Skip to content

Instantly share code, notes, and snippets.

@joekr

joekr/Dockerfile-Nginx

Last active January 9, 2025 12:22
Show Gist options
  • Save joekr/13f7a19a48bd3721e70e to your computer and use it in GitHub Desktop.
Save joekr/13f7a19a48bd3721e70e to your computer and use it in GitHub Desktop.
Download ZIP
Kubernetes + Rails (NGINX & Unicorn) on GCE
Raw
db-service.yaml
apiVersion: v1
kind: Service
metadata:
name: db
labels:
name: db
spec:
ports:
- port: 5432
selector:
run: db
Raw
docker-compose.yml
version: '2'
services:
web:
restart: always
dns:
- 8.8.8.8
build:
context: ./web
environment:
RAILS_ENV: production
WEB_DATABASE_HOST: db
SECRET_KEY_BASE: a964ebdd62805aeff7659781ae0e017e94b9fb8a90a8187dd01f68fefa3791cd1d72ea36f469bc3ad3da1efa36981147afdffe2461afac518ee2a672fb201948
WEB_DATABASE_PASSWORD: postgres
expose:
- "8080"
volumes:
- ./web:/my_project
links:
- db
nginx:
build: ./nginx
links:
- web
# - api
ports:
- "80:80"
expose:
- "80"
volumes:
- "/var/run/docker.sock:/tmp/docker.sock"
volumes_from:
- web
db:
image: postgres:latest
environment:
POSTGRES_USER: "postgres"
POSTGRES_PASSWORD: "postgres"
ports:
- "5432:5432"
Raw
Dockerfile-Nginx
# Set nginx base image
FROM nginx
# Copy custom configuration file from the current directory
COPY nginx.conf /etc/nginx/nginx.conf
Raw
Dockerfile-Rail
FROM foxio/rails
RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs npm nodejs-legacy
RUN mkdir /my_project
WORKDIR /my_project
ADD Gemfile /my_project/Gemfile
ADD Gemfile.lock /my_project/Gemfile.lock
RUN bundle install
ADD . /my_project
RUN rake bower:install
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
VOLUME ["/tmp"]
RUN chmod +x /my_project/init.sh
RUN chmod +x /my_project/kubernetes-post-start.sh
CMD ["sh", "/my_project/init.sh"]
ENTRYPOINT bundle exec unicorn -c config/unicorn.rb
Raw
init.sh
#!/bin/bash
RAILS_ENV=$RAILS_ENV bundle exec rake assets:precompile
Raw
kubernetes-post-start.sh
#!/bin/bash
RAILS_ENV=$RAILS_ENV bundle exec rake db:create
RAILS_ENV=$RAILS_ENV bundle exec rake db:migrate
cp -a /my_project/public/. /assets
Raw
nginx.conf
worker_processes 4;
events { worker_connections 1024; }
http {
upstream unicorn {
least_conn;
#server web:8080 weight=10 max_fails=3 fail_timeout=30s;
server unix:/tmp/unicorn.sock fail_timeout=0;
}
server {
listen 80;
root /my_project/public;
# serve static (compiled) assets directly if they exist (for rails production)
location ~ ^/(assets|images|javascripts|stylesheets|swfs|system)/ {
include /etc/nginx/mime.types;
try_files $uri @unicorn;
access_log off;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
# Some browsers still send conditional-GET requests if there's a
# Last-Modified header or an ETag header even if they haven't
# reached the expiry date sent in the Expires header.
add_header Last-Modified "";
add_header ETag "";
break;
}
# send non-static file requests to the app server
location / {
try_files $uri @unicorn;
}
location @unicorn {
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header Host $http_host;
#proxy_redirect off;
#proxy_pass http://unicorn;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
# If you don't find the filename in the static files
# Then request it from the unicorn server
if (!-f $request_filename) {
proxy_pass http://unicorn;
break;
}
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /my_project/public;
}
}
}
Raw
unicorn.rb
worker_processes Integer(ENV['WEB_CONCURRENCY'] || 5)
timeout 60
preload_app true
before_fork do |server, worker|
Signal.trap 'TERM' do
puts 'Unicorn master intercepting TERM and sending myself QUIT instead'
Process.kill 'QUIT', Process.pid
end
end
after_fork do |server, worker|
Signal.trap 'TERM' do
puts 'Unicorn worker intercepting TERM and doing nothing. Wait for master to send QUIT'
end
end
working_directory "/my_project"
listen "/tmp/unicorn.sock", :backlog => 64
stderr_path "/my_project/log/unicorn.stderr.log"
stdout_path "/my_project/log/unicorn.stdout.log"
Raw
web-controller.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: www-v1
labels:
app: www
spec:
replicas: 2
selector:
app: www
version: v1
template:
metadata:
labels:
app: www
version: v1
spec:
volumes:
- name: web-assets
emptyDir: {}
- name: web-sock
emptyDir: {}
containers:
- name: web
image: gcr.io/[your GCE project]/rails-image:v1
ports:
- name: web-server
containerPort: 8080
env:
- name: RAILS_ENV
value: production
- name: WEB_DATABASE_HOST
value: db
- name: SECRET_KEY_BASE
value: 4fb2a451674dd7c5641577a0031847d82247bd137fedb0ba91c6d1a6ccbc8d2da370ffa164503f50c2f2c121f46f1f21b89dc946633924e0c464bdb69b368415
volumeMounts:
- mountPath: /assets
name: web-assets
- mountPath: /tmp
name: web-sock
lifecycle:
postStart:
exec:
command:
- /bin/bash
- -c
- /my_project/kubernetes-post-start.sh
- name: nginx
image: gcr.io/[your GCE project]/nginx-image:v1
ports:
- name: http-server
containerPort: 80
- name: https-server
containerPort: 443
volumeMounts:
- mountPath: /my_project/public
name: web-assets
readOnly: true
- mountPath: /tmp
name: web-sock
Raw
web-service.json
{
"kind":"Service",
"apiVersion":"v1",
"metadata":{
"name":"www",
"labels":{
"app":"www"
}
},
"spec":{
"ports": [
{
"name": "http",
"port":80,
"targetPort":"http-server"
},
{
"name": "https",
"port":443,
"targetPort":"https-server"
}
],
"selector":{
"app":"www"
},
"type": "LoadBalancer"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment