I am running a handful of containers inside of a managed Docker Cloud setup.
There’s 8 containers, 3 nodes (hosts)
Each of the 8 containers includes port 22, 80, 443 - a typical LAMPish setup.
Obviously I can’t take over the host port 80/443/etc. So I leave it up to Docker to do random port assignment, or even fixed port assignments (i.e. for port 443 container 2 is 32443, container 3 is 33443, container 4 is 34443, etc)
However, the containers could actually be on any of the host nodes. Docker Cloud provides the *.svc.dockerapp.io endpoint, and even *.cont.dockerapp.io endpoints, but I have to build a service registry myself to keep tabs on the current mappings and then subscribe to updates (which I halfway have working, but it’s kinda ugly)
The issue is all of these have frontend addresses.
So they can all go through the same “load balancer” with a wildcard cert, which will redirect traffic to the appropriate service or container endpoint. That was what I was thinking I would have to do. But it seems pretty gross and very manual. Is there something someone has made? Seems like AWS ECS has managed to figure this out, or they just give each container it’s own private IP (unsure) - which would be great, but it doesn’t look like I can do that under Docker Cloud --net=host or in AWS, period, I guess?