victorzadorozhnyy
@victorzadorozhnyy

Как правильно задать хост NGINX (esc контейнер)?

Нужна помощь с конфигом
Есть проеть с 4 контейнерами frontend, api и 2 nginx
Пытаюсь выгрузить в кластер aws ecs es2
при старте контейнеров выдает следующую ошибку (depends_on от nginx к контейнерам поставил)
[emerg] 1#1: host not found in upstream "frontend" in /etc/nginx/conf.d/default.conf:63

proxy_pass http://frontend:3000;
proxy_pass http://api:3000;
На локальной машине запускаю так
ngnix-forontend
server {
      listen         80;  // на сервере открыт только 443
      server_name    default localhost nginx-frontend frontend;
      return         301 https://$server_name$request_uri;
}

server {
    listen                    443;
    server_name               default localhost nginx-frontend frontend;

    # add Strict-Transport-Security to prevent man in the middle attacks
    add_header Strict-Transport-Security "max-age=31536000"; 

    ssl_certificate           /etc/nginx/certs/cert.crt;
    ssl_certificate_key       /etc/nginx/certs/cert.key;
    ssl                       on;
    ssl_session_cache         builtin:1000  shared:SSL:10m;
    ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers               HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout  5;

    gzip on;
    gzip_vary on;
    gzip_disable "MSIE [1-6]\.";
    gzip_proxied any;
    gzip_http_version 1.1;
    gzip_min_length  1000;
    gzip_comp_level  6;
    gzip_buffers  16 8k;
    gzip_types  text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml;

    ignore_invalid_headers on;
    client_header_timeout  60s;
    client_body_timeout 60s;
    send_timeout   60s;
    reset_timedout_connection on;
    client_header_buffer_size 2560k;
    large_client_header_buffers 4 2560k;
    client_max_body_size 20M;
    client_body_buffer_size 16k;

	location / {
        proxy_pass          http://frontend:3000;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_set_header    Host      $http_host;
        proxy_pass_header   Authorization;
        if ($http_origin ~* "^https?://localhost$") {
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header Access-Control-Allow-Origin $http_origin;
        }
        if ($http_origin ~* "^https?://frontend$") {
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header Access-Control-Allow-Origin $http_origin;
        }
        if ($http_origin ~* "^https?://nginx-frontend$") {
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header Access-Control-Allow-Origin $http_origin;
        }
    }
}

ngnix-api
server {
       listen         80;
       server_name     default localhost nginx-api api;
       return         301 https://$server_name$request_uri;
}

server {
    listen                    443;
    server_name               default localhost nginx-api api;

    ssl_certificate           /etc/nginx/certs/cert.crt;
    ssl_certificate_key       /etc/nginx/certs/cert.key;
    ssl                       on;
    ssl_session_cache         builtin:1000  shared:SSL:10m;
    ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers               HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    # add Strict-Transport-Security to prevent man in the middle attacks
    add_header Strict-Transport-Security "max-age=31536000"; 

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout  5;

    gzip on;
    gzip_vary on;
    gzip_disable "MSIE [1-6]\.";
    gzip_proxied any;
    gzip_http_version 1.1;
    gzip_min_length  1000;
    gzip_comp_level  6;
    gzip_buffers  16 8k;
    gzip_types  text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml;

    ignore_invalid_headers on;
    client_header_timeout  60s;
    client_body_timeout 60s;
    send_timeout   60s;
    reset_timedout_connection on;
    client_header_buffer_size 2560k;
    large_client_header_buffers 4 2560k;
    client_max_body_size 20M;
    client_body_buffer_size 16k;

    location / {
        set $cors 'true';
        if ($http_origin ~* (^https?://(localhost(:3000)?|frontend(:3000))$)) {
            set $cors 'true';
        }

        if ($cors != 'true') {
            return 401;
        }

        if ($request_method = 'OPTIONS') {
            # Tell client that this pre-flight info is valid for a day
            add_header 'Access-Control-Max-Age' 86400;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            add_header 'Access-Control-Allow-Origin' "$http_origin" always;
            add_header 'Access-Control-Allow-Credentials' 'true' always;
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
            return 204;
        }

        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
        add_header 'Access-Control-Allow-Credentials' 'true' always;
        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
        add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
        # required to be able to read Authorization header in frontend
        #add_header 'Access-Control-Expose-Headers' 'Authorization' always;

        proxy_pass          http://api:3000;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_set_header    Host      $http_host;
     }
 }
  • Вопрос задан
  • 187 просмотров
Пригласить эксперта
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Войти через TM ID
Похожие вопросы
от 250 000 до 360 000 руб.
D2C.io Екатеринбург
от 45 000 руб.
Wheely Москва
До 230 000 руб.
15 авг. 2018, в 23:38
300 руб./за проект
15 авг. 2018, в 22:39
60000 руб./за проект
15 авг. 2018, в 21:18
30000 руб./за проект