for my go services.
Issue is the nginx container was looking for microservice ports in its own container environment. I didn't realize that at the time and I didn't use the docker-compose.yml then. When using docker-compose.yml file you specify a network and that's that.
So when running the containers you should use --net=host.
Info on that: What does --net=host option in Docker command really do?
This worked for me, I hope it saves someone the pain :):
docker run --net=host nginx:someTag
docker run --net=host service1:someTag

Bad Gateway 502 Error with Django, Gunicorn and Nginx

I am trying to run project on Django with Gunicorn and Nginx. On DigitalOcean OneClick install image my project works fine with no virtualenv and with global Django installation. But when I created virtual environment for different Django version I couldn't get it to work. So kindly someone please provide me some help with the multi site hosting on Ubuntu using virtual environment. Follwing is my Gunicorn settings for virtual environment:
description "Gunicorn daemon for Django project"
start on (local-filesystems and net-device-up IFACE=eth0)
stop on runlevel [!12345]
# If the process quits unexpectadly trigger a respawn
respawn
setuid django
setgid django
chdir /home/django
exec gunicorn \
--name=myproject2\
--pythonpath=myproject2\
--bind=127.0.0.1:9500 \
--config /etc/gunicorn.d/gunicorn.py \
myproject2.wsgi:application
My Nginx settings for the second project are:
upstream ashyanaa_server {
server 127.0.0.1:9500 fail_timeout=0;
}
server {
listen 80;
listen [::]:80;
root /home/django/myproject2;
index index.html index.htm;
client_max_body_size 4G;
server_name www.myproject2.com;
keepalive_timeout 5;
location ~* \.(jpg|jpeg|png|gif|ico|css|js|woff2|woff|ttf)$ {
expires 365d;
}
# Your Django project's media files - amend as required
location /media {
alias /home/django/myproject2/media/;
}
# your Django project's static files - amend as required
location static/static-only {
alias /home/django/myproject2/static-only/;
}
# Django static images
location /static/myproject2/images {
alias /home/django/myproject2/static-only/images/;
}
# Proxy the static assests for the Django Admin panel
location /static/admin {
alias /usr/lib/python2.7/dist-packages/django/contrib/admin/static/admin;
}
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://myproject2_server;
}
Only thing different in my first project settings from the second are that I am using virtual environment for the second project and obviously I had to use different port for new project.

'Bad Gateway' indicates that Nginx is having trouble connecting the the Gunicorn process.
Double check that the service that starts Gunicorn (the one defined by the upstart script you posted) is actually running
What happens when you do curl http://127.0.0.1:9500/? Do you get a response from Gunicorn?

This is due to lack of understanding about Nginx. I added www.mydomain.com in Nginx but I have habit of typing domain name without www in browser. I simply added "mydomain.com" and "www.mydomain.com". So now both working without error. For others to follow if you have all the settings correct and still getting 502 that means the address you are looking for is not listed in Nginx. It could be one of the reason. Thanks for help though guys.