Starting to dockerize my Rails application I am facing following problem:
My idea was to have every web application with their Wsgi and dependencies running in an extra docker container and the database also ruiing in seperate containers while using docker-compose to set it up.
Outside the containers Nginx is routing traffic then depending on the domain to the specific container via unix sockets.(Didn’t want nginx in a container to reduce the complexity and avoid having multiple nginx running in multiple containers to maintain multiple webapps).
Before starting with docker my wsgi and nginx got connected via unix sockets. But after dockerizing this is not working anymore. Only connecting them with ports works now which I would like to avoid.
Is there anyway way to connect Nginx on the host via unix sockets with the WSGI inside a container? If not what is best practice here?
My approach was to use shared volumes as location for the socket file but nginx cant access the socket created by the wsgi unicorn:
Socket created by unicorn:
srwxrwxrwx 1 root root 0 Nov 14 14:53 unicorn.sock=
Nginx error:
*2 connect() to unix:/ruby-webapps/myapp/shared/sockets/unicorn.sock failed (13: Permission denied) while connecting to upstream
Nginx sites-avaible/myapp:
upstream myapp {
# Path to Unicorn SOCK file, as defined previously
server unix:/ruby-webapps/myapp/shared/sockets/unicorn.sock fail_timeout=0;
}
server {
listen 80 default_server;
…
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name myapp.de www.myapp.de;
root /ruby-webapps/myapp; try_files $uri/index.html $uri @MyApp;
location @MyApp { proxy_pass http://myapp; #proxy_pass http://127.0.0.1:3000; proxy_set_header X-Forwarded-For https; proxy_redirect off; }
}
docker-compose.yml:
version:'2' services: postgresmyapp: image: postgres env_file: .env myapp: build: . env_file: .env command: supervisord -c /myapp/unicorn_supervisord.conf volumes: - .:/myapp ports: - "3000:3000" links: - postgreslberg
config/unicorn.rb:
app_dir = File.expand_path(“…/…”, FILE)
shared_dir = “#{app_dir}/shared”
working_directory app_dirrails_env = ENV['RAILS_ENV'] || 'production' # Set unicorn options worker_processes 2 preload_app true timeout 30 # Set up socket location listen "#{shared_dir}/sockets/unicorn.sock", :backlog => 64 #listen(3000, backlog: 64) stderr_path "#{shared_dir}/log/unicorn.stderr.log" stdout_path "#{shared_dir}/log/unicorn.stdout.log" pid "#{shared_dir}/pids/unicorn.pid"