I have two containers in my container group on Azure using Azure Container Instances (ACI), one (container A) exposing ports 80 and 443 to the internet (reverse proxy), the other one (container B) also running on port 80. How do I map container B's port 80 to a different port, say 8080, so that the two containers don't collide with ports on localhost (on Azure, containers inside a container group can reach each other via localhost)?
I can't use 8080:80 because it needs to be a number and I don't see any other way to specify this. If I specify port 80 on container A, the reverse proxy just loops onto itself, essentially reverse proxying the reverse proxy (normally container B's port 80 would be reachable on localhost)
Example:
resource "azurerm_container_group" "main_containers" {
name = "containergroup"
location = var.location
resource_group_name = var.rg_name
ip_address_type = "public"
dns_name_label = local.dns_name_label
os_type = "Linux"
restart_policy = "Always"
tags = var.tags
container {
name = "nextcloud"
image = "nextcloud"
cpu = "0.8"
memory = "0.8"
environment_variables = {
MYSQL_DATABASE = azurerm_mariadb_database.nextcloud_database_db.name
MYSQL_USER = azurerm_mariadb_server.nextcloud_database.administrator_login
MYSQL_HOST = azurerm_mariadb_server.nextcloud_database.fqdn
}
secure_environment_variables = {
MYSQL_PASSWORD = azurerm_mariadb_server.nextcloud_database.administrator_login_password
}
volume {
name = azurerm_storage_share.nextcloud_storage_nextcloud_data_share.name
mount_path = "/var/www/html"
storage_account_name = azurerm_storage_account.nextcloud_storage.name
storage_account_key = azurerm_storage_account.nextcloud_storage.primary_access_key
share_name = azurerm_storage_share.nextcloud_storage_nextcloud_data_share.name
}
ports {
# This is what I want to do but it fails with:
# Inappropriate value for attribute "port": a number is required.
port = "8080:80"
protocol = "TCP"
}
}
container {
name = "reverse-proxy-https"
image = "caddy"
cpu = "0.2"
memory = "0.2"
commands = [
"caddy", "reverse-proxy",
"-from", local.public_domain_name,
# this is where I would tell to reverse-proxy to 8080
"-to", "localhost:8080",
]
ports {
port = 80
protocol = "TCP"
}
ports {
port = 443
protocol = "TCP"
}
volume {
name = azurerm_storage_share.nextcloud_storage_caddy_data_share.name
mount_path = "/data/caddy"
storage_account_name = azurerm_storage_account.nextcloud_storage.name
storage_account_key = azurerm_storage_account.nextcloud_storage.primary_access_key
share_name = azurerm_storage_share.nextcloud_storage_caddy_data_share.name
}
volume {
name = azurerm_storage_share.nextcloud_storage_caddy_config_share.name
mount_path = "/config/caddy"
storage_account_name = azurerm_storage_account.nextcloud_storage.name
storage_account_key = azurerm_storage_account.nextcloud_storage.primary_access_key
share_name = azurerm_storage_share.nextcloud_storage_caddy_config_share.name
}
}
}