dockernginxautoscalingnginx-reverse-proxydocker-engine

Running Docker Engine API behind Nginx

I'm trying to run and use docker behind nginx as a reverse proxy. Everything works fine except when docker responds with a raw stream "application/vnd.docker.raw-stream" instead of normal HTTP response. This is happening with endpoints /start, /attach, etc. documented here: https://docs.docker.com/engine/api/v1.21/#operation/ExecStart

This is when my nginx configuration doesn't forward the docker response to the client. I tried searching it up and there's just one blog article suggesting a patch to actual nginx C file: https://blog.yadutaf.fr/2014/12/12/how-to-run-docker-behind-an-nginx-reverse-proxy/

I followed the blog above completely, however, setting r->upstream->upgrade = 1; seems to have no effect on the /start HTTP endpoint in docker. Nginx simply doesn't respond. Is there any way around this? This is my nginx.conf file at the moment:

daemon off;
error_log /dev/stdout info;
# error_log logs/error.log debug;

events {
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                               '$status $body_bytes_sent "$http_referer" '
                               '"$http_user_agent" "$http_x_forwarded_for"';
    access_log /dev/stdout main;
    # include       mime.types;
    # default_type  application/octet-stream;
    # sendfile        on;
    # keepalive_timeout  65;

    upstream dockerpool {
        # session_sticky cookie=sessionid fallback=off mode=insert option=indirect;
        # backup server
        # server nginx_dev_test:80;
        server socat:2376;
    }

    server {
        listen 80;

        location / {
            # The upstream here must be a nginx variable
            set $ups dockerpool;
            proxy_buffering off;
            proxy_pass http://$ups;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
        }
    }

}
Solution

  • For anyone struggling with the same problem, I did extensive research on internet and there's no sane method to get what I wanted to work with Nginx, and even if you solve this, you'll blow your heads off autoscaling/load-balancing this architecture.

    Today, I moved to HAProxy using stick tables, works like a charm. Nginx is not suitable for this use case.

    Update: STUPID ME. This COULD work with nginx and/or HAProxy, just make sure you upgrade (downgrade?) your HTTP connection to TCP connection when running docker commands, etc.