Learn how to set up PostgreSQL in a Docker container on a RHEL VM, configure Nginx as a reverse proxy, and make your database accessible from another machine securely. This guide covers each step from creating a Docker Compose setup for PostgreSQL to configuring firewalls and security settings.
- Docker installed on the RHEL VM.
-
Organize your PostgreSQL setup by creating a
servicesdirectory and a subdirectory for PostgreSQL.mkdir -p services/postgres cd services/postgres -
This file defines the Docker services for PostgreSQL.
touch docker-compose.yml vi docker-compose.yml
Add the following configuration to the
docker-compose.ymlfile:services: postgres: image: postgres:latest container_name: postgresql environment: POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_DB: testdb ports: - "5432:5432" volumes: - pgdata:/var/lib/postgresql/data deploy: resources: limits: cpus: '1.5' # Limit to 1.5 CPUs out of 2 memory: 3g # Limit memory usage to 3 GB out of 4 GB volumes: pgdata:
- This configuration pulls the latest PostgreSQL image and sets environment variables for the user, password, and database name.
- The
portssection maps port 5432 on the host to port 5432 in the container, allowing external connections. - The
pgdatavolume ensures data persists even if the container is removed.
-
Allow traffic through the firewall for the PostgreSQL and Nginx proxy ports.
sudo firewall-cmd --add-port=5432/tcp --permanent sudo firewall-cmd --add-port=9856/tcp --permanent
-
By default, SELinux restricts web server processes (like Nginx) from making network connections. Run the following command to enable network connections:
sudo setsebool -P httpd_can_network_connect 1
-
Reload the firewall to apply these changes.
sudo firewall-cmd --reload
-
Bring up the PostgreSQL container in detached mode.
sudo docker-compose up -d
This command will download the PostgreSQL image (if not already downloaded), create the container, and start it in the background.
-
Confirm that PostgreSQL is running by accessing it from within the container:
sudo docker exec -it postgresql psql -U postgres -d testdbThis command opens an interactive
psqlsession connected to thetestdbdatabase as thepostgresuser. -
Install Nginx if it is not already installed.
sudo yum install nginx
-
Nginx can act as a reverse proxy, forwarding requests on port 9856 to PostgreSQL’s port 5432.
-
Create a configuration file for the proxy setup:
touch /usr/share/nginx/modules/posgres.conf sudo vi /usr/share/nginx/modules/posgres.conf
-
Add the following configuration:
stream { server { listen 9856; proxy_connect_timeout 60s; proxy_pass localhost:5432; } }
-
This configuration tells Nginx to listen on port 9856 and forward traffic to
localhost:5432(PostgreSQL’s port within the VM).
-
-
Apply the new configuration by restarting Nginx:
sudo systemctl restart nginx
-
Verify that Nginx is successfully forwarding requests by using
nc(netcat) from another machine or your VM.nc -vz 10.0.0.132 9856
-
Make sure that your VM's network security settings (e.g., security groups, ingress rules) allow access to port 9856.
-
From a different VM or machine, connect to PostgreSQL using the Nginx proxy:
psql -h <your_host> -p 9856 -U postgres -d testdb
Replace
<your_host>with the IP address of your VM. This command should establish a remote connection to the PostgreSQL instance hosted in Docker.
With these steps, you have successfully set up a PostgreSQL database in a Docker container on RHEL, configured Nginx as a reverse proxy to forward external traffic, and opened necessary ports. This setup ensures that your database is accessible securely and can handle incoming connections from other machines on the network.