Login

Navigation

This articles is published 645 days ago and last updated 633 days ago, some information may be out of date.

Use Docker to deploy FRP services.drawio.png

About FRP

FRP standard for fast reverse proxy, is an open-source, concise and easy-to-use, high-performance reverse proxy software, supporting TCP, UDP, HTTP, HTTPS and other protocols.

Table of Contents


Requirement

  • Must have a server with an Public IP address (e.g. VPC).

How it work

architecture.png

  • The server runs, listens on a main port (default 7000), and waits for the client to connect;
  • The client connects to the main port of the server, and tells the server the port and forwarding type to listen on.
  • The server open new process session to listen on the specified port by the client;
  • Users on the Internet connects to the specified port by the client, and the server forwards data to the client through the connection with the client.
  • The client forwards the data to the local service, make the internal services expose to the Public Network.

Deploy FRP services

The configuration tutorial is mainly divided into two parts

  • One is the configuration of the server (Internet)
  • One is the configuration of the client (Intranet)

Server configuration

Create a frps.ini configuration file on Server

[common]
bind_addr = 0.0.0.0
bind_port = 7000
vhost_http_port = 80
vhost_https_port = 443
log_file = /tmp/frps.log
authentication_method = token
token = yM1nDMBFihB93zs376uR
ParameterDescription
bind_addr0.0.0.0 means listen on any IP address
bind_portDefault port 7000 is used to bind with the server
vhost_http_portVirtual host HTTP port
vhost_https_portVirtual host HTTPS port
log_file/tmp/frps.log logFile path
authentication_methodSpecifies authentication method (e.g. token)
tokenAuthentication token is yM1nDMBFihB93zs376uR

Full configuration file for frps (Server)

Use Docker Compose to Build the frps service

version: '3'
services:
    frps:
        image: snowdreamtech/frps:latest
        container_name: frps
        network_mode: host
        restart: always
        volumes:
            - ./frps.ini:/etc/frp/frps.ini
            - ./tmp:/tmp:rw

After modification, the following tree structure is displayed

.
├── docker-compose.yml
├── frps.ini
└── tmp (folder)

Create and start frps container

docker-compose up -d
ParameterDescription
upCreate and start containers
--detach , -dDetached mode: Run containers in the background

Open ports in firewall (option)

Ubuntu Firewall:

sudo ufw allow 7000/tcp

CentOS Firewall:

sudo firewall-cmd --permanent --add-port=7000/tcp

Client configuration

Create a frpc.ini configuration file on Server

[common]
server_addr = 12.34.56.78
server_port = 7000
token = yM1nDMBFihB93zs376uR
[web01]
type = http
local_ip = 127.0.0.1
local_port = 80
custom_domains = web01.yourdomain.com
ParameterDescription
server_addr12.34.56.78 means the Public IP of frps
server_portsame as server bind_port
tokensame as server authentication token
[web01]Local service name
typewhich type of service select (e.g. HTTP)
local_ip127.0.0.1 means localhost
local_portLocal service port (e.g. 80)
custom_domainsComplete domain name for user to access via Internet

==For HTTP/HTTPS services, DNS management is required.==

Full configuration file for frpc (Client)

Use Docker Compose to Build the frpc service

version: '3'
services:
    frpc:
        image: snowdreamtech/frpc
        container_name: frpc
        network_mode: host
        restart: always
        volumes:
            - ./frpc.ini:/etc/frp/frpc.ini

After modification, the following tree structure is displayed

.
├── docker-compose.yml
├── frpc.ini

Create and start frpc container

docker-compose up -d

Verify whether the container service is successfully started

docker-compose

Check the log output

docker-compose logs -f --tail="all"

Conclusion:

Here it is, congratulations, you have basically succeeded. but frp have many functions and features let us discovery.

e.g. TCP connection, Forward DNS query requests, Forward Unix Domain Socket, Expose your service privately, P2P Mode, etc.


Reference:


Related: