troubleshooting Question

Nginx not working for the docker container in linux

Avatar of coder
coderFlag for Australia asked on
LinuxLinux NetworkingDocker* Nginx
6 Comments1 Solution20 ViewsLast Modified:
Hi Experts,
      I have an Nginx server in ubuntu 18. it has a web application running from inside a docker container.  I am not able to see the application from the windows browser.   Previously it was working fine.  Please see below the Nginx settings.

server {
    listen 80;

    location / {
        proxy_pass http://127.0.0.1:8008;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Max-Age 3600;
        add_header Access-Control-Expose-Headers Content-Length;
        add_header Access-Control-Allow-Headers Range;
    }

    # Only if running via command line, not in Docker container.
    location /static {
        alias /home/ubuntu/src/ntdl-2/static/;
    }

    # Cantaloupe IIIF Server
    location /cantaloupe {
        proxy_redirect off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net";
        proxy_set_header Accept-Encoding "";
        sub_filter_types application/json;
        # How to write the substitution filter rules:
        # sub_filter <internal_url> <external_url>
        sub_filter "http://ntdldev.librariesnt.net/"   
        "http://ntdldev.librariesnt.net/cantaloupe/";
        sub_filter_once off;
        rewrite ^ $request_uri; # The original URI
        rewrite ^/cantaloupe(/.*) $1 break; # The / must be in the pattern
        return 400; # Only if the second rewrite fails
        proxy_pass http://172.17.0.1:8080$uri; # With no / in the URI
    }

    # The Harvest API - /harvest/items
    location /harvest/items {
        proxy_redirect off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net/harvest";
        rewrite /harvest/(.*) /$1 break;
        # Start of Rich's updates for reverse proxy of Harvest API
        proxy_set_header Accept-Encoding "";
        sub_filter_types application/json;
        # How to write the substitution filter rules:
        # sub_filter <internal_url> <external_url>
        sub_filter "http://ntdldev.librariesnt.net/" 
        "https://ntdldev.librariesnt.net/harvest/";
        sub_filter_once off;        
        proxy_pass http://127.0.0.1:10080;
    }

    location /kibana {
        auth_basic "Kibana";
        auth_basic_user_file /etc/nginx/kibana_htpasswd;
        proxy_pass http://localhost:5601/ ;
        rewrite /kibana/(.*) /$1 break;
    }
}
Please see below the Netstat results for the ports opened

ubuntu@ip-10-21-36-40:~/server-config$ sudo netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      113        680006     7687/node
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          681863     8546/nginx: master
tcp        0      0 127.0.0.1:37905         0.0.0.0:*               LISTEN      0          21273      1156/containerd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      101        18022      834/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      0          21193      1196/sshd
tcp        0      0 172.17.0.1:5432         0.0.0.0:*               LISTEN      112        29423      2829/postgres
tcp6       0      0 :::8008                 :::*                    LISTEN      0          813078     16382/docker-proxy
tcp6       0      0 172.17.0.1:9200         :::*                    LISTEN      111        675410     7153/java
tcp6       0      0 :::8080                 :::*                    LISTEN      0          25670      1733/docker-proxy
tcp6       0      0 172.17.0.1:9300         :::*                    LISTEN      111        678022     7153/java
tcp6       0      0 :::8182                 :::*                    LISTEN      0          24464      1677/docker-proxy
tcp6       0      0 :::22                   :::*                    LISTEN      0          21195      1196/sshd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           101        18021      834/systemd-resolve
udp        0      0 10.21.36.40:68          0.0.0.0:*                           100        528102     804/systemd-network


please see the docker container status running on port 80

ubuntu@ip-10-21-36-40:~/server-config$ sudo docker container ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                                    PORTS                                            NAMES
e296e565ce07        ntl/ntdl:v1.0.0     "start"                  47 minutes ago      Up 47 minutes                             0.0.0.0:8008->80/tcp                             ntdl

but the web application is not running from any windows browser.

When I try to connect with telnet from window I get the following error
C:\WINDOWS\system32>telnet *.*.*.* 80

HTTP/1.1 400 Bad Request
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 18 Jun 2021 05:17:44 GMT
Content-Type: text/html
Content-Length: 182
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>


Connection to host lost.
Any help is highly appreciated.

Please suggest what can be done.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 6 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros