https://rancher.com/ logo
b

billowy-traffic-45695

07/25/2022, 10:28 AM
Hi all. I’m pretty new to Rancher Desktop, containering, clustering, Kubernetes etc but I’ve installed Rancher desktop on a Mac, done a few simple tutorials and it seems like a really impressive and efficient, minimal code way to do things. Anyway, I want to figure out how to get multiple LAMP stacks each with a Wordpress install running all with SSL certs using Certbot and LetsEncrypt for sub-domains. It’s so I can send links to my clients so they can see the websites I am currently building for them. I have access to DNS for all my domains so the sub-domains part is already done and working. How hard is this and where should I start please?
w

wide-mechanic-33041

07/25/2022, 11:51 AM
Is the goal to send a client a link to a stack running on your RD instance on your personal machine? RD is more focused on the inner loop and then you push your app out into a real kubernetes cluster where you could assign an ingress IP and do all the external stuff
s

sticky-summer-13450

07/25/2022, 1:07 PM
Yes - it is possible, but as @wide-mechanic-33041 said above, RD is really for your development instead of for hosting test/UAT sites. Assuming your Mac is behind a firewall/NATing router you will need to port-forward through to your Mac's IP address which should then forward it through to Traefik in RD to terminate SSL and forward on by hostname & path to the services of your Wordpress deployments.
b

billowy-traffic-45695

07/25/2022, 1:12 PM
Well the whole reason I am doing this is to separate my up to date MAMP hosted local development version of a website from a version I show my clients. My copy of RD is hosted on an old Mac here in the office. It would only be spun up when I am on the phone to the client so they can look at the latest updates I’ve done so does that make a difference to specification? I host on a cloud server that I rent. The finished sites would go up on that.
I’m just looking at the quickest cheapest way to do this but it would be good if I could have multiple sites so I can work on multiple versions of sites or multiple sites at the same time.
w

wide-mechanic-33041

07/25/2022, 1:14 PM
well a single node K8s environment (your cloud server) could make for some issues as well.
or are you thinking of not using k8s for your prod and just falling back to your existing stack?
in k8s each deployment is separate and if you wanted you could use a namespace for further segmentation if you want, but as a demo its probably not needed
b

billowy-traffic-45695

07/25/2022, 1:16 PM
Yes that’s exacrly correct. I am looking at using K8s or K3s only for a simple and sandboxed way to show clients a work in progress website. Plus, as I said. I am very new to this so I need to learn a bit at a time.
I could just install Apache, MySQL and PHP with vitual hosts directly on this old Mac but doing it this way with Rancher Desktop seemed more useful and an opportunity to start learning Kubernetes.
I have just run the LAMP image with nerdctl run -it lamp -d sh
w

wide-mechanic-33041

07/25/2022, 1:19 PM
i mean first stop would need to be some k8s basics I think. that is a deep pool architecturally that will contain a lot of new topics (probably networking will take some time) but also the model itself. Its probably going to push you to look at your prod hosting as well since if you do all the deployment yaml work it feels like a miss to just leave that on the table and roll back to a site on a shared middleware stack
b

billowy-traffic-45695

07/25/2022, 1:19 PM
That seems to spin up ok and it gives me a directory structure at root. It runs Debian 11. It also seems to have Vi installed. But I am not ure how to proceed from that. Also I have no idea what port it is serving httpd on.
w

wide-mechanic-33041

07/25/2022, 1:20 PM
well thats not k8s, you are running LAMP i a single container via containerd
b

billowy-traffic-45695

07/25/2022, 1:20 PM
Well that would have to be a future thing seen as I am unfamiliar with Kubernetes at the moment. But yes that would seem a logical progression.
Aah, well I did say I was a newb.
w

wide-mechanic-33041

07/25/2022, 1:21 PM
and right now you didn’t expose any ports so there is no mapping between the host and the container
b

billowy-traffic-45695

07/25/2022, 1:22 PM
I see.
w

wide-mechanic-33041

07/25/2022, 1:22 PM
you would need to map a port (assuming 80 for that LAMP image) by adding
Copy code
-p "80:80"
b

billowy-traffic-45695

07/25/2022, 1:23 PM
Right. I first need to copy the image then and make that update to the copy. Just got to find the path to them as it was included with RD.
w

wide-mechanic-33041

07/25/2022, 1:23 PM
not really?
its not like an OS image? you are looking at Docker… so you would be using that image as a FROM in a Dockerfile and adding all of your other bits via standard Dockerfile statements
i mean you could shell into the container and start installing bits and pieces, but it wouldn’t be reproducible
b

billowy-traffic-45695

07/25/2022, 1:26 PM
So I need to jump out of the container and edit the yaml file to add the -p 80:80 to the image file.
w

wide-mechanic-33041

07/25/2022, 1:27 PM
no yaml file for this one
just your call to nerdctl. I would avoid k8s completely till you have the container stuff down or i think you will hit a wall
b

billowy-traffic-45695

07/25/2022, 1:28 PM
Good advice. Thanks
w

wide-mechanic-33041

07/25/2022, 1:30 PM
RD provides a fine place to use dockerd/containerd (you can even disable k8s to speed startup etc). work on basics and limits of containers and how they could interact with each other. then as you would look at k8s some of the reasons certain things are the way they are will make more sense
b

billowy-traffic-45695

07/25/2022, 1:33 PM
I’m making notes Justin. Thanks again. I see. So how do I run it as a daemon.
nerdctl run -d -p 80:80 lamp sh seems to exit straight away.
It does throw up a huge string on the screen though.
w

wide-mechanic-33041

07/25/2022, 1:34 PM
run “docker ps”
b

billowy-traffic-45695

07/25/2022, 1:35 PM
error during connect: Get “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json”: EOF
w

wide-mechanic-33041

07/25/2022, 1:35 PM
most folks would run lamp using “docker compose” as well, but the monolith should be fine for testing
b

billowy-traffic-45695

07/25/2022, 1:36 PM
I’ve set RD to use containerd not dockerd. Would that cause this?
w

wide-mechanic-33041

07/25/2022, 1:37 PM
sorry my fault. nerdctl ps
b

billowy-traffic-45695

07/25/2022, 1:37 PM
Yeah I get the column headings but nothing else.
So I guess nothing is running. I tried it with -a and I get a bunch of lines.
w

wide-mechanic-33041

07/25/2022, 1:38 PM
cool ok. that image seems like it doesn’t background itself
b

billowy-traffic-45695

07/25/2022, 1:39 PM
Fair enough. I just thought you’d have to add -d to background it as that worked on some other ones I ran.
w

wide-mechanic-33041

07/25/2022, 1:39 PM
it will be specific on the image you are using
b

billowy-traffic-45695

07/25/2022, 1:40 PM
If I can find the image files that come with RD I could edit one and see what’s in there.
w

wide-mechanic-33041

07/25/2022, 1:40 PM
when you were using interactive the shell was keeping it running
they don’t come w RD?
you are pulling the userspace from docker hub
“docker image ls”
sorry
nerdctl image ls
b

billowy-traffic-45695

07/25/2022, 1:41 PM
Oh. So they are not on my machine? That’s interesting.
w

wide-mechanic-33041

07/25/2022, 1:41 PM
you may want tow swing through https://www.docker.com/101-tutorial/
well they are as RO images that will be used to spawn a ephemeral instance
b

billowy-traffic-45695

07/25/2022, 1:43 PM
Sounds like a steep learning curve. I’ll give that 101 tutorial a go now and thanks again Justin. I’ll report back when I actually have more than half a clue 😉 I really appreciate you taking the time to give me some pointers buddy. Thanks again.
w

wide-mechanic-33041

07/25/2022, 1:48 PM
no prob. i won’t do 1% as good a job via slack responses than just running through a couple tutorials on containerization end to end. docker has some solid ones, but you can find plenty of options from the LF/CNCF, youtube, and medium. and once you have that containerization foundation the whole orchestration thing starts to make more sense and thats where you got swarm, k8s, mesos coming in. And you might start getting a feel for the difference in a approach between cloudfoundry and the containerd+orchestration models.
b

billowy-traffic-45695

07/25/2022, 1:50 PM
OK. As you will gather that all sounds like double dutch to me right now but hopefully after a few tuts it will make more sense and I will report back. Thanks again matey.
👍 1
Silly question but if I learn docker instead of containerd will the knowledge easily migrate over to using containerd?
w

wide-mechanic-33041

07/25/2022, 2:15 PM
yup and the syntax is 99% the same so instead of docker ps for running containers you nerdctl ps
b

billowy-traffic-45695

07/25/2022, 2:15 PM
Good to know and thanks again.
w

wide-mechanic-33041

07/25/2022, 2:20 PM
there is a lot of history there and reality is in most production deploys you will be targeting containerd as the dialect that Docker authored has been brought back to the neutral OCI standard.
as you think about moving to containers and container orchestration do some research on the what and why it came to be and not just the how. stuff moves quickly and having a bit of context on how we got to where we are today I believe will help you make that best decision for your customers as an advisor and not just a service provider. sometimes jamstack can get things done and a CMS isn’t needed, sometimes a CMS is needed but it doesn’t need to be crazy complicated, and sometimes you need that full stack.
b

billowy-traffic-45695

07/25/2022, 2:50 PM
I’m going to cut and paste this conversation as I think it will eventually all make sense. Remember I am coming in as a total beginner. I’d heard of Docker, only because I saw that there were apps I couldn’t install on my old Synology NAS because it didn’t have Docker support so I looked a little into that then. And more recently I saw Rancher Desktop was available for my Mac, got curious, installed it and then thought about a containerised test environment as a LAMP stack with virtual hosts and SSL for my clients. But that’s it so far.
w

wide-mechanic-33041

07/25/2022, 2:54 PM
yup moving from VMs/droplets to containers is a big jump. they tend to be solving different problems at their core with containers pulling “trust” back to the developer and the immutable image where a virtual host still has this dependance on the environment operator/maintainer.
b

billowy-traffic-45695

07/25/2022, 2:56 PM
I think I understand. Remember I am a web designer with some server admin understanding I’ve picked up over the years, not a Dev-Ops guy. But I’m willing to learn whatever I need to improve the systems I use. This just fascinated me and seems to be a way forward.
w

wide-mechanic-33041

07/25/2022, 3:07 PM
yup and you may have other options that don’t take you in a “full stack” direction. not that it is bad to get back to the hosting, but jamstack hosting in fastly for static sites or other PaaS approaches like cloudfoundry or azure app service may be better aligned to your specific needs. kubernetes is an amazing effort, but it

may be more than is needed in many times

. That link is basically a giant inside joke, but hopefully it gets to the “right tool for the right problem” in a humorous way. 🤣
b

billowy-traffic-45695

07/25/2022, 3:30 PM
Heh. Yeah hopefully. Either way it’s still interesting.
I just watched it. If I had a fiver for every version of that clip that’s been used… 😅
w

wide-mechanic-33041

07/25/2022, 3:38 PM
yup its a classic though I could imagine if someone spoke german it could be hard to keep the audio unmuted and stick to the captions.
b

billowy-traffic-45695

07/25/2022, 3:51 PM
Where are you from Justin? I’m British by the way. There is one of those about one of our local politicians that cracked me up.
w

wide-mechanic-33041

07/25/2022, 3:55 PM
North Carolina, USA by way of Rhode Island. Yeah slack gives you a clue based on the “local time” of the user. Joys of a global community
b

billowy-traffic-45695

07/25/2022, 4:00 PM
Hehe indeed. Aarrrggghhh the video has gone off Youtube. Oh well. It was pretty funny.
w

wide-mechanic-33041

07/25/2022, 4:00 PM
huh may be a regional block as I still see it in the US
b

billowy-traffic-45695

07/25/2022, 4:10 PM
Aah no. I saw the one you put up. That was funny even though I didn’t understand much of it. I meant the one about the British politician.
👍 1
Well I found a great tutorial that allowed me to run a docker image and spin up three containers. One with Wordpress on port 80, another with MariaDB on 3306 but my machine doesn;t seem to want to give port 80 to Containerd. Even though I have the following when I run “nerdctl container ls”:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 225dd24f880c docker.io/library/wordpress:latest “docker-entrypoint.s…” 4 minutes ago Up 0.0.0.0:80->80/tcp wp1_wp_1 6a1219c09d09 docker.io/library/mysql:latest “docker-entrypoint.s…” 4 minutes ago Up 127.0.0.1:3306->3306/tcp wp1_db_1
Oh hang on. It says 0.0.0.0:80. Maybe I need to change the IP address in the yaml file to 127.0.0.1
w

wide-mechanic-33041

07/25/2022, 5:03 PM
well 80 is a privileged port on many OSs because its is IANA reserved. you may want to do p 8080:80 so you can map 8080 on the Host to 80 inside the container
the 0.0.0.0 should be localhost/default route as well
b

billowy-traffic-45695

07/25/2022, 5:05 PM
The guy’s next tutorial was to create a nginx reverse proxy on port 80 to then point to the website on port 8080 so I guess that will work.
This is the whole yml file:
version: ‘3’ services: wp: image: wordpress:latest # https://hub.docker.com/_/wordpress/ ports: - 80:80 # change ip if required volumes: - ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini - ./wp-app:/var/www/html # Full wordpress project #- ./plugin-name/trunk/:/var/www/html/wp-content/plugins/plugin-name # Plugin development #- ./theme-name/trunk/:/var/www/html/wp-content/themes/theme-name # Theme development environment: WORDPRESS_DB_HOST: db WORDPRESS_DB_NAME: “${DB_NAME}” WORDPRESS_DB_USER: root WORDPRESS_DB_PASSWORD: “${DB_ROOT_PASSWORD}” depends_on: - db wpcli: image: wordpress:cli volumes: - ./config/php.conf.ini:/usr/local/etc/php/conf.d/conf.ini - ./wp-app:/var/www/html depends_on: - db - wp db: image: mysql:latest # https://hub.docker.com/_/mysql/ - or mariadb https://hub.docker.com/_/mariadb ports: - ${IP}33063306 # change ip if required command: [ ‘--default_authentication_plugin=mysql_native_password’, ‘--character-set-server=utf8mb4’, ‘--collation-server=utf8mb4_unicode_ci’ ] volumes: - ./wp-data:/docker-entrypoint-initdb.d - db_data:/var/lib/mysql environment: MYSQL_DATABASE: “${DB_NAME}” MYSQL_ROOT_PASSWORD: “${DB_ROOT_PASSWORD}” volumes: db_data:
It’s just an old Intel Mac Mini and I have turned off Apple Web Sharing which usually just takes you to an Apple installed Apache server for port 80.
w

wide-mechanic-33041

07/25/2022, 5:07 PM
yup thats a docker compose file. yeah the port mapping is sort of like a reverse proxy.
b

billowy-traffic-45695

07/25/2022, 5:08 PM
I just get 404 page not found if I type 127.0.0.1 in a browser
w

wide-mechanic-33041

07/25/2022, 5:09 PM
yup for 80 thats not surprising, I would change that wordpress port to 8080:80
b

billowy-traffic-45695

07/25/2022, 5:09 PM
Cool. I’ll see if that works. Thanks
Aha!!! I now get the Wordpress installer page. Thanks.
👍 1
That’s insane. “Welcome to Wordpress 6.0.1” And the DB and Wordpress are running in different containers. This is simply awesome. Now how do I then run two sets of containers. Just create another directory for the files, copy them over to it and put a different port number 8081:80 etc for each install (different Wordpress/MySQL instance?
Or is it more complicated than that?
w

wide-mechanic-33041

07/25/2022, 5:22 PM
so you are getting to the limits of compose as it doesn’t have this namespacing and you will need to be creative with assigning the ports. you can also use the “project-name” specifier in compose as well to reuse the file, BUT your listening port needs to be unique per instance
b

billowy-traffic-45695

07/25/2022, 5:32 PM
Fantastic. Now that I think I can follow. I just need to see if I can get the reverse proxy NginX working now so I can point a subdomain to the Wordpress site.
w

witty-honey-18052

07/25/2022, 11:30 PM
You can use ngrok to serve from your local machine as a stop-gap
b

billowy-traffic-45695

07/26/2022, 4:35 PM
I may just do that but I actually want to try Nginx Proxy Manager. Ony issue is the docker-compose.yml file throws up errors when I try to “up” it. I thinkl t’s because I am set to using Containerd rather then Dockerd and the yaml file may need editing to do it.
Here is the error:
FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data/mysql” to rootfs at “/var/lib/mysql”: stat /Users/paulrandall/nginxproxymanager/data/mysql: no such file or directory: unknown FATA[0000] failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/Users/paulrandall/nginxproxymanager/data” to rootfs at “/data”: stat /Users/paulrandall/nginxproxymanager/data: no such file or directory: unknown FATA[0000] error while creating container nginxproxymanager_db_1: exit status 1
w

wide-mechanic-33041

07/26/2022, 4:36 PM
both should support compose spec so not sure thats the issue.
b

billowy-traffic-45695

07/26/2022, 4:36 PM
version: ‘3’ services: app: image: ‘jc21/nginx-proxy-manager:latest’ ports: - ‘80:80’ - ‘81:81’ - ‘443:443’ environment: DB_MYSQL_HOST: “db” DB_MYSQL_PORT: 3306 DB_MYSQL_USER: “npm” DB_MYSQL_PASSWORD: “npm” DB_MYSQL_NAME: “npm” volumes: - ./data:/data - ./letsencrypt:/etc/letsencrypt db: image: ‘jc21/mariadb-aria:latest’ environment: MYSQL_ROOT_PASSWORD: ‘npm’ MYSQL_DATABASE: ‘npm’ MYSQL_USER: ‘npm’ MYSQL_PASSWORD: ‘npm’ volumes: - ./data/mysql:/var/lib/mysql
w

wide-mechanic-33041

07/26/2022, 4:44 PM
did you try and flip over to dockerd in the Kubernetes config section just in case? I am pretty sure the issue is that mount of User which looks like it is coming from the Windows side and that wouldn’t work as a path in WSL2.
b

billowy-traffic-45695

07/26/2022, 4:45 PM
Any ideas what to do here. I have Wordpress working on port 8080 fine. I also realised that I had an old homebrew installed Apache/PHP/MySQL setup installed so I de-installed that and now I can get something up on port 80. Sadly not this containered Wordpress install so that’s why I thought this NginX Proxy manager would allow me to get a little farther and reverse proxy to port 8080.
AAh ok.
I’ll try it now. One sec
w

wide-mechanic-33041

07/26/2022, 4:46 PM
that volume mount assumes that the data volume exists in scope to WSL
stateful apps and containers can be an interesting challenge and things get more interesting as you look at multi-node deployments like k8s.
b

billowy-traffic-45695

07/26/2022, 4:52 PM
I can imagine.
So I just switched to Dockerd and it again built OK but I got these following errors
Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied
w

wide-mechanic-33041

07/26/2022, 4:56 PM
i would try and do the “host side” (left) of the volume mount to the fqdn. It seems the shim is assuming the volume is in Windows because the shim is running in Windows
b

billowy-traffic-45695

07/26/2022, 5:00 PM
Yeah that means very little to me at this stage. What does that translate to in actual changes to the yml file please Justin?
I understand FQDN “fully qualified domain name” but as I started a couple of days ago on containering just think of me as an idiot 😉
w

wide-mechanic-33041

07/26/2022, 5:06 PM
let me see if I can reproduce one volume mount in wsl2 (on a video call and a mac so may take a fwe). Just be VERY CAREFUL with stateful apps and containers.
b

billowy-traffic-45695

07/26/2022, 5:07 PM
Thanks Justin. I appreciate your help.
I’m guessing the reason that it wants to save data external from the container is to save you actually having to enter in reverse proxy settings every time you start up the containered app.
w

wide-mechanic-33041

07/26/2022, 5:45 PM
yup gut says it is an issue with the nerdctl shim and handling working directories. I know it’s come up before w compose calls. I would try flipping to dockerd in the “Kubernetes Settings” side
b

billowy-traffic-45695

07/26/2022, 5:45 PM
I did and it got me that second error.
Error response from daemon: error while creating mount source path ‘/Users/paulrandall/nginxproxymanager/data/mysql’: chown /Users/paulrandall/nginxproxymanager/data/mysql: permission denied
w

wide-mechanic-33041

07/26/2022, 5:46 PM
and containers are ephemeral so when you stop them any content written usually is discarded. so you use volume mounts to create a mount point that can contain something you want to persist.
b

billowy-traffic-45695

07/26/2022, 5:49 PM
Yes I understand. I guess that I can’t use this NginX Proxy Manager on a Mac in a container then. It’s a shame as I was hoping this would be the last piece in the puzzle.
w

wide-mechanic-33041

07/26/2022, 5:49 PM
hmm grabbed that “app” section of the yaml and i could start up proxymanager and got two folders in the same folder as my compose.yml named data and letsencrypt
b

billowy-traffic-45695

07/26/2022, 5:50 PM
Actually so did I. But it still throws those errors.
Just checked.
drwxr-xr-x 3 paulrandall staff 96 26 Jul 17:52 data/ -rw-r--r-- 1 paulrandall staff 586 26 Jul 16:57 docker-compose.yml drwxr-xr-x 2 paulrandall staff 64 26 Jul 17:52 letsencrypt/
w

wide-mechanic-33041

07/26/2022, 5:50 PM
yeah i am using only part of your compose spec
maybe the mysql side is the issue. and remember likely that was intended for use on linux and not wsl2
b

billowy-traffic-45695

07/26/2022, 5:52 PM
So does the Mac version of RD use WSL2 as well as the Windows vewrsion then?
I’m on an old 2012 Intel Mac Mini for all this. It’s the only non Apple Silicon Mac I have and the reason I’m using it for this.
w

wide-mechanic-33041

07/26/2022, 5:52 PM
heh no WSL is Windows Subsystem for Linux. 😉 Mac and Linux use a VM
ohh sorry i may be getting conused. i thought you were doing this on windows
b

billowy-traffic-45695

07/26/2022, 5:53 PM
Well as I am on a Mac then do you think it wants me to use WSL2 and that’s the issue?
w

wide-mechanic-33041

07/26/2022, 5:53 PM
no
similar problems, but contributes to why i couldn’t repro
b

billowy-traffic-45695

07/26/2022, 5:54 PM
No matey. I only have Macs here. I do have a Windows install on the same drive with Bootcamp but prefer to use Mac as that’s what I am most familiar with.
👍 1
I see.
Makes sense then.
So is it the original image that they created. Set up specifically so that it won’t save persistent data on a Mac or Linux
w

wide-mechanic-33041

07/26/2022, 5:59 PM
so that is the nature of containers… nothing to do with the Host OS
b

billowy-traffic-45695

07/26/2022, 6:01 PM
w

wide-mechanic-33041

07/26/2022, 6:01 PM
in this case the image is actually running on a linux kernel either through a system like WSL2 or through a VM with a minimal OS (Alpine)
b

billowy-traffic-45695

07/26/2022, 6:05 PM
version: ‘3’ services: app: image: ‘jlesage/nginx-proxy-manager’ # Keep ports: - ‘80:80’ # Keep !Important - ‘81:81’ # Keep !Important - ‘443:443’ # Keep !Important environment: DB_MYSQL_HOST: “proxy_db” # Keep !Important DB_MYSQL_PORT: 3306 # Keep !Important DB_MYSQL_USER: “npm” # Change DB_MYSQL_PASSWORD: “npm” # Change DB_MYSQL_NAME: “npm” volumes: - /Users/Example/Documents/ProxyManager/data # Change to match your Mac User - /Users/User/Documents/ProxyManager/letsencrypt # Change to match your Mac User db: image: ‘mariadb’ environment: MYSQL_ROOT_PASSWORD: “npm” # Change MYSQL_DATABASE: “Proxy_db” # Keep !Important MYSQL_USER: “npm” # Change MYSQL_PASSWORD: “npm” # Change volumes: - /Users/Example/Documents/ProxyManager/letsencrypt/mysql # Change to match your Mac User
Maybe this is different enough to work. I’ll have a go 😉
w

wide-mechanic-33041

07/26/2022, 6:06 PM
just used your original and it is working fine
on my mac
b

billowy-traffic-45695

07/26/2022, 6:06 PM
Scratches head!!!
w

wide-mechanic-33041

07/26/2022, 6:07 PM
Copy code
version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
      - ./data/mysql:/var/lib/mysql
thats using dockerd about to try containerd
yeah nerdctl shim is still having issues on my machine when it comes to pwd
b

billowy-traffic-45695

07/26/2022, 6:12 PM
Strange eh.
w

wide-mechanic-33041

07/26/2022, 6:14 PM
got it i think
b

billowy-traffic-45695

07/26/2022, 6:14 PM
I’m just restarting RD with containerd and then I’ll see if this new compose version works now I’ve customised it.
Really?
w

wide-mechanic-33041

07/26/2022, 6:14 PM
yeah so its tied to the working directory
i created my compose folder in /tmp which exists in Alpine
so in the VM you can see the folders in /tmp
b

billowy-traffic-45695

07/26/2022, 6:14 PM
And it worked?
w

wide-mechanic-33041

07/26/2022, 6:15 PM
but Users does not exist in Alpine and thats where yours is
b

billowy-traffic-45695

07/26/2022, 6:15 PM
Aah I see. I think!
w

wide-mechanic-33041

07/26/2022, 6:15 PM
try moving the folder containing your compose.yaml to /tmp and see if things change
relative directories are also weird
i have done almost zero on volume mounts in RD (or docker solo) for a while so needed to repro to see what the issue might be
b

billowy-traffic-45695

07/26/2022, 6:18 PM
I’m still waiting for the other version of the compose file I found to build in containerd but if it fails I’ll try the /tmp option. One sec.
Ooh finished and built without errors.
w

wide-mechanic-33041

07/26/2022, 6:18 PM
yeah cool… if you remove the “.” it will create a /data and /letsencrypt in the root of the Alpine VM
b

billowy-traffic-45695

07/26/2022, 6:19 PM
Yep I see those
w

wide-mechanic-33041

07/26/2022, 6:19 PM
so you may want to do like /customer1/data and in the other compose do /customer2/data or else the volume mounts will step on each other
i wouldn’t do the relative pathing though because it tries to take the path of your compose and inject it into Alpine
b

billowy-traffic-45695

07/26/2022, 6:21 PM
That makes sense.
514d8c870ea1 docker.io/jlesage/nginx-proxy-manager:latest “/init” 7 minutes ago Up 0.0.0.0:80->80/tcp, 0.0.0.0:81->81/tcp, 0.0.0.0:443->443/tcp nginxproxymanager_app_1 bbcd0507092a docker.io/library/mariadb:latest “docker-entrypoint.s…” 7 minutes ago Up nginxproxymanager_db_1
👍 1
But I still can’t see it if I type http:// 127.0.0.1:81/login
Or localhost:81
Maybe I need to open that port. D’oh!!!
w

wide-mechanic-33041

07/26/2022, 6:30 PM
Copy code
version: '3'
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "npm"
      DB_MYSQL_PASSWORD: "npm"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /data:/data
      - /letsencrypt:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    environment:
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'npm'
    volumes:
      - /data/mysql:/var/lib/mysql
i get a clean start from the above and I can get the “successfully started” on 80 on my machine fwiw
b

billowy-traffic-45695

07/26/2022, 6:31 PM
On a Mac?
Dockerd or Containerd?
Dude I’m in 🙂 Thanks. That seemed to work. In Dockerd though
w

wide-mechanic-33041

07/26/2022, 6:36 PM
mac and dockerd. sorry back and forth with things
b

billowy-traffic-45695

07/26/2022, 6:37 PM
Right, on that note I am going to play with it and then go cook food. The wife is losing it as she needs her BBQ tasties.
Wow. I’m logged in and everything. OK food time before divorce papers are passed to me 😉 Thanks again and I’ll report back when I’ve got things working (if I do) 🙂 Have a great day.
w

wide-mechanic-33041

07/26/2022, 6:44 PM
always good to leave on a high note
b

billowy-traffic-45695

07/26/2022, 6:46 PM
Indeed. It’s great. I can’t actually run the Wordpress distro alongside it as it uses the same 443 port but I will see if that’s debuggable.
Bind for 0.0.0.0:443 failed: port is already allocated
Anyway. Have a great day. Thanks again Justin.
w

wide-mechanic-33041

07/26/2022, 6:47 PM
yup you will need to play with those ports a bit to avoid conflicts
b

billowy-traffic-45695

07/26/2022, 7:00 PM
Yeah. I'm sure I'll get there.
Nearly there now. I have NGINX Proxy Manager running and Wordpress running at the same time and I can get into the Wordpress install on 8080 and the proxy manager on 81. See below: paulrandall@Pauls-Mac-mini wp1 % docker container ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 6933589374ef wordpress:latest “docker-entrypoint.s…” 58 seconds ago Up 54 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp wp1-wp-1 3bde41d6b5f1 mysql:latest “docker-entrypoint.s…” 58 seconds ago Up 56 seconds 127.0.0.1:3306->3306/tcp, 33060/tcp wp1-db-1 5c2465e4c0da jc21/nginx-proxy-manager:latest “/init” 14 hours ago Up 14 hours 0.0.0.0:80-81->80-81/tcp, :::80-81->80-81/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp nginxproxymanager-app-1 618ed5e5cea5 jc21/mariadb-aria:latest “/scripts/run.sh” 14 hours ago Up 14 hours 3306/tcp nginxproxymanager-db-1 52fdcec65293 72463d8000a3 “/entrypoint.sh --gl…” 14 hours ago Up 14 hours k8s_traefik_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2 308cc2f83643 fb9b574e03c3 “local-path-provisio…” 14 hours ago Up 14 hours k8s_local-path-provisioner_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2 517b9d69ab41 dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-443_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2 3f845381f75b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_traefik-7cd4fcff68-lns28_kube-system_100b515c-01c0-4b83-b237-9359068f37b2_2 9e63f437f9be dbd43b6716a0 “entry” 14 hours ago Up 14 hours k8s_lb-tcp-80_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2 1e7a99d7f102 f73640fb5061 “/metrics-server --c…” 14 hours ago Up 14 hours k8s_metrics-server_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2 1564154115c2 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_local-path-provisioner-7b7dc8d6f5-nd52t_kube-system_89cacf18-4239-43b7-a772-a02f2b78daaa_2 66193378d9ce 99376d8f35e0 “/coredns -conf /etc…” 14 hours ago Up 14 hours k8s_coredns_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2 e2e4e0c2b0cb k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_metrics-server-668d979685-hpcc2_kube-system_d75b8dfc-a9e2-4544-a663-c021442918f8_2 ad6779f1f03b k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_coredns-b96499967-fl5wj_kube-system_84112cd7-a9b7-4c3c-a7de-798a1a0d324c_2 57dcf3183626 k8s.gcr.io/pause:3.6 “/pause” 14 hours ago Up 14 hours k8s_POD_svclb-traefik-aedb3f7c-rn9bg_kube-system_edc84ae6-6cdd-4aae-a03b-7827108c411f_2
Only issue left now is that if I look the IP address with a local browser without specifying a port (i.e. port 80) I get “It Works!” and that is the built in web server Apple provides. So it basically seems to get priority for listening on port 80 without any obvious way of disabling it. However I obviously want to use the web server in the container that is running NGINX proxy manager on port 80. So any idea how to move forward on that? I’m so close as you can see to displaying one website that is protected by reverse proxy. D’oh!!!
414 Views