<!-- review: reviewed -->

<a id="http-docker"></a>

# Docker

The module provides dynamic configuration of proxied server groups
in both [HTTP](https://en.angie.software//angie/docs/configuration/modules/http/http_upstream.md#u-upstream) and [stream](https://en.angie.software//angie/docs/configuration/modules/stream/stream_upstream.md#s-u-upstream)
contexts based on Docker container labels.
For the functionality to work, a shared memory zone must be configured
in the group (see the `zone` description for [http](https://en.angie.software//angie/docs/configuration/modules/http/http_upstream.md#u-zone) and [stream](https://en.angie.software//angie/docs/configuration/modules/stream/stream_upstream.md#s-u-zone)).

#### NOTE
The module supports working with both Docker and its alternatives,
such as Podman, which implement a compatible API.

The module connects to the Docker daemon via API,
the interaction method with which is specified by the [docker_endpoint](#docker-endpoint) directive.
After obtaining a list of running containers,
Angie analyzes them for the presence of suitable [labels](#docker-labels).
If a container description contains a label with a port,
then the address and port of such a container,
as well as parameters from other labels of this container,
are automatically added to the corresponding `upstream` block
in the Angie configuration.

#### NOTE
The same container can be added to multiple `upstream` groups.
To do this, simply specify multiple sets of labels
with different group names and ports.

This is especially useful
if the container runs several different services on different ports —
each service can be associated with its own group.

The module then subscribes to container lifecycle events
and begins updating the proxied server configuration without reloading Angie:

- when starting a container with suitable labels,
  its internal IP address is added to the specified group;
- when stopping or removing a container,
  it is automatically removed from the group;
- when pausing a container with the **docker pause** command,
  the server is marked as `down`,
  and with **docker unpause** — as `up`.

<a id="configuration-example-12"></a>

## Configuration Example

The module's directives are always located in the `http` context,
but proxied server groups can be defined
in both the `http` context and the `stream` context.

Configuration example for `http`:

```nginx
http {

    # Examples of connection options:
    # docker_endpoint http://127.0.0.1:2375;
    # docker_endpoint https://127.0.0.1:2376;
    docker_endpoint unix:/var/run/docker.sock;

    # maximum Docker response buffer size (optional)
    # docker_max_object_size 128k;

    upstream u {

        zone z 1m; # shared memory zone is required
    }

    server {

        listen 80;
        server_name example.com;

        location / {

            proxy_pass http://u;
        }
    }
}
```

Similarly in stream context:

```nginx
http {

    # Examples of connection options:
    # docker_endpoint http://127.0.0.1:2375;
    # docker_endpoint https://127.0.0.1:2376;
    docker_endpoint unix:/var/run/docker.sock;

    # maximum Docker response buffer size (optional)
    # docker_max_object_size 128k;
}

stream {

    upstream u {

        zone z 1m;
    }

    server {

        listen 12345;
        proxy_pass u;
    }
}
```

Upon receiving an event for a container,
Angie looks for labels of the form
`angie.http.upstreams.<name>.port=<port>` (for HTTP context)
or `angie.stream.upstreams.<name>.port=<port>` (for stream context).
When a label is present, the container's address in the specified Docker network
(or the first available one if the `angie.network` label is not specified)
is added to the corresponding proxied server group.

If a container stops or is removed, the server is removed from the group;
if a container is paused, the server is marked as `down`.

Fragment of a `docker-compose.yml` file with labels that Angie recognizes:

```yaml
services:
  myapp:
    image: myapp:latest
    labels:
      - "angie.http.upstreams.u.port=8080"
      - "angie.network=my_bridge"
      - "angie.http.upstreams.u.weight=2"
      - "angie.http.upstreams.u.max_conns=50"
      - "angie.http.upstreams.u.max_fails=3"
      - "angie.http.upstreams.u.fail_timeout=10s"
      - "angie.http.upstreams.u.backup=true"
```

<a id="docker-labels"></a>

## Labels

Labels specify server parameters in the proxied server group
similar to the arguments of the `server` directive:

| Label                                                            | Purpose                                                                                                   |
|------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------|
| `angie.(http|stream).upstreams.<name>.port=<port>`  *(required)* | Container port that Angie will connect to;<br/>the container itself is added to the group named `<name>`. |
| `angie.network=<docker-network>`                                 | Name of the Docker network from which to take the container's IP address.                                 |
| `angie.(http|stream).upstreams.<name>.weight=<n>`                | Value of the `weight` parameter.                                                                          |
| `angie.(http|stream).upstreams.<name>.max_conns=<n>`             | Maximum number of simultaneous connections (`max_conns`).                                                 |
| `angie.(http|stream).upstreams.<name>.max_fails=<n>`             | Threshold for failed attempts (`max_fails`).                                                              |
| `angie.(http|stream).upstreams.<name>.fail_timeout=<t>`          | Interval for counting failed attempts (`fail_timeout`).                                                   |
| `angie.(http|stream).upstreams.<name>.backup=true|false`         | Marks the server as `backup`.                                                                             |
| `angie.(http|stream).upstreams.<name>.sid=<string>`              | Sets a custom server identifier (`sid`)<br/>for the proxied server.                                       |
| `angie.(http|stream).upstreams.<name>.slow_start=<time>`         | Enables `slow_start` mode with a configurable time period.                                                |

<a id="directives-13"></a>

## Directives

<a id="index-0"></a>

<a id="docker-endpoint"></a>

### docker_endpoint

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `docker_endpoint` `URL`;   |
|------------------------------------------------------------------------------------------|----------------------------|
| Default                                                                                  | —                          |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | http                       |

Specifies the method of connecting to the Docker daemon and enables tracking
of container events.
The following options are supported:

| `unix:/var/run/docker.sock`             | Connection via Unix socket (e.g., `/var/run/docker.sock`).   |
|-----------------------------------------|--------------------------------------------------------------|
| `http://host:port`, `https://host:port` | Connection via HTTP or HTTPS to a remote Docker API.         |

The connection can be additionally configured using the [client](https://en.angie.software//angie/docs/configuration/modules/http/index.md#client) context,
where the module adds two named `location` blocks:

- `@docker_events` is used to receive container events;
- `@docker_containers` — to get container information.

By default, they contain the [proxy_pass](https://en.angie.software//angie/docs/configuration/modules/http/http_proxy.md#proxy-pass) directive
with the connection address and several other optimal default settings,
to which other settings from the [Proxy](https://en.angie.software//angie/docs/configuration/modules/http/http_proxy.md#http-proxy) module can be added.

If the directive is specified,
Angie opens a connection to Docker using the specified method,
requests a list of running containers,
analyzes their labels and processes all subsequent container events,
adding or removing servers in proxied server groups according to the labels.

<a id="index-1"></a>

<a id="docker-max-object-size"></a>

### docker_max_object_size

| [Syntax](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)   | `docker_max_object_size` `<size>`;   |
|------------------------------------------------------------------------------------------|--------------------------------------|
| Default                                                                                  | `64k`                                |
| [Context](https://en.angie.software//angie/docs/configuration/configfile.md#configfile)  | http                                 |

Sets the maximum buffer size
that is used for both JSON responses to Docker requests
and for the container event stream.

- For regular requests (API version, container list, container information):
  the entire response must fit in the buffer, otherwise an error occurs.
- For container events, streaming processing is used
  with buffer reuse,
  which allows processing an unlimited stream of events.

The typical value of `64k` is sufficient for approximately 25 containers.

When Docker API connection errors or response processing errors occur,
the module automatically retries at specific time intervals.
The maximum number of retry attempts for getting information
about a specific container is limited to two *additional* attempts;
after that, the module stops attempting for that container.