3-Tier Architecture Deployment with Docker: Proxy Server Configuration (2)

·

3 min read

In this post, we'll dive into configuring the proxy servers necessary for handling requests in a 3-tier architecture with Docker, focusing on Nginx and HAProxy.

Traffic Flow

Nginx Configuration

Dockerfile

FROM nginx:1.25.4-alpine
COPY nginx.conf /etc/nginx/nginx.conf
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
  • Base Image: nginx:1.25.4-alpine (lightweight version of Nginx).

  • Copy Configuration: Copies a custom nginx.conf file.

  • Expose Port: Opens port 80 for web traffic.

  • Command: Runs Nginx in the foreground.

nginx.conf

events {
    worker_connections 1024;  # Max connections per worker process.
}

http {
    upstream frontend {
        server frontend_service:3000;  # Defines server handling frontend requests.
    }

    upstream haproxy_backend {
        server haproxy:10001;  # Defines server handling backend requests via HAProxy.
    }

    server {
        listen 80 default_server;  # Listens on port 80.

        location / {
            proxy_pass http://frontend;  # Proxies root path requests to frontend upstream.
            add_header 'Access-Control-Allow-Origin' '*' always;  # CORS headers.
            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
            add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always;

            if ($request_method = 'OPTIONS') {
                add_header 'Access-Control-Max-Age' 1728000;
                add_header 'Content-Length' 0;
                return 204;  # Handles preflight OPTIONS requests.
            }
        }

        location /api {
            proxy_pass http://haproxy_backend;  # Proxies /api requests to HAProxy backend.
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}
  • Worker Connections: Set to 1024 for handling concurrent connections.

  • Upstreams:

    • frontend: Routes frontend requests to frontend_service:3000.

    • haproxy_backend: Routes backend requests to haproxy:10001.

  • CORS Handling: Includes headers to allow cross-origin requests.

  • Proxying:

    • Root (/) requests go to the frontend.

    • /api requests are forwarded to HAProxy.

HAProxy Configuration

Dockerfile

FROM haproxy:latest
COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"]
  • Base Image: haproxy:latest (latest version of HAProxy).

  • Copy Configuration: Copies custom haproxy.cfg file.

  • Command: Starts HAProxy with the specified configuration.

haproxy.cfg

defaults
  mode http  # Operates in HTTP mode.
  timeout client 10s
  timeout connect 5s
  timeout server 10s
  timeout http-request 10s

resolvers docker
   nameserver dns1 127.0.0.11:53  # Uses Docker's internal DNS.

frontend myfrontend
  bind :10001  # Listens on port 10001.

  http-response set-header Access-Control-Allow-Origin "*"
  http-response set-header Access-Control-Allow-Methods "GET, POST, OPTIONS, DELETE, PUT"
  http-response set-header Access-Control-Allow-Headers "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range"
  http-response set-header Access-Control-Expose-Headers "Content-Length,Content-Range"

  acl OPTIONS_method method OPTIONS
  http-response set-header Access-Control-Allow-Origin "*" if OPTIONS_method
  http-response set-header Access-Control-Allow-Methods "GET, POST, OPTIONS, DELETE, PUT" if OPTIONS_method
  http-response set-header Access-Control-Allow-Headers "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range" if OPTIONS_method
  http-response set-header Access-Control-Max-Age 1728000 if OPTIONS_method
  http-response set-status 200 if OPTIONS_method

  default_backend backend_server

backend backend_server
    server backend1 backend_service:8080 check resolvers docker
    server backend2 backend_service:8080 check resolvers docker
    server backend3 backend_service:8080 check resolvers docker
  • Defaults:

    • Operates in HTTP mode.

    • Timeout settings to handle requests efficiently.

  • Resolvers: Uses Docker's DNS for internal name resolution.

  • Frontend:

    • Listens on port 10001.

    • CORS headers and preflight OPTIONS handling.

  • Backend:

    • Routes traffic to backend_service instances on port 8080.

This post provides a clear guide on setting up Nginx and HAProxy as proxy servers in a Dockerized 3-tier architecture. The included configurations are optimized for handling CSR-based requests and managing cross-origin resource sharing (CORS).

Next Steps

In the next post, I'll cover setting up the frontend, backend, and database services to complete the 3-tier architecture.