coder
asked on
Nginx not working for the docker container in linux
Hi Experts,
I have an Nginx server in ubuntu 18. it has a web application running from inside a docker container. I am not able to see the application from the windows browser. Previously it was working fine. Please see below the Nginx settings.
please see the docker container status running on port 80
but the web application is not running from any windows browser.
When I try to connect with telnet from window I get the following error
Please suggest what can be done.
I have an Nginx server in ubuntu 18. it has a web application running from inside a docker container. I am not able to see the application from the windows browser. Previously it was working fine. Please see below the Nginx settings.
server {
listen 80;
location / {
proxy_pass http://127.0.0.1:8008;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Max-Age 3600;
add_header Access-Control-Expose-Headers Content-Length;
add_header Access-Control-Allow-Headers Range;
}
# Only if running via command line, not in Docker container.
location /static {
alias /home/ubuntu/src/ntdl-2/static/;
}
# Cantaloupe IIIF Server
location /cantaloupe {
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net";
proxy_set_header Accept-Encoding "";
sub_filter_types application/json;
# How to write the substitution filter rules:
# sub_filter <internal_url> <external_url>
sub_filter "http://ntdldev.librariesnt.net/"
"http://ntdldev.librariesnt.net/cantaloupe/";
sub_filter_once off;
rewrite ^ $request_uri; # The original URI
rewrite ^/cantaloupe(/.*) $1 break; # The / must be in the pattern
return 400; # Only if the second rewrite fails
proxy_pass http://172.17.0.1:8080$uri; # With no / in the URI
}
# The Harvest API - /harvest/items
location /harvest/items {
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net/harvest";
rewrite /harvest/(.*) /$1 break;
# Start of Rich's updates for reverse proxy of Harvest API
proxy_set_header Accept-Encoding "";
sub_filter_types application/json;
# How to write the substitution filter rules:
# sub_filter <internal_url> <external_url>
sub_filter "http://ntdldev.librariesnt.net/"
"https://ntdldev.librariesnt.net/harvest/";
sub_filter_once off;
proxy_pass http://127.0.0.1:10080;
}
location /kibana {
auth_basic "Kibana";
auth_basic_user_file /etc/nginx/kibana_htpasswd;
proxy_pass http://localhost:5601/ ;
rewrite /kibana/(.*) /$1 break;
}
}
Please see below the Netstat results for the ports openedubuntu@ip-10-21-36-40:~/server-config$ sudo netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 127.0.0.1:5601 0.0.0.0:* LISTEN 113 680006 7687/node
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 681863 8546/nginx: master
tcp 0 0 127.0.0.1:37905 0.0.0.0:* LISTEN 0 21273 1156/containerd
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 101 18022 834/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 21193 1196/sshd
tcp 0 0 172.17.0.1:5432 0.0.0.0:* LISTEN 112 29423 2829/postgres
tcp6 0 0 :::8008 :::* LISTEN 0 813078 16382/docker-proxy
tcp6 0 0 172.17.0.1:9200 :::* LISTEN 111 675410 7153/java
tcp6 0 0 :::8080 :::* LISTEN 0 25670 1733/docker-proxy
tcp6 0 0 172.17.0.1:9300 :::* LISTEN 111 678022 7153/java
tcp6 0 0 :::8182 :::* LISTEN 0 24464 1677/docker-proxy
tcp6 0 0 :::22 :::* LISTEN 0 21195 1196/sshd
udp 0 0 127.0.0.53:53 0.0.0.0:* 101 18021 834/systemd-resolve
udp 0 0 10.21.36.40:68 0.0.0.0:* 100 528102 804/systemd-network
please see the docker container status running on port 80
ubuntu@ip-10-21-36-40:~/server-config$ sudo docker container ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e296e565ce07 ntl/ntdl:v1.0.0 "start" 47 minutes ago Up 47 minutes 0.0.0.0:8008->80/tcp ntdl
but the web application is not running from any windows browser.
When I try to connect with telnet from window I get the following error
C:\WINDOWS\system32>telnet *.*.*.* 80
HTTP/1.1 400 Bad Request
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 18 Jun 2021 05:17:44 GMT
Content-Type: text/html
Content-Length: 182
Connection: close
<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>
Connection to host lost.
Any help is highly appreciated.Please suggest what can be done.
ASKER
@nights,
Thanks for your reply. You had provided detailed information. Thanks for that. I will test this on Monday and get back to you
Thanks for your reply. You had provided detailed information. Thanks for that. I will test this on Monday and get back to you
ASKER
Hi There,
I had done the following steps on the windows machine to resolve this issue.
I had tried the Linux host machine IP address to connect with telnet
secondly, I had tried the same with the curl command connecting the Linux host machine
Now I get 502 Bad gateway request. why curl and telnet are throwing different errors?
Then I checked with the ping command
I found 54.252.*.* is an old IP address it is not the new ipaddress,
How to change the server point to new ipaddress. This is an old EC2 instance IP address. Now new IP address for the EC2 instance is different. I think once it refers to new ipaddress my application will work.
Please help me in resolving this.
I had done the following steps on the windows machine to resolve this issue.
I had tried the Linux host machine IP address to connect with telnet
c:\Window\system32>telnet *.*.*.* 80
TTP/1.1 400 Bad Request
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 21 Jun 2021 01:45:21 GMT
Content-Type: text/html
Content-Length: 182
Connection: close
<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>
Why I am getting 400 Bad Request.secondly, I had tried the same with the curl command connecting the Linux host machine
C:\WINDOWS\system32>curl -v *.*.*.*:80
* Rebuilt URL to: *.*.*.*:80/
* Trying *.*.*.*...
* TCP_NODELAY set
* Connected to *.*.*.* (*.*.*.*) port 80 (#0)
> GET / HTTP/1.1
> Host: *.*.*.*
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 502 Bad Gateway
< Server: nginx/1.14.0 (Ubuntu)
< Date: Mon, 21 Jun 2021 01:50:00 GMT
< Content-Type: text/html
< Content-Length: 182
< Connection: keep-alive
<
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>
* Connection #0 to host *.*.*.* left intact
Now I get 502 Bad gateway request. why curl and telnet are throwing different errors?
Then I checked with the ping command
C:\WINDOWS\system32>ping ntdldev.librariesnt.net
Pinging ntdldev.librariesnt.net [54.252.*.*] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 54.252.*.*:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
I found 54.252.*.* is an old IP address it is not the new ipaddress,
How to change the server point to new ipaddress. This is an old EC2 instance IP address. Now new IP address for the EC2 instance is different. I think once it refers to new ipaddress my application will work.
Please help me in resolving this.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Noci,
Thanks for providing me with this information. It needs to be changed in AWS as DNS is pointing to an old IP address, instead of new ipaddress. Thanks for providing me the detailed information
Thanks for providing me with this information. It needs to be changed in AWS as DNS is pointing to an old IP address, instead of new ipaddress. Thanks for providing me the detailed information
ASKER
There are two things one is updating the DNS to refer to the new address and the second is to update the hosts file(c:\windows\system32\drivers\etc\hosts) on the windows machine, in which it was referring to the old IP address. Now ping is referring to new IP address
-- reboots
-- reconfigured container
-- restarted container
-- new browser version (current versions prefer or might even require https,unless otherwise specified).
A 400 response to a request mostly means you reached the backend (docker) and it is the response from an tool inside the container
If the proxying goes wrong there should be some 500 / 501 .. type error. (backend unreachable etc.)
if you are missing static content hosted on the host not in the dockermostly 404 / 403 (non exist, no authorisation) are the answer.
nginx creates log files those probably show the logfile... the locations need to be in another part of the nginx config:
try: nginx -T 2>&1 | grep log
to get the logfile locations.
Some of the queries go to different proxied destinations so what URL fails (or ALL queries).
cURL ( https://curl.se ) is a better tools to check from a command line what happens.
Using Chromium you may be able to use the Javascript console: CTRL+SHIFT+C