Нужна помощь с конфигом
Есть проеть с 4 контейнерами frontend, api и 2 nginx
Пытаюсь выгрузить в кластер aws ecs es2
при старте контейнеров выдает следующую ошибку (depends_on от nginx к контейнерам поставил)
[emerg] 1#1: host not found in upstream "frontend" in /etc/nginx/conf.d/default.conf:63
proxy_pass http://frontend:3000;
proxy_pass http://api:3000;
На локальной машине запускаю так
ngnix-forontend
server {
listen 80; // на сервере открыт только 443
server_name default localhost nginx-frontend frontend;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name default localhost nginx-frontend frontend;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=31536000";
ssl_certificate /etc/nginx/certs/cert.crt;
ssl_certificate_key /etc/nginx/certs/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
gzip on;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied any;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout 60s;
client_body_timeout 60s;
send_timeout 60s;
reset_timedout_connection on;
client_header_buffer_size 2560k;
large_client_header_buffers 4 2560k;
client_max_body_size 20M;
client_body_buffer_size 16k;
location / {
proxy_pass http://frontend:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass_header Authorization;
if ($http_origin ~* "^https?://localhost$") {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Origin $http_origin;
}
if ($http_origin ~* "^https?://frontend$") {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Origin $http_origin;
}
if ($http_origin ~* "^https?://nginx-frontend$") {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Origin $http_origin;
}
}
}
ngnix-api
server {
listen 80;
server_name default localhost nginx-api api;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name default localhost nginx-api api;
ssl_certificate /etc/nginx/certs/cert.crt;
ssl_certificate_key /etc/nginx/certs/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=31536000";
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
gzip on;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied any;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/xml text/css application/x-javascript application/xml image/png image/x-icon image/gif image/jpeg application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout 60s;
client_body_timeout 60s;
send_timeout 60s;
reset_timedout_connection on;
client_header_buffer_size 2560k;
large_client_header_buffers 4 2560k;
client_max_body_size 20M;
client_body_buffer_size 16k;
location / {
set $cors 'true';
if ($http_origin ~* (^https?://(localhost(:3000)?|frontend(:3000))$)) {
set $cors 'true';
}
if ($cors != 'true') {
return 401;
}
if ($request_method = 'OPTIONS') {
# Tell client that this pre-flight info is valid for a day
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
return 204;
}
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
# required to be able to read Authorization header in frontend
#add_header 'Access-Control-Expose-Headers' 'Authorization' always;
proxy_pass http://api:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
}
}