Finding Out Nginx Instances Running In An Environment

Assuming the environment is a container based environment. Other kinds of environments - Virtual Machines, Physical Machines, etc
Blind Basic Checks for checking if nginx is running or not and how many nginx are running:
Check if the names of all the containers in all the pods have nginx in the name. Also check if the names of all the pods have nginx in the name
Why? This is based on the idea that if nginx is running in a container / pod, its container or pod name probably has the name nginx in it
Problems with this approach
It misses out containers where the container name may not mention nginx but maybe nginx is running in them. You never know
It misses out pods where the pod name may not mention nginx but maybe nginx is running in them. You never know
Maybe some containers may have nginx in the container name but may not be running nginx in them. You never know
Maybe some pods may have nginx in the pod name but may not be running nginx in them. You never know
Check if the image names of all the containers in all the pods have nginx in the name
Why? This is based on the idea that if nginx is running in a container, its image name probably has the name nginx in it
Problems with this approach
It misses out containers where the image name may not mention nginx but maybe nginx is running in them. You never know
Maybe some containers may have nginx in the image name but may not be running nginx in them. You never know
Check if the command names and/ entry points of all the container images (the build and runtime specification of the container image - for example Dockerfile ) of all containers in all the pods have nginx in the command name / entry point. You can check the source code of the command and/ entry points - for example, if it’s a script - say shell script (sh, bash etc) or Python script, or JavaScript, or Perl Script etc and see if it runs a nginx by checking for nginx in the command name of the command that’s being executed
Why? This is based on the idea that if nginx is running in a container, its command name / entry point name probably has the name nginx in it
Problems with this approach
It misses out containers where the command name / entry point may not mention nginx but maybe nginx is running in them. You never know
Maybe some containers may have nginx in the command name / entry point name but may not be running nginx in them. You never know
Check if the command names of all the containers (container specification) in all the pods have nginx in the name. This refers to - the container’s command field (not the args field)
Why? This is based on the idea that if nginx is running in a container, its command name probably has the name nginx in it
Problems with this approach
It misses out containers where the command name may not mention nginx but maybe nginx is running in them. You never know
Maybe some containers may have nginx in the command name but may not be running nginx in them. You never know
Check if nginx command works in all the containers in all the pods. Maybe run nginx --version
Why? This is based on the idea that if nginx is running in a container, it has nginx command installed in it
Problems with this approach
Maybe nginx is installed in the container (in the container image), but it’s not running
Maybe some other command (and not nginx server) is named as nginx
Maybe nginx command is renamed as something else which doesn’t refer to nginx in the name
Check if nginx process is running in all the containers in all the pods
Why? This is based on the idea that if nginx is running in a container, then, it’s running in the container?
Problems with this approach
- It’s not easy to check if nginx is running in a container. For example, one thing that one could do is - check if the nginx process is running by checking ps aux command output and checking if there’s any process running the nginx command. But then, a command can be named anything else too and still be running nginx. You never know. ps aux just looks at the command name. Also, just because the commandname in px aux output has nginx in it or the name itself is nginx, doesn’t mean nginx server is running in it
Hit all container ports and check if the port serves HTTP and/ HTTPS assuming you are looking for an nginx serving web traffic and hit some non existent URL(s) and check if it returns a response with response body or response headers containing nginx in it
Usually non-existent HTTP/HTTPS URL(s) are served by nginx with a 404 mentioning the response came from a nginx - usually in the response body
nginx by default sends almost any response with the response header Server: nginx/<version>. For example, Server: nginx/1.29.0
Problems with this approach
It’s not necessary that our nginx is serving HTTP/HTTPS traffic - so, this violates any assumptions around that. So, if we are looking for an nginx server serving TCP traffic as a TCP proxy (for example), for a protocol other than Web Protocols (like HTTP, HTTPS), for example, PostgreSQL Proxy, MySQL Proxy or any Proxy for any custom protocol on top of TCP, or it can be a TCP server for something else.
Maybe the nginx server is configured in such a way that it will not return anything about the nginx server - for security reasons - for example, if one knows that we use nginx and the specific version of nginx we use, then, they can try to attack us by using the existing vulnerabilities for that version of nginx and cause harm to us
Maybe a mix of the above approaches can be used
Look at base container images (recursively) and understand what’s installed in it and how it’s installed - for example, nginx command being installed (through binaries, package managers, or compiled source code etc). Even then, it’s not easy and even then, nginx may not be running it and just because a command or software is named nginx , it may not refer to the nginx web server that we think of
Subscribe to my newsletter
Read articles from Karuppiah Natarajan directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Karuppiah Natarajan
Karuppiah Natarajan
I like learning new stuff - anything, including technology. I love tinkering with new tools, systems and services, especially open source projects