nginx defaults to 8080 even if we tell otherwise

Question

nginx defaults to 8080 even if we tell otherwise

adnsimona opened this issue a year ago · 8 comments

adnsimona commented a year ago

Describe the bug

We used the 1.23.0 version without issue.
Updating to 1.25.2 caused this issue:

Even if we tell in the conf file (the same as before the update) to use a specific port from an environment variable, it still defaults to the 8080 port.

To reproduce

Hard to tell.
Maybe using something like:

http {
    ...

    server {
        listen ${FE_PORT};

And with docker-compose run it in network_mode: host

Expected behavior

"listen PORT" opens the PORT not 8080

Your environment

builder docker version: probably 24.0.6, build ed223bc, but not sure (RHEL8)
user docker version: 1.13.1, build 7d71120/1.13.1 (RHEL7)
nginx docker base image version: 1.25.2

Answer 1 · 2023-10-19T10:07:56.000Z

Windows 10 + Docker Desktop 4.21.1 (114176):

building locally:
running with custom ports using docker command:
It works correctly.

Answer 2 · 2023-10-19T10:10:56.000Z

Additional info:
We had issue with "schema 2" when trying to build our new nginx based docker image on RHEL7 1.13.1, so we updated the builder machine to the one above.

Answer 3 · 2023-10-20T06:12:11.000Z

Maybe a clarification:
We used multiple nginxinc/nginx-unprivileged images in "network mode: host" together.
It didn't try to open any other port than specified in the nginx_template.conf's listen,
but now it wants to open the 8080 port on the host for every nginx image based container with the same setup, therefore it lets only one run, and the rest are denied. What could have changed that causing this?

Answer 4 · 2023-10-20T06:57:59.000Z

Considering the answer of meyay here: https://forums.docker.com/t/how-do-i-unexpose-ports/67863
in host mode the EXPOSE directive in the Dockerfile opens the port. And there is no way to remove/overwrite this directive by a new Dockerfile layer.

Answer 5 · 2023-10-20T10:49:34.000Z

I tried with truncating the default.conf in our dockerfile. It gave me the result on the rhel7 using 1.13.1 docker:

/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Ignoring /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh, not executable
/docker-entrypoint.sh: Ignoring /docker-entrypoint.d/15-local-resolvers.envsh, not executable
/docker-entrypoint.sh: Ignoring /docker-entrypoint.d/20-envsubst-on-templates.sh, not executable
/docker-entrypoint.sh: Ignoring /docker-entrypoint.d/30-tune-worker-processes.sh, not executable
/docker-entrypoint.sh: Configuration complete; ready for start up

But on Windows with Docker Desktop 4.24.2 it gave me a working result:

2023-10-20T08:47:03.596197000Z /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
2023-10-20T08:47:03.597089200Z /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
2023-10-20T08:47:03.598042800Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
2023-10-20T08:47:03.603580500Z 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
2023-10-20T08:47:03.616023200Z 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
2023-10-20T08:47:03.616382100Z /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
2023-10-20T08:47:03.616828200Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
2023-10-20T08:47:03.626551600Z 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/nginx.conf.template to /etc/nginx/nginx.conf
2023-10-20T08:47:03.630479800Z /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
2023-10-20T08:47:03.632278500Z /docker-entrypoint.sh: Configuration complete; ready for start up

So it didn't processed the template on the rhel7 machine, therefore it is not working correctly: /etc/nginx/nginx.conf stays the default one.

Answer 6 · 2023-10-20T11:14:57.000Z

stepping into the container, all look executable for all users:

-rwxr-xr-x 1 root root 2.1K Oct 16 00:06 10-listen-on-ipv6-by-default.sh
-rwxr-xr-x 1 root root  276 Oct 16 00:06 15-local-resolvers.envsh
-rwxr-xr-x 1 root root 3.0K Oct 16 00:06 20-envsubst-on-templates.sh
-rwxr-xr-x 1 root root 4.6K Oct 16 00:06 30-tune-worker-processes.sh

Answer 7 · 2023-10-23T20:28:07.000Z

See nginxinc/docker-nginx#319 for the discussion and rationale.
Also, see moby/moby#3465 for a relevant moby discussion.

Answer 8 · 2024-02-13T16:58:44.000Z

Closing this given that per the above issue threads, this is a "feature" of Docker.

You should be able to side step this issue by extending this image and doing something similar to what this comment details moby/moby#3465 (comment)