This post details how to deploy and run the nsq binaries inside Docker containers.
There is a single, minimal nsq image that contains all of the NSQ binaries. Each binary can be run by specifying the binary as the command when running Docker. The basic format is:
docker run nsqio/nsq /<command>
Note the / before the command. For example:
docker run nsqio/nsq /nsq_to_file
docker pull nsqio/nsq
docker run --name lookupd -p 4160:4160 -p 4161:4161 nsqio/nsq /nsqlookupd
First, get the docker host’s ip:
ifconfig | grep addr
Second, run the nsqd container:
docker pull nsqio/nsq
docker run --name nsqd -p 4150:4150 -p 4151:4151 \
nsqio/nsq /nsqd \
--broadcast-address=<host> \
--lookupd-tcp-address=<host>:<port>
Set the --lookupd-tcp-address flag to the host’s IP and the TCP port of previously run
nsqlookupd, i.e. dockerIP:4160:
For example, given a host IP of 172.17.42.1:
docker run --name nsqd -p 4150:4150 -p 4151:4151 \
nsqio/nsq /nsqd \
--broadcast-address=172.17.42.1 \
--lookupd-tcp-address=172.17.42.1:4160
Note that this uses port 4160, the port exposed when we started the nsqlookupd container (which
also happens to be the default port for nsqlookupd).
If you want to use a non-default port, change the -p parameter:
docker run --name nsqlookupd -p 5160:4160 -p 5161:4161 nsqio/nsq /nsqlookupd
That will make nsqlookupd available on the docker host’s IP on the ports 5160 and 5161.
To use TLS with containerized NSQ binaries, you need to include the certificate file, the private key,
and the root CA file. The Docker image has a volume mount available at /etc/ssl/certs/ available for
this purpose. Mount a host directory containing the files to the volume, then specify the files in the
command line, as usual:
docker run -p 4150:4150 -p 4151:4151 -p 4152:4152 -v /home/docker/certs:/etc/ssl/certs \
nsqio/nsq /nsqd \
--tls-root-ca-file=/etc/ssl/certs/certs.crt \
--tls-cert=/etc/ssl/certs/cert.pem \
--tls-key=/etc/ssl/certs/key.pem \
--tls-required=true \
--tls-client-auth-policy=require-verify
This will load the certificates from /home/docker/certs into the Docker container to use when running.
To store nsqd data on the host disk, use the /data volume as your data directory, which lets you mount
to a data-only Docker container
or mount to a host-directory:
docker run nsqio/nsq /nsqd \
--data-path=/data
To start nsqd, nsqlookupd, and nsqadmin together using docker-compose then create a docker-compose.yml.
version: '3'
services:
nsqlookupd:
image: nsqio/nsq
command: /nsqlookupd
ports:
- "4160"
- "4161"
nsqd:
image: nsqio/nsq
command: /nsqd --lookupd-tcp-address=nsqlookupd:4160
depends_on:
- nsqlookupd
ports:
- "4150"
- "4151"
nsqadmin:
image: nsqio/nsq
command: /nsqadmin --lookupd-http-address=nsqlookupd:4161
depends_on:
- nsqlookupd
ports:
- "4171"
To start run the following command from the same directory as the docker-compose.yml created previously.
docker-compose up -d
A private network will be created and three containers will be started using the private network. On the local host each container will have a random port mapped to ports exposed in the docker-compose.yml.
To view the running containers status and mapped ports.
docker-compose ps
To see the logs from the running containers.
docker-compose logs
Assuming that the nsqlookupd had host port 31001 mapped to the container port 4161 a simple ping could be performed using curl.
curl http://127.0.0.1:31001/ping