0

I have one container running a java app and another container running a nginx server

The container running java app sometime needs to update the nginx.config file in the nginx container and send the reload command to it

I Know that i can share container's directory, but can i send cli command to another container?

Is it possible achieve this scenario using docker and runing the java app and nginx in differents containers?

Just Khaithang
  • 1,217
  • 1
  • 14
  • 24
Yorbenys Pardo Rodríguez
  • 173
  • 2
  • 12
  • This sounds like a bad design. Why do it like this? – Thorbjørn Ravn Andersen Jul 30 '19 at 22:04
  • @ThorbjørnRavnAndersen The problem is I want an isolate nginx container for stream some videos over rtmp, and one java app that organize this job writing int the nginx config file. Write into the nginx.conf file is really ease, the problem is tell to nginx reload its config file – Yorbenys Pardo Rodríguez Jul 30 '19 at 22:19
  • You _can_, but the more straightforward ways to do it involve giving the calling container unrestricted root-level access over the host and a range of potential security disasters. Even without Docker this also seems like an unusual design to me. – David Maze Jul 31 '19 at 01:09

1 Answers1

0

If you just need to reload the nginx configuration you don't have to run a command in the container. You can control the server using signals. So what you need is to send a SIGHUP signal to the nginx docker container. The signal is then propagated to the server which in turn will reload the configuration.

How to do that? All the docker commands are available as REST API. In this case it is Kill a container the one to make. You just need access to the default unix socket (/var/run/docker.sock) the docker daemon is listening to. It can be shared with the java container (as mounted volume) or in alternative, the docker daemon can be configured to listen to TCP sockets.

Assuming you shared the socket, you can now POST a kill request to the docker daemon from inside the java container using curl:

curl --unix-socket /var/run/docker.sock -d "" "http://localhost/containers/<docker_id>/kill?signal=SIGHUP"

where docker_id is the id of the nginx container.

Note: access to the docker daemon on host (either by remote access or by sharing the socket) may run you into security issues as mentioned by @David Maze

If the above scenario is not feasible you could, in alternative, run the command using ssh. Detailed discussion here

b0gusb
  • 4,283
  • 2
  • 14
  • 33