DNS in docker-compose, map to non-80 port? - docker

While experimenting with docker-compose, I'm running into some issues with NGINX and the dns. The error is the regular "connection refused while connecting to upstream" in NGINX. I think the problem arises due to the port numbers.
Examples online like this one run the NGINX on port 80, which doesn't cause the issue.
The docker-compose.yml:
version: '3'
services:
http-server:
networks:
- mynetwork
image: nginx_image
ports:
- 8080:8080
depends_on:
- frontend
- rest_api
frontend:
networks:
- mynetwork
image: frontend_image
ports:
- 8001:8001
rest_api:
networks:
- mynetwork
image: rest_api_image
ports:
- 8000:8000
networks:
mynetwork:
driver: bridge
nginx.conf for nginx_image has this block:
server {
listen 8080;
location /static/js/ {
proxy_pass http://frontend;
}
location /static/css/ {
proxy_pass http://frontend;
}
location /static/ {
proxy_pass http://rest_api;
}
location / {
proxy_pass http://frontend;
}
location /rest_api/ {
proxy_pass http://rest_api;
}
}
Now, both the frontend and api are called over port 80, while it should be 8001 and 8000.
What am I missing? I would expect docker-compose to make the port mapping automatically.
Thanks in advance!
Kind regards,
DA
EDIT1: here's the error (including the hostname suggestion)
EDIT2: updated the question
http-server_1 | 2018/06/04 14:47:50 [error] 14#14: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 172.18.0.1, server: , request: "GET /rest_api/admin/ HTTP/1.1", upstream: "http://172.18.0.2:80/rest_api/admin/", host: "localhost:8080"

you have to specify hostnames:
frontend:
image: frontend_image
hostname: frontend
ports:
- 8001:8001
rest_api:
hostname: rest_api

Related

502 Bad Gateway when using reverse proxy with Docker and Nginx

I have searched StackOverflow for my problem but I always seem to be hitting the 502 Bad Gateway with my Nginx Docker configuration. I am trying to access pgadmin4 using my domain mydomain.com/pgadmin instead of mydomain.com:8060 where 8060 is the port exposed by it's docker container. My docker-compose.yml file looks like this:
version: '3.5'
services:
reverse-proxy:
image: nginx:1.19.6
restart: always
ports:
- "80:80"
- "443:443"
postgres:
image: postgres:12
ports:
- "5432:5432"
pgadmin:
image: dpage/pgadmin4
depends_on:
- postgres
ports:
- "8060:80"
networks:
default:
external:
name: defaultnetwork
The default.conf file of my nginx container looks like this:
upstream pgadmin {
server 127.0.0.1:8060;
}
server {
listen 80;
listen [::]:80;
server_name mydomain.com;
root /usr/share/nginx/html;
index index.html index.htm;
location /pgadmin {
proxy_pass http://pgadmin;
}
}
With this configuration, I keep getting the 502 Bad Gateway error. Could someone kindly point to me where I am going wrong. I would really appreciate it.
Thanks.
[EDIT]
This is from the docker logs:
2021/02/03 08:07:42 [error] 23#23: *2 connect() failed (111: Connection refused) while connecting to upstream, client: ***.***.***.***, server: mydomain.com, request: "GET /pgadmin HTTP/1.1", upstream: "http://127.0.0.1:8082/pgadmin", host: "mydomain.com"
The 502 problem comes from the loopback IP here:
upstream pgadmin {
server 127.0.0.1:8060;
}
127.0.0.1 or localhost for the NGINX container is the NGINX container itself. You should use the name of the service instead:
upstream pgadmin {
server pgadmin:8060;
}
Name of the service comes from the docker-compose.yml:
services:
pgadmin: # <- this
image: dpage/pgadmin4
If you hit 404 after these changes, this is because you have to change base path of the application. Try using this config:
location /pgadmin/ {
proxy_set_header X-Script-Name /pgadmin;
proxy_set_header Host $host;
proxy_pass http://pgadmin;
proxy_redirect off;
}
Since your containers are working in the same network, you should access the Pgadmin container via 80th port from your Nginx container.
You should replace this line server 127.0.0.1:8060 with server pgadmin:80 in your Nginx config.

connection refused while connecting to upstream Nginx Docker

I'm trying to build a FastAPI app in docker, I find the site comes to a '502-Bad Gate Way' error and nginx log shows:
nginx_1 | 2020/12/21 18:23:13 [error] 29#29: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 172.27.0.1, server: , request: "GET /user HTTP/1.1", upstream: "http://172.27.0.3:8000/user", host: "localhost:8080"
Here is my docker-compose.yaml file:
version: '3.7'
services:
fastapi:
build: ./api
command: uvicorn main:app --reload --host 0.0.0.0 --port 8000
volumes:
- ./fastapi/:/fastapi/
ports:
- 8000:8000
depends_on:
- db
db:
image: mongo:latest
container_name: mongo4
ports:
- "27017:27017"
volumes:
- "./data/mongo/data:/data/db"
nginx:
image: nginx:latest
ports:
- "8080:8080"
volumes:
- ./nginx_config.conf:/etc/nginx/conf.d/default.conf
depends_on:
- fastapi
Nginx config file:
server {
listen 8080;
location /user {
proxy_pass http://fastapi:8000/user;
}
}
Thanks for help.

failed connect (nginx with docker)

I'm getting this failed to connect issues when it comes to communicating with other docker containers e.g Java server end.
This is the issue I'm getting
nginx_1 | 2019/12/14 17:39:47 [error] 6#6: *2 connect() failed (111:
Connection refused) while connecting to upstream, client: 172.19.0.1,
server: , request: "GET /api/cards HTTP/1.1", upstream:
"http://172.19.0.4:80/api/cards", host: "localhost", referrer:
"http://localhost/"
Here is my Docker-Compose configuration (docker-compose.development.yml)
version: '3'
services:
auth:
build:
context: ./auth
dockerfile: dev.Dockerfile
volumes:
- ./auth:/var/app
- ~/.gradle/:/root/.gradle/
client:
build:
context: ./client
dockerfile: dev.Dockerfile
volumes:
- ./client:/var/app/
- /var/app/node_modules
server:
build:
context: ./server
dockerfile: dev.Dockerfile
volumes:
- ./server:/var/app/
- ~/.gradle/:/root/.gradle/
nginx:
image: nginx
volumes:
- ./server.dev.conf:/etc/nginx/conf.d/default.conf
ports:
- "80:80"
depends_on:
- auth
- client
- server
Here is my nginx docker configuration (server.dev.conf)
server {
listen 80;
location /login/ {
proxy_pass http://auth:80/login/;
}
location /api/ {
proxy_pass http://server:80/api/;
}
location /resource/ {
proxy_pass http://server:80/resource/;
}
location / {
proxy_pass http://client:80;
rewrite ^/home/.*$ / last;
}
}
Remind you this is for our development hosted locally. The production version uses SSL

Error 502 accessing nextcloud via docker with nginx

Heyo!
Update: I figured it out and added my answer.
I'm currently in the process of learning docker and I've written a docker-compose file that should launch nginx, gitea, nextcloud and route them all via domain name as a reverse proxy.
All is going well except for with nextcloud. I can access it via localhost:3001 but not via the nginx reverse proxy. All is well with gitea, it works both ways.
The error I'm getting is:
nginx_proxy | 2018/08/10 00:17:34 [error] 8#8: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 172.19.0.1, server: cloud.example.ca, request: "GET / HTTP/1.1", upstream: "http://172.19.0.4:3001/", host: "cloud.example.ca"
docker-compose.yml:
version: '3.1'
services:
nginx:
container_name: nginx_proxy
image: nginx:latest
restart: always
volumes:
// Here I'm swapping out my default.conf for the container's by mounting my
directory over theirs.
- ./nginx-conf:/etc/nginx/conf.d
ports:
- 80:80
- 443:443
networks:
- proxy
nextcloud_db:
container_name: nextcloud_db
image: mariadb:latest
restart: always
volumes:
- nextcloud_db:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/cloud_db_root
MYSQL_PASSWORD_FILE: /run/secrets/cloud_db_pass
MYSQL_DATABASE: devcloud
MYSQL_USER: devcloud
secrets:
- cloud_db_root
- cloud_db_pass
networks:
- database
gitea_db:
container_name: gitea_db
image: mariadb:latest
restart: always
volumes:
- gitea_db:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD_FILE: /run/secrets/cloud_db_root
MYSQL_PASSWORD_FILE: /run/secrets/cloud_db_pass
MYSQL_DATABASE: gitea
MYSQL_USER: gitea
secrets:
- cloud_db_root
- cloud_db_pass
networks:
- database
nextcloud:
image: nextcloud
container_name: nextcloud
ports:
- 3001:80
volumes:
- nextcloud:/var/www/html
restart: always
networks:
- proxy
- database
gitea:
container_name: gitea
image: gitea/gitea:latest
environment:
- USER_UID=1000
- USER_GID=1000
restart: always
volumes:
- gitea:/data
ports:
- 3000:3000
- 22:22
networks:
- proxy
- database
volumes:
nextcloud:
nextcloud_db:
gitea:
gitea_db:
networks:
proxy:
database:
secrets:
cloud_db_pass:
file: cloud_db_pass.txt
cloud_db_root:
file: cloud_db_root.txt
My default.conf that gets mounted into /etc/nginx/conf.d/default.conf
upstream nextcloud {
server nextcloud:3001;
}
upstream gitea {
server gitea:3000;
}
server {
listen 80;
listen [::]:80;
server_name cloud.example.ca;
location / {
proxy_pass http://nextcloud;
}
}
server {
listen 80;
listen [::]:80;
server_name git.example.ca;
location / {
proxy_pass http://gitea;
}
}
I of course have my hosts file setup to route the domains to localhost. I've done a bit of googling but nothing I've found so far seems to align with what I'm running into. Thanks in advance!
Long story short, one does not simply reverse proxy to port 80 with nextcloud. It's just not allowed. I have it deployed and working great with a certificate over 443! :)

How to connect from nginx on docker host to application in container

The situation is: we have service with nginx, which also acts as docker server.
Also we have Java application in docker container, which listens at 8080.
The problem is permissions to connect from nginx to container's published port.
Nginx.error.log shows:
2017/11/23 13:44:12 [crit] 3599#0: *1 connect() to 127.0.0.1:8080 failed (13: Permission denied) while connecting to upstream,
2017/11/23 13:44:13 [error] 3599#0: *1 no live upstreams while connecting to upstream
Site config is:
server {
listen 80 default_server;
server_name _;
location / {
proxy_pass http://localhost:8080;
include proxy.conf;
}
}
Container config:
version: '3'
services:
app:
image: user/appX
restart: always
container_name: appX
ports:
- "8080:8080"
env_file:
- ./appX.env
extra_hosts:
- "host:172.101.0.1"
networks:
mynet:
ipv4_address: 172.101.0.2
networks:
mynet:
external:
name: mynet
Permission happens because nginx user is nginx and docker user is root.
How to fix this problem without moving nginx to container ?
Or maybe there is some work around exists ?
Problem was in SELinux configuration.
Solved by running:
setsebool -P httpd_can_network_connect 1

Resources