51 lines
2.8 KiB
Markdown
51 lines
2.8 KiB
Markdown
### host-port-ingress-proxy
|
|
|
|
1. **Docker Container Setup**:
|
|
- The Docker container is based on the official NGINX Alpine image.
|
|
- Several environment variables are defined in the Dockerfile to configure the NGINX reverse proxy. These include `BACKEND_HOST`, `BACKEND_TCP_PORT`, `BACKEND_UDP_PORT`, and `ALLOWED_IPS`.
|
|
- The Dockerfile also installs `curl` for health checking purposes and includes a custom entrypoint script.
|
|
|
|
2. **NGINX Configuration**:
|
|
- A template for the NGINX configuration (`nginx.conf.template`) is used. This template is processed by the entrypoint script (`entrypoint.sh`) to replace placeholders with the actual environment variable values.
|
|
- The NGINX configuration sets up NGINX as a reverse proxy to forward TCP and UDP traffic to the configured backend host and ports. It also includes IP-based access control.
|
|
- Additionally, NGINX listens on a separate HTTP port (8080) with a specific location (`/healthz`) that always returns a `200 OK` response. This endpoint is used for health checks.
|
|
|
|
3. **Health Checking**:
|
|
- The Dockerfile defines a `HEALTHCHECK` instruction that uses `curl` to periodically check the health of the NGINX server by accessing the `/healthz` endpoint.
|
|
- If the health check fails (does not return `200 OK`), Docker marks the container as unhealthy.
|
|
|
|
4. **Running the Container**:
|
|
- When the container is run, the environment variables can be set to define the backend host, ports, and allowed IPs.
|
|
- Docker's health check mechanism monitors the container's health status by checking the `/healthz` endpoint.
|
|
|
|
### Mermaid Diagram
|
|
|
|
Here's a Mermaid diagram that visualizes the flow:
|
|
|
|
```mermaid
|
|
graph LR
|
|
subgraph Docker Container
|
|
NGINX[NGINX Reverse Proxy]
|
|
ENTRYPOINT[Entrypoint Script]
|
|
CONFIG[nginx.conf.template]
|
|
HEALTHCHECK[Health Check]
|
|
|
|
ENTRYPOINT -->|Processes| CONFIG
|
|
CONFIG -->|Configures| NGINX
|
|
NGINX -->|TCP/UDP Proxy| BACKEND[Backend Service]
|
|
NGINX -->|HTTP Health Check| HEALTHCHECK
|
|
HEALTHCHECK -->|curl /healthz| NGINX
|
|
end
|
|
|
|
USER[User] -->|TCP/UDP Request| NGINX
|
|
NGINX -->|Responds| USER
|
|
DOCKER[Docker Daemon] -->|Periodic Check| HEALTHCHECK
|
|
|
|
style NGINX fill:#f96,stroke:#333,stroke-width:2px
|
|
style BACKEND fill:#ff9,stroke:#333,stroke-width:2px
|
|
style USER fill:#9f6,stroke:#333,stroke-width:2px
|
|
style HEALTHCHECK fill:#6f9,stroke:#333,stroke-width:2px
|
|
style DOCKER fill:#f69,stroke:#333,stroke-width:2px
|
|
```
|
|
|
|
This diagram represents the flow of requests through the NGINX reverse proxy and how the health check mechanism works within the Docker container. The `NGINX Reverse Proxy` handles both TCP/UDP requests and health check requests, forwarding the former to the `Backend Service` and responding directly to the latter. The `Docker Daemon` periodically triggers the health check to ensure the NGINX server is functioning correctly. |