Reverse proxy + Docker example

Purpose

Demonstrate how to use reverse proxy for backend application servers, all in the Docker's world.

Software stack

Nginx

• Reverse proxy

• Load balancing

• SSL termination: use make-cert.sh to generate self-signed certificate.

HAProxy

• Reverse proxy

• Load balancing

• Active health monitoring

• SSL termination: use make-cert.sh to generate self-signed certificate.

Node.js application server instances

• Source code in app directory.
• N instances.
• High availability and zero-downtime deployments via Nginx or HAProxy.

Redis server

• Shared datastore across all Node.js application instances.
• Persistence: RDB and AOF modes.

Usage #1: simple case

First, start the whole software stack:

$ docker-compose up -d

$ docker ps

Second, connect to Nginx via HTTP and HTTPS :

$ curl -v http://localhost:10080

$ curl -v --insecure https://localhost:10443

Third, connect to HAProxy via HTTP and HTTPS :

$ curl -v http://localhost:10090

$ curl -v --insecure https://localhost:10091

Usage #2: zero-downtime deployments

NOTE: Nginx supports "health_check" only in its commercial product "Nginx Plus" (see this and this). Therefore, only HAProxy is demonstrated in this zero-downtime case.

First, start the whole software stack:

$ docker-compose -f docker-compose-2.yml up -d

$ docker ps

Second, use browser to open HAProxy statistics report: http://localhost:10100/

Third, connect to HAProxy via HTTP and HTTPS :

$ curl -v http://localhost/

$ curl -v --insecure https://localhost/

Fourth, stop one of the application instances (e.g., app1):

$ docker-compose stop app1

Then, try to connect via HTTP and HTTPS. Any downtime?

Fifth, let the stopped instance come back to live:

$ docker-compose start app1

Then, try to connect via HTTP and HTTPS. Does the instance recieve packets from HAProxy again?