Docker nginxでKeycloakを LBする
概要
ローカルで動作させている keycloakコンテナが セッション共有できているか検証するため DockerでLB設定をしたときの記録
docker network設定
1
|
docker network create mynet |
keycloak起動
keycloak-1
1 2 3 4 5 6 |
docker run -dP \ --name keycloak-2 \ --network mynet \ -e KEYCLOAK_USER=admin \ -e KEYCLOAK_PASSWORD=admin \ jboss/keycloak:10.0.2 |
keycloak-2
1 2 3 4 5 6 |
docker run -dP \ --name keycloak-2 \ --network mynet \ -e KEYCLOAK_USER=admin \ -e KEYCLOAK_PASSWORD=admin \ jboss/keycloak:10.0.2 |
nginx設定
nginx.conf
~/nginx.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
#include /etc/nginx/conf.d/*.conf;
upstream keycloak {
server keycloak-1:8080;
server keycloak-2:8080;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
#server_name _;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://keycloak;
client_max_body_size 200M;
}
}
} |
nginx 起動
1 2 3 4 5 6 |
docker run --name nginx \
--net mynet \
-p 8080:80 \
-v ~/nginx.conf:/etc/nginx/nginx.conf \
-d \
nginx |
検証
http://127.0.0.1:8080 にアクセス
moremagic
2020-08-03