How to setup docker architecture

Question

I'd like to have the following configuration:

               Docker Containers   

||||||||||||      ||||||||||||      ||||||||||||
|          |      |          |      |          |
|          |      |          |      |          |
|          | <--> |          | <--> |          |
|          |      |          |      |          |
|          |      |          |      |          |
||||||||||||      ||||||||||||      ||||||||||||
   nginx           web server         postgres

With the following setup:

1. Nginx

   • change nginx.conf
   • add an appropriate sites-available entry
   • link config sites-enabled

2. PostgreSQL

   • setup user login and password

3. Web Server

   • clone from repository
   • build release version
   • run server process

I have a couple of questions as well:

a) how to pass secrets to Docker like API keys, passwords and so on?

b) is this possible to clone repo from docker or there is other way to do that?

c) how and where deploy such applications?

d) is that setup even possible?

Answer 1

This setup is very common with docker. I'd recommend you look into using docker-compose (example) because it makes setting it up drastically easier.

Passing in secrets is done through environment variables at docker run time. If you have many you can store them in an env-file.

Yes, you can clone a repo from a docker container or during a docker build. Cloning a private repo during a docker build is currently not feasible (without exposing your credentials) so it's usually recommended to clone your repo before running docker build.

Answer 2

a) usually pass secrets through environment variables, this is easy for containers to use.

b) yes, you can, if you want clone a public repo, you can do it in Dockerfile with RUN git clone repo; also you can pull you repo at Entrypoint if you want make sure your repo is updated.

c) emm...I don't know how to answer this, maybe docker docs?

d) this setup is possible, but here is some advices:

• you can try using nginx-proxy which is easier to make reserve proxy to your web server container.
• using Volume to serve your web contents, so you can bind volume to nginx container and serve your static contents with nginx.
• build a data only container for your database, you can check this post

Answer 3

This is piece of cake with Docker and Docker-Compose. All you need are suitable containers where you can pass the parameters on startup. Afterwards the compose-template can be moved around and instanced multiple times.

The containers communicate through links and docker provides hostnames for handling changing ip addresses.

This is an example for setting up the Jira web application with a postgres database. This should be analogous to your example. An nginx server can be added as easily.

jira:
  image: blacklabelops/jira
  ports:
    - '8100:8080'
  volumes:
    - /opt/atlassian-home
  environment:
    - 'DATABASE_URL=postgresql://jiradb@postgresql/jiradb'
    - 'DB_PASSWORD=jellyfish'
  links:
    - postgresql
postgresql:
  image: sameersbn/postgresql:9.4-1
  ports:
    - '5432:5432'
  environment:
    - 'PSQL_TRUST_LOCALNET=true'
    - 'DB_USER=jiradb'
    - 'DB_PASS=jellyfish'
    - 'DB_NAME=jiradb'

The Jira server will be available with localhost:8100 and the database will be available with localhost:5432