Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
b
billowy-traffic-45695
07/25/2022, 10:28 AMHi all. I’m pretty new to Rancher Desktop, containering, clustering, Kubernetes etc but I’ve installed Rancher desktop on a Mac, done a few simple tutorials and it seems like a really impressive and efficient, minimal code way to do things. Anyway, I want to figure out how to get multiple LAMP stacks each with a Wordpress install running all with SSL certs using Certbot and LetsEncrypt for sub-domains. It’s so I can send links to my clients so they can see the websites I am currently building for them. I have access to DNS for all my domains so the sub-domains part is already done and working.
How hard is this and where should I start please?
w
wide-mechanic-33041
07/25/2022, 11:51 AMIs the goal to send a client a link to a stack running on your RD instance on your personal machine? RD is more focused on the inner loop and then you push your app out into a real kubernetes cluster where you could assign an ingress IP and do all the external stuff
s
sticky-summer-13450
07/25/2022, 1:07 PMYes - it is possible, but as @wide-mechanic-33041 said above, RD is really for your development instead of for hosting test/UAT sites.
Assuming your Mac is behind a firewall/NATing router you will need to port-forward through to your Mac's IP address which should then forward it through to Traefik in RD to terminate SSL and forward on by hostname & path to the services of your Wordpress deployments.
b
billowy-traffic-45695
07/25/2022, 1:12 PMWell the whole reason I am doing this is to separate my up to date MAMP hosted local development version of a website from a version I show my clients. My copy of RD is hosted on an old Mac here in the office. It would only be spun up when I am on the phone to the client so they can look at the latest updates I’ve done so does that make a difference to specification?
I host on a cloud server that I rent. The finished sites would go up on that.
I’m just looking at the quickest cheapest way to do this but it would be good if I could have multiple sites so I can work on multiple versions of sites or multiple sites at the same time.
w
wide-mechanic-33041
07/25/2022, 1:14 PMwell a single node K8s environment (your cloud server) could make for some issues as well.
or are you thinking of not using k8s for your prod and just falling back to your existing stack?
in k8s each deployment is separate and if you wanted you could use a namespace for further segmentation if you want, but as a demo its probably not needed
b
billowy-traffic-45695
07/25/2022, 1:16 PMYes that’s exacrly correct. I am looking at using K8s or K3s only for a simple and sandboxed way to show clients a work in progress website. Plus, as I said. I am very new to this so I need to learn a bit at a time.
I could just install Apache, MySQL and PHP with vitual hosts directly on this old Mac but doing it this way with Rancher Desktop seemed more useful and an opportunity to start learning Kubernetes.
I have just run the LAMP image with nerdctl run -it lamp -d sh
w
wide-mechanic-33041
07/25/2022, 1:19 PMi mean first stop would need to be some k8s basics I think. that is a deep pool architecturally that will contain a lot of new topics (probably networking will take some time) but also the model itself. Its probably going to push you to look at your prod hosting as well since if you do all the deployment yaml work it feels like a miss to just leave that on the table and roll back to a site on a shared middleware stack
b
billowy-traffic-45695
07/25/2022, 1:19 PMThat seems to spin up ok and it gives me a directory structure at root. It runs Debian 11. It also seems to have Vi installed. But I am not ure how to proceed from that. Also I have no idea what port it is serving httpd on.
w
wide-mechanic-33041
07/25/2022, 1:20 PMwell thats not k8s, you are running LAMP i a single container via containerd
b
billowy-traffic-45695
07/25/2022, 1:20 PMWell that would have to be a future thing seen as I am unfamiliar with Kubernetes at the moment. But yes that would seem a logical progression.
Aah, well I did say I was a newb.
w
wide-mechanic-33041
07/25/2022, 1:21 PMand right now you didn’t expose any ports so there is no mapping between the host and the container
b
billowy-traffic-45695
07/25/2022, 1:22 PMI see.
w
wide-mechanic-33041
07/25/2022, 1:22 PMyou would need to map a port (assuming 80 for that LAMP image) by adding
-p "80:80"b
billowy-traffic-45695
07/25/2022, 1:23 PMRight. I first need to copy the image then and make that update to the copy. Just got to find the path to them as it was included with RD.
w
wide-mechanic-33041
07/25/2022, 1:23 PMnot really?
its not like an OS image? you are looking at Docker… so you would be using that image as a FROM in a Dockerfile and adding all of your other bits via standard Dockerfile statements
i mean you could shell into the container and start installing bits and pieces, but it wouldn’t be reproducible
b
billowy-traffic-45695
07/25/2022, 1:26 PMSo I need to jump out of the container and edit the yaml file to add the -p 80:80 to the image file.
w
wide-mechanic-33041
07/25/2022, 1:27 PMno yaml file for this one
just your call to nerdctl. I would avoid k8s completely till you have the container stuff down or i think you will hit a wall
b
billowy-traffic-45695
07/25/2022, 1:28 PMGood advice. Thanks
w
wide-mechanic-33041
07/25/2022, 1:30 PMRD provides a fine place to use dockerd/containerd (you can even disable k8s to speed startup etc). work on basics and limits of containers and how they could interact with each other. then as you would look at k8s some of the reasons certain things are the way they are will make more sense
b
billowy-traffic-45695
07/25/2022, 1:33 PMI’m making notes Justin. Thanks again. I see. So how do I run it as a daemon.
nerdctl run -d -p 80:80 lamp sh seems to exit straight away.
It does throw up a huge string on the screen though.
w
wide-mechanic-33041
07/25/2022, 1:34 PMrun “docker ps”
b
billowy-traffic-45695
07/25/2022, 1:35 PMerror during connect: Get “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json”: EOF
w
wide-mechanic-33041
07/25/2022, 1:35 PMmost folks would run lamp using “docker compose” as well, but the monolith should be fine for testing
b
billowy-traffic-45695
07/25/2022, 1:36 PMI’ve set RD to use containerd not dockerd. Would that cause this?
w
wide-mechanic-33041
07/25/2022, 1:37 PMsorry my fault. nerdctl ps
b
billowy-traffic-45695
07/25/2022, 1:37 PMYeah I get the column headings but nothing else.
So I guess nothing is running. I tried it with -a and I get a bunch of lines.
w
wide-mechanic-33041
07/25/2022, 1:38 PMcool ok. that image seems like it doesn’t background itself
b
billowy-traffic-45695
07/25/2022, 1:39 PMFair enough. I just thought you’d have to add -d to background it as that worked on some other ones I ran.
w
wide-mechanic-33041
07/25/2022, 1:39 PMit will be specific on the image you are using
b
billowy-traffic-45695
07/25/2022, 1:40 PMIf I can find the image files that come with RD I could edit one and see what’s in there.
w
wide-mechanic-33041
07/25/2022, 1:40 PMwhen you were using interactive the shell was keeping it running
they don’t come w RD?
you are pulling the userspace from docker hub
“docker image ls”
sorry
nerdctl image ls
b
billowy-traffic-45695
07/25/2022, 1:41 PMOh. So they are not on my machine? That’s interesting.
w
wide-mechanic-33041
07/25/2022, 1:41 PMyou may want tow swing through https://www.docker.com/101-tutorial/
well they are as RO images that will be used to spawn a ephemeral instance
b
billowy-traffic-45695
07/25/2022, 1:43 PMSounds like a steep learning curve. I’ll give that 101 tutorial a go now and thanks again Justin. I’ll report back when I actually have more than half a clue 😉 I really appreciate you taking the time to give me some pointers buddy. Thanks again.
w
wide-mechanic-33041
07/25/2022, 1:48 PMno prob. i won’t do 1% as good a job via slack responses than just running through a couple tutorials on containerization end to end. docker has some solid ones, but you can find plenty of options from the LF/CNCF, youtube, and medium. and once you have that containerization foundation the whole orchestration thing starts to make more sense and thats where you got swarm, k8s, mesos coming in. And you might start getting a feel for the difference in a approach between cloudfoundry and the containerd+orchestration models.
b
billowy-traffic-45695
07/25/2022, 1:50 PMOK. As you will gather that all sounds like double dutch to me right now but hopefully after a few tuts it will make more sense and I will report back. Thanks again matey.
👍 1
Silly question but if I learn docker instead of containerd will the knowledge easily migrate over to using containerd?
w
wide-mechanic-33041
07/25/2022, 2:15 PMyup and the syntax is 99% the same so instead of docker ps for running containers you nerdctl ps
b
billowy-traffic-45695
07/25/2022, 2:15 PMGood to know and thanks again.
w
wide-mechanic-33041
07/25/2022, 2:20 PMthere is a lot of history there and reality is in most production deploys you will be targeting containerd as the dialect that Docker authored has been brought back to the neutral OCI standard.
as you think about moving to containers and container orchestration do some research on the what and why it came to be and not just the how. stuff moves quickly and having a bit of context on how we got to where we are today I believe will help you make that best decision for your customers as an advisor and not just a service provider. sometimes jamstack can get things done and a CMS isn’t needed, sometimes a CMS is needed but it doesn’t need to be crazy complicated, and sometimes you need that full stack.
b
billowy-traffic-45695
07/25/2022, 2:50 PMI’m going to cut and paste this conversation as I think it will eventually all make sense. Remember I am coming in as a total beginner. I’d heard of Docker, only because I saw that there were apps I couldn’t install on my old Synology NAS because it didn’t have Docker support so I looked a little into that then. And more recently I saw Rancher Desktop was available for my Mac, got curious, installed it and then thought about a containerised test environment as a LAMP stack with virtual hosts and SSL for my clients. But that’s it so far.
w
wide-mechanic-33041
07/25/2022, 2:54 PMyup moving from VMs/droplets to containers is a big jump. they tend to be solving different problems at their core with containers pulling “trust” back to the developer and the immutable image where a virtual host still has this dependance on the environment operator/maintainer.
b
billowy-traffic-45695
07/25/2022, 2:56 PMI think I understand. Remember I am a web designer with some server admin understanding I’ve picked up over the years, not a Dev-Ops guy. But I’m willing to learn whatever I need to improve the systems I use. This just fascinated me and seems to be a way forward.
w
wide-mechanic-33041
07/25/2022, 3:07 PMyup and you may have other options that don’t take you in a “full stack” direction. not that it is bad to get back to the hosting, but jamstack hosting in fastly for static sites or other PaaS approaches like cloudfoundry or azure app service may be better aligned to your specific needs. kubernetes is an amazing effort, but it . That link is basically a giant inside joke, but hopefully it gets to the “right tool for the right problem” in a humorous way. 🤣
may be more than is needed in many times▾
b
billowy-traffic-45695
07/25/2022, 3:30 PMHeh. Yeah hopefully. Either way it’s still interesting.
I just watched it. If I had a fiver for every version of that clip that’s been used… 😅
w
wide-mechanic-33041
07/25/2022, 3:38 PMyup its a classic though I could imagine if someone spoke german it could be hard to keep the audio unmuted and stick to the captions.
b
billowy-traffic-45695
07/25/2022, 3:51 PMWhere are you from Justin? I’m British by the way. There is one of those about one of our local politicians that cracked me up.
w
wide-mechanic-33041
07/25/2022, 3:55 PMNorth Carolina, USA by way of Rhode Island. Yeah slack gives you a clue based on the “local time” of the user. Joys of a global community
b
billowy-traffic-45695
07/25/2022, 4:00 PMHehe indeed. Aarrrggghhh the video has gone off Youtube. Oh well. It was pretty funny.
w
wide-mechanic-33041
07/25/2022, 4:00 PMhuh may be a regional block as I still see it in the US
b
billowy-traffic-45695
07/25/2022, 4:10 PMAah no. I saw the one you put up. That was funny even though I didn’t understand much of it. I meant the one about the British politician.
👍 1
Well I found a great tutorial that allowed me to run a docker image and spin up three containers. One with Wordpress on port 80, another with MariaDB on 3306 but my machine doesn;t seem to want to give port 80 to Containerd. Even though I have the following when I run “nerdctl container ls”:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
225dd24f880c docker.io/library/wordpress:latest “docker-entrypoint.s…” 4 minutes ago Up 0.0.0.0:80->80/tcp wp1_wp_1
6a1219c09d09 docker.io/library/mysql:latest “docker-entrypoint.s…” 4 minutes ago Up 127.0.0.1:3306->3306/tcp wp1_db_1
Oh hang on. It says 0.0.0.0:80. Maybe I need to change the IP address in the yaml file to 127.0.0.1
w
wide-mechanic-33041
07/25/2022, 5:03 PMwell 80 is a privileged port on many OSs because its is IANA reserved. you may want to do p 8080:80 so you can map 8080 on the Host to 80 inside the container
the 0.0.0.0 should be localhost/default route as well
b
billowy-traffic-45695
07/25/2022, 5:05 PMThe guy’s next tutorial was to create a nginx reverse proxy on port 80 to then point to the website on port 8080 so I guess that will work.
This is the whole yml file:
version: ‘3’
services:
wp:
image: wordpress:latest # https://hub.docker.com/_/wordpress/
ports:
- 80:80 # change ip if required
volumes:
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
- ./wp-app:/var/www/html # Full wordpress project
#- ./plugin-name/trunk/:/var/www/html/wp-content/plugins/plugin-name # Plugin development
#- ./theme-name/trunk/:/var/www/html/wp-content/themes/theme-name # Theme development
environment:
WORDPRESS_DB_HOST: db
WORDPRESS_DB_NAME: “${DB_NAME}”
WORDPRESS_DB_USER: root
WORDPRESS_DB_PASSWORD: “${DB_ROOT_PASSWORD}”
depends_on:
- db
wpcli:
image: wordpress:cli
volumes:
- ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini
- ./wp-app:/var/www/html
depends_on:
- db
- wp
db:
image: mysql:latest # https://hub.docker.com/_/mysql/ - or mariadb https://hub.docker.com/_/mariadb
ports:
- ${IP}:3306:3306 # change ip if required
command: [
‘--default_authentication_plugin=mysql_native_password’,
‘--character-set-server=utf8mb4’,
‘--collation-server=utf8mb4_unicode_ci’
]
volumes:
- ./wp-data:/docker-entrypoint-initdb.d
- db_data:/var/lib/mysql
environment:
MYSQL_DATABASE: “${DB_NAME}”
MYSQL_ROOT_PASSWORD: “${DB_ROOT_PASSWORD}”
volumes:
db_data:
It’s just an old Intel Mac Mini and I have turned off Apple Web Sharing which usually just takes you to an Apple installed Apache server for port 80.
w
wide-mechanic-33041
07/25/2022, 5:07 PMyup thats a docker compose file. yeah the port mapping is sort of like a reverse proxy.
b
billowy-traffic-45695
07/25/2022, 5:08 PMI just get 404 page not found if I type 127.0.0.1 in a browser
w
wide-mechanic-33041
07/25/2022, 5:09 PMyup for 80 thats not surprising, I would change that wordpress port to 8080:80
b
billowy-traffic-45695
07/25/2022, 5:09 PMCool. I’ll see if that works. Thanks
Aha!!! I now get the Wordpress installer page. Thanks.
👍 1
That’s insane. “Welcome to Wordpress 6.0.1” And the DB and Wordpress are running in different containers. This is simply awesome. Now how do I then run two sets of containers. Just create another directory for the files, copy them over to it and put a different port number 8081:80 etc for each install (different Wordpress/MySQL instance?
Or is it more complicated than that?
w
wide-mechanic-33041
07/25/2022, 5:22 PMso you are getting to the limits of compose as it doesn’t have this namespacing and you will need to be creative with assigning the ports. you can also use the “project-name” specifier in compose as well to reuse the file, BUT your listening port needs to be unique per instance
b
billowy-traffic-45695
07/25/2022, 5:32 PMFantastic. Now that I think I can follow. I just need to see if I can get the reverse proxy NginX working now so I can point a subdomain to the Wordpress site.
w
witty-honey-18052
07/25/2022, 11:30 PMYou can use ngrok to serve from your local machine as a stop-gap
b
billowy-traffic-45695
07/26/2022, 4:35 PMI may just do that but I actually want to try Nginx Proxy Manager. Ony issue is the docker-compose.yml file throws up errors when I try to “up” it. I thinkl t’s because I am set to using Containerd rather then Dockerd and the yaml file may need editing to do it.
Here is the error:
FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data/mysql” to rootfs at “/var/lib/mysql”: stat /Users/paulrandall/nginxproxymanager/data/mysql: no such file or directory: unknown
FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data” to rootfs at “/data”: stat /Users/paulrandall/nginxproxymanager/data: no such file or directory: unknown
FATA[0000] error while creating container nginxproxymanager_db_1: exit status 1
w
wide-mechanic-33041
07/26/2022, 4:36 PMboth should support compose spec so not sure thats the issue.
b
billowy-traffic-45695
07/26/2022, 4:36 PMversion: ‘3’
services:
app:
image: ‘jc21/nginx-proxy-manager:latest’
ports:
- ‘80:80’
- ‘81:81’
- ‘443:443’
environment:
DB_MYSQL_HOST: “db”
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: “npm”
DB_MYSQL_PASSWORD: “npm”
DB_MYSQL_NAME: “npm”
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
db:
image: ‘jc21/mariadb-aria:latest’
environment:
MYSQL_ROOT_PASSWORD: ‘npm’
MYSQL_DATABASE: ‘npm’
MYSQL_USER: ‘npm’
MYSQL_PASSWORD: ‘npm’
volumes:
- ./data/mysql:/var/lib/mysql
w
wide-mechanic-33041
07/26/2022, 4:44 PMdid you try and flip over to dockerd in the Kubernetes config section just in case? I am pretty sure the issue is that mount of User which looks like it is coming from the Windows side and that wouldn’t work as a path in WSL2.
b
billowy-traffic-45695
07/26/2022, 4:45 PMAny ideas what to do here. I have Wordpress working on port 8080 fine. I also realised that I had an old homebrew installed Apache/PHP/MySQL setup installed so I de-installed that and now I can get something up on port 80. Sadly not this containered Wordpress install so that’s why I thought this NginX Proxy manager would allow me to get a little farther and reverse proxy to port 8080.
AAh ok.
I’ll try it now. One sec
w
wide-mechanic-33041
07/26/2022, 4:46 PMthat volume mount assumes that the data volume exists in scope to WSL
stateful apps and containers can be an interesting challenge and things get more interesting as you look at multi-node deployments like k8s.
b
billowy-traffic-45695
07/26/2022, 4:52 PMI can imagine.
So I just switched to Dockerd and it again built OK but I got these following errors
Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied
w
wide-mechanic-33041
07/26/2022, 4:56 PMi would try and do the “host side” (left) of the volume mount to the fqdn. It seems the shim is assuming the volume is in Windows because the shim is running in Windows
b
billowy-traffic-45695
07/26/2022, 5:00 PMYeah that means very little to me at this stage. What does that translate to in actual changes to the yml file please Justin?
I understand FQDN “fully qualified domain name” but as I started a couple of days ago on containering just think of me as an idiot 😉
w
wide-mechanic-33041
07/26/2022, 5:06 PMlet me see if I can reproduce one volume mount in wsl2 (on a video call and a mac so may take a fwe). Just be VERY CAREFUL with stateful apps and containers.
b
billowy-traffic-45695
07/26/2022, 5:07 PMThanks Justin. I appreciate your help.
I’m guessing the reason that it wants to save data external from the container is to save you actually having to enter in reverse proxy settings every time you start up the containered app.
w
wide-mechanic-33041
07/26/2022, 5:45 PMyup gut says it is an issue with the nerdctl shim and handling working directories. I know it’s come up before w compose calls. I would try flipping to dockerd in the “Kubernetes Settings” side
b
billowy-traffic-45695
07/26/2022, 5:45 PMI did and it got me that second error.
Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied
w
wide-mechanic-33041
07/26/2022, 5:46 PMand containers are ephemeral so when you stop them any content written usually is discarded. so you use volume mounts to create a mount point that can contain something you want to persist.
b
billowy-traffic-45695
07/26/2022, 5:49 PMYes I understand. I guess that I can’t use this NginX Proxy Manager on a Mac in a container then. It’s a shame as I was hoping this would be the last piece in the puzzle.
w
wide-mechanic-33041
07/26/2022, 5:49 PMhmm grabbed that “app” section of the yaml and i could start up proxymanager and got two folders in the same folder as my compose.yml named data and letsencrypt
b
billowy-traffic-45695
07/26/2022, 5:50 PMActually so did I. But it still throws those errors.
Just checked.
drwxr-xr-x 3 paulrandall staff 96 26 Jul 17:52 data/
-rw-r--r-- 1 paulrandall staff 586 26 Jul 16:57 docker-compose.yml
drwxr-xr-x 2 paulrandall staff 64 26 Jul 17:52 letsencrypt/
w
wide-mechanic-33041
07/26/2022, 5:50 PMyeah i am using only part of your compose spec
maybe the mysql side is the issue. and remember likely that was intended for use on linux and not wsl2
b
billowy-traffic-45695
07/26/2022, 5:52 PMSo does the Mac version of RD use WSL2 as well as the Windows vewrsion then?
I’m on an old 2012 Intel Mac Mini for all this. It’s the only non Apple Silicon Mac I have and the reason I’m using it for this.
w
wide-mechanic-33041
07/26/2022, 5:52 PMheh no WSL is Windows Subsystem for Linux. 😉 Mac and Linux use a VM
ohh sorry i may be getting conused. i thought you were doing this on windows
b
billowy-traffic-45695
07/26/2022, 5:53 PMWell as I am on a Mac then do you think it wants me to use WSL2 and that’s the issue?
w
wide-mechanic-33041
07/26/2022, 5:53 PMno
similar problems, but contributes to why i couldn’t repro
b
billowy-traffic-45695
07/26/2022, 5:54 PMNo matey. I only have Macs here. I do have a Windows install on the same drive with Bootcamp but prefer to use Mac as that’s what I am most familiar with.
👍 1
I see.
Makes sense then.
So is it the original image that they created. Set up specifically so that it won’t save persistent data on a Mac or Linux
w
wide-mechanic-33041
07/26/2022, 5:59 PMso that is the nature of containers… nothing to do with the Host OS
b
billowy-traffic-45695
07/26/2022, 6:01 PMOoh I just found this: https://github.com/Immain/Nginx-Proxy-Manager-MacOS-Oct2021-Docker
w
wide-mechanic-33041
07/26/2022, 6:01 PMin this case the image is actually running on a linux kernel either through a system like WSL2 or through a VM with a minimal OS (Alpine)
b
billowy-traffic-45695
07/26/2022, 6:05 PMversion: ‘3’
services:
app:
image: ‘jlesage/nginx-proxy-manager’ # Keep
ports:
- ‘80:80’ # Keep !Important
- ‘81:81’ # Keep !Important
- ‘443:443’ # Keep !Important
environment:
DB_MYSQL_HOST: “proxy_db” # Keep !Important
DB_MYSQL_PORT: 3306 # Keep !Important
DB_MYSQL_USER: “npm” # Change
DB_MYSQL_PASSWORD: “npm” # Change
DB_MYSQL_NAME: “npm”
volumes:
- /Users/Example/Documents/ProxyManager/data # Change to match your Mac User
- /Users/User/Documents/ProxyManager/letsencrypt # Change to match your Mac User
db:
image: ‘mariadb’
environment:
MYSQL_ROOT_PASSWORD: “npm” # Change
MYSQL_DATABASE: “Proxy_db” # Keep !Important
MYSQL_USER: “npm” # Change
MYSQL_PASSWORD: “npm” # Change
volumes:
- /Users/Example/Documents/ProxyManager/letsencrypt/mysql # Change to match your Mac User
Maybe this is different enough to work. I’ll have a go 😉
w
wide-mechanic-33041
07/26/2022, 6:06 PMjust used your original and it is working fine
on my mac
b
billowy-traffic-45695
07/26/2022, 6:06 PMScratches head!!!
w
wide-mechanic-33041
07/26/2022, 6:07 PMversion: '3'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
ports:
- '80:80'
- '81:81'
- '443:443'
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
db:
image: 'jc21/mariadb-aria:latest'
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'npm'
volumes:
- ./data/mysql:/var/lib/mysqlthats using dockerd about to try containerd
yeah nerdctl shim is still having issues on my machine when it comes to pwd
b
billowy-traffic-45695
07/26/2022, 6:12 PMStrange eh.
w
wide-mechanic-33041
07/26/2022, 6:14 PMgot it i think
b
billowy-traffic-45695
07/26/2022, 6:14 PMI’m just restarting RD with containerd and then I’ll see if this new compose version works now I’ve customised it.
Really?
w
wide-mechanic-33041
07/26/2022, 6:14 PMyeah so its tied to the working directory
i created my compose folder in /tmp which exists in Alpine
so in the VM you can see the folders in /tmp
b
billowy-traffic-45695
07/26/2022, 6:14 PMAnd it worked?
w
wide-mechanic-33041
07/26/2022, 6:15 PMbut Users does not exist in Alpine and thats where yours is
b
billowy-traffic-45695
07/26/2022, 6:15 PMAah I see. I think!
w
wide-mechanic-33041
07/26/2022, 6:15 PMtry moving the folder containing your compose.yaml to /tmp and see if things change
relative directories are also weird
i have done almost zero on volume mounts in RD (or docker solo) for a while so needed to repro to see what the issue might be
b
billowy-traffic-45695
07/26/2022, 6:18 PMI’m still waiting for the other version of the compose file I found to build in containerd but if it fails I’ll try the /tmp option. One sec.
Ooh finished and built without errors.
w
wide-mechanic-33041
07/26/2022, 6:18 PMyeah cool… if you remove the “.” it will create a /data and /letsencrypt in the root of the Alpine VM
b
billowy-traffic-45695
07/26/2022, 6:19 PMYep I see those
w
wide-mechanic-33041
07/26/2022, 6:19 PMso you may want to do like /customer1/data and in the other compose do /customer2/data or else the volume mounts will step on each other
i wouldn’t do the relative pathing though because it tries to take the path of your compose and inject it into Alpine
b
billowy-traffic-45695
07/26/2022, 6:21 PMThat makes sense.
514d8c870ea1 docker.io/jlesage/nginx-proxy-manager:latest “/init” 7 minutes ago Up 0.0.0.0:80->80/tcp, 0.0.0.0:81->81/tcp, 0.0.0.0:443->443/tcp nginxproxymanager_app_1
bbcd0507092a docker.io/library/mariadb:latest “docker-entrypoint.s…” 7 minutes ago Up nginxproxymanager_db_1
👍 1
But I still can’t see it if I type http:// 127.0.0.1:81/login
Or localhost:81
Maybe I need to open that port. D’oh!!!
w
wide-mechanic-33041
07/26/2022, 6:30 PMversion: '3'
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
ports:
- '80:80'
- '81:81'
- '443:443'
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "npm"
DB_MYSQL_PASSWORD: "npm"
DB_MYSQL_NAME: "npm"
volumes:
- /data:/data
- /letsencrypt:/etc/letsencrypt
db:
image: 'jc21/mariadb-aria:latest'
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'npm'
volumes:
- /data/mysql:/var/lib/mysqli get a clean start from the above and I can get the “successfully started” on 80 on my machine fwiw
b
billowy-traffic-45695
07/26/2022, 6:31 PMOn a Mac?
Dockerd or Containerd?
Dude I’m in 🙂 Thanks. That seemed to work. In Dockerd though
w
wide-mechanic-33041
07/26/2022, 6:36 PMmac and dockerd. sorry back and forth with things
b
billowy-traffic-45695
07/26/2022, 6:37 PMRight, on that note I am going to play with it and then go cook food. The wife is losing it as she needs her BBQ tasties.
Wow. I’m logged in and everything. OK food time before divorce papers are passed to me 😉 Thanks again and I’ll report back when I’ve got things working (if I do) 🙂 Have a great day.
w
wide-mechanic-33041
07/26/2022, 6:44 PMalways good to leave on a high note
b
billowy-traffic-45695
07/26/2022, 6:46 PMIndeed. It’s great. I can’t actually run the Wordpress distro alongside it as it uses the same 443 port but I will see if that’s debuggable.
Bind for 0.0.0.0:443 failed: port is already allocated
Anyway. Have a great day. Thanks again Justin.
w
wide-mechanic-33041
07/26/2022, 6:47 PMyup you will need to play with those ports a bit to avoid conflicts
b
billowy-traffic-45695
07/26/2022, 7:00 PMYeah. I'm sure I'll get there.
Nearly there now. I have NGINX Proxy Manager running and Wordpress running at the same time and I can get into the Wordpress install on 8080 and the proxy manager on 81. See below:
paulrandall@Pauls-Mac-mini wp1 % docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6933589374ef wordpress:latest “docker-entrypoint.s…” 58 seconds ago Up 54 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp wp1-wp-1
3bde41d6b5f1 mysql:latest “docker-entrypoint.s…” 58 seconds ago Up 56 seconds 127.0.0.1:3306->3306/tcp, 33060/tcp wp1-db-1
5c2465e4c0da jc21/nginx-proxy-manager:latest “/init” 14 hours ago Up 14 hours 0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginxproxymanager-app-1
618ed5e5cea5 jc21/mariadb-aria:latest “/scripts/run.sh” 14 hours ago Up 14 hours 3306/tcp nginxproxymanager-db-1
52fdcec65293 72463d8000a3 “/entrypoint.sh --gl…” 14 hours ago Up 14 hours k8s_traefik_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2
308cc2f83643 fb9b574e03c3 “local-path-provisio…” 14 hours ago Up 14 hours k8s_local-path-provisioner_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2
517b9d69ab41 dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-443_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2
3f845381f75b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2
9e63f437f9be dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-80_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2
1e7a99d7f102 f73640fb5061 “/metrics-server --c…” 14 hours ago Up 14 hours k8s_metrics-server_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2
1564154115c2 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2
66193378d9ce 99376d8f35e0 “/coredns -conf /etc…” 14 hours ago Up 14 hours k8s_coredns_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2
e2e4e0c2b0cb k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2
ad6779f1f03b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2
57dcf3183626 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2
Only issue left now is that if I look the IP address with a local browser without specifying a port (i.e. port 80) I get “It Works!” and that is the built in web server Apple provides.
So it basically seems to get priority for listening on port 80 without any obvious way of disabling it. However I obviously want to use the web server in the container that is running NGINX proxy manager on port 80.
So any idea how to move forward on that? I’m so close as you can see to displaying one website that is protected by reverse proxy.
D’oh!!!