- Documentation
- NGINX http_gzip module
- NGINX http_gunzip module
- Enable gzip. by default, we’re not going to compress the responses that we’re getting from proxied servers or any piece of content that isn’t HTML.
- But if one of our proxied servers happens to send us a pre-compressed response then we probably want to decompress it for clients that can’t handle gzip. In this situation, we’ll use the gunzip module
$ vim /etc/nginx/nginx.conf
- Setup a real domain with an SSL certificate from Let’s Encrypt.
- Prereq: Own a Domain
- Documentaion
- Let's Encrypt
- Cerbot (https://certbot.eff.org/)
- Seting a domain for binarybutter.com. DNS records are as follows
NAME TYPE DATA @ A MY_PUBLIC_IP_ADDRESS
- Prior to version 1.11, Kubernetes used iptables NAT and the conntrack kernel module to track connections. To list all the connections currently being tracked, use the conntrack command:
- To list conntrack-tracked connections to a particular destination address, use the -d flag:
conntrack -L -d 10.32.0.1
- It's possible your connection tracking table is full and new connections are being dropped. If that's the case you may see messages like the following in your system logs:
Employing the single-container pattern means just putting your application into a container. It's how you usually start your container journey. But it's important to keep in mind that this pattern is all about simplicity, meaning that the container must have only one responsibility. That means it's an anti-pattern to have a web server and a log processor in the same container.
Containers are commonly used for web apps, where you expose an HTTP endpoint. But they can be used for many different things.
In Docker, you have the ability to change the behavior of a container at runtime, thanks to the CMD and ENTRYPOINT instructions. So I'm not limited to using containers for HTTP services. I can also use them for any bash script that accepts some parameters at runtime.
By letting containers change behavior at runtime, you can create a base container that can be reused in different contexts. So you'd use the single-container pattern to expose