Link to home
Start Free TrialLog in
Avatar of coder
coderFlag for Australia

asked on

Nginx not working for the docker container in linux

Hi Experts,
      I have an Nginx server in ubuntu 18. it has a web application running from inside a docker container.  I am not able to see the application from the windows browser.   Previously it was working fine.  Please see below the Nginx settings.

server {
    listen 80;

    location / {
        proxy_pass http://127.0.0.1:8008;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Max-Age 3600;
        add_header Access-Control-Expose-Headers Content-Length;
        add_header Access-Control-Allow-Headers Range;
    }

    # Only if running via command line, not in Docker container.
    location /static {
        alias /home/ubuntu/src/ntdl-2/static/;
    }

    # Cantaloupe IIIF Server
    location /cantaloupe {
        proxy_redirect off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net";
        proxy_set_header Accept-Encoding "";
        sub_filter_types application/json;
        # How to write the substitution filter rules:
        # sub_filter <internal_url> <external_url>
        sub_filter "http://ntdldev.librariesnt.net/"   
        "http://ntdldev.librariesnt.net/cantaloupe/";
        sub_filter_once off;
        rewrite ^ $request_uri; # The original URI
        rewrite ^/cantaloupe(/.*) $1 break; # The / must be in the pattern
        return 400; # Only if the second rewrite fails
        proxy_pass http://172.17.0.1:8080$uri; # With no / in the URI
    }

    # The Harvest API - /harvest/items
    location /harvest/items {
        proxy_redirect off;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host "ntdldev.librariesnt.net/harvest";
        rewrite /harvest/(.*) /$1 break;
        # Start of Rich's updates for reverse proxy of Harvest API
        proxy_set_header Accept-Encoding "";
        sub_filter_types application/json;
        # How to write the substitution filter rules:
        # sub_filter <internal_url> <external_url>
        sub_filter "http://ntdldev.librariesnt.net/" 
        "https://ntdldev.librariesnt.net/harvest/";
        sub_filter_once off;        
        proxy_pass http://127.0.0.1:10080;
    }

    location /kibana {
        auth_basic "Kibana";
        auth_basic_user_file /etc/nginx/kibana_htpasswd;
        proxy_pass http://localhost:5601/ ;
        rewrite /kibana/(.*) /$1 break;
    }
}

Open in new window

Please see below the Netstat results for the ports opened

ubuntu@ip-10-21-36-40:~/server-config$ sudo netstat -tulpen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 127.0.0.1:5601          0.0.0.0:*               LISTEN      113        680006     7687/node
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          681863     8546/nginx: master
tcp        0      0 127.0.0.1:37905         0.0.0.0:*               LISTEN      0          21273      1156/containerd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      101        18022      834/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      0          21193      1196/sshd
tcp        0      0 172.17.0.1:5432         0.0.0.0:*               LISTEN      112        29423      2829/postgres
tcp6       0      0 :::8008                 :::*                    LISTEN      0          813078     16382/docker-proxy
tcp6       0      0 172.17.0.1:9200         :::*                    LISTEN      111        675410     7153/java
tcp6       0      0 :::8080                 :::*                    LISTEN      0          25670      1733/docker-proxy
tcp6       0      0 172.17.0.1:9300         :::*                    LISTEN      111        678022     7153/java
tcp6       0      0 :::8182                 :::*                    LISTEN      0          24464      1677/docker-proxy
tcp6       0      0 :::22                   :::*                    LISTEN      0          21195      1196/sshd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           101        18021      834/systemd-resolve
udp        0      0 10.21.36.40:68          0.0.0.0:*                           100        528102     804/systemd-network

Open in new window


please see the docker container status running on port 80

ubuntu@ip-10-21-36-40:~/server-config$ sudo docker container ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                                    PORTS                                            NAMES
e296e565ce07        ntl/ntdl:v1.0.0     "start"                  47 minutes ago      Up 47 minutes                             0.0.0.0:8008->80/tcp                             ntdl

Open in new window


but the web application is not running from any windows browser.

When I try to connect with telnet from window I get the following error
C:\WINDOWS\system32>telnet *.*.*.* 80

HTTP/1.1 400 Bad Request
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 18 Jun 2021 05:17:44 GMT
Content-Type: text/html
Content-Length: 182
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>


Connection to host lost.

Open in new window

Any help is highly appreciated.

Please suggest what can be done.
Avatar of noci
noci

"previously" it worked.... what has changed besides the time.  
-- reboots
-- reconfigured container
-- restarted container
-- new browser version  (current versions prefer or might even require https,unless otherwise specified).

A 400 response to a  request mostly means you reached the backend (docker) and it is the response from an tool inside the container
If the proxying goes wrong there should be some 500 / 501 .. type error. (backend unreachable etc.)
if you are missing static content hosted on the host not in the dockermostly 404 / 403 (non exist, no authorisation) are the answer.

nginx creates log files those probably show the logfile...   the locations need to be in another part of the nginx config:
try:  nginx -T 2>&1 | grep log
to get the logfile locations.

Some of the queries go to different proxied destinations so what URL fails (or ALL queries).

cURL  ( https://curl.se )  is a better tools to check from a command line what happens.
Using Chromium you may be able to use the Javascript console: CTRL+SHIFT+C

Avatar of coder

ASKER

@nights,
Thanks for your reply.  You had provided detailed information.  Thanks for that.  I will test this on Monday and get back to you
Avatar of coder

ASKER

Hi There,    
     I had done the following steps on the windows machine to resolve this issue.

I had tried the Linux host machine IP address to connect with telnet

c:\Window\system32>telnet *.*.*.* 80
TTP/1.1 400 Bad Request
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 21 Jun 2021 01:45:21 GMT
Content-Type: text/html
Content-Length: 182
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>

Open in new window

Why I am getting 400 Bad Request.
secondly, I had tried the same with the curl command connecting the Linux host machine

C:\WINDOWS\system32>curl -v *.*.*.*:80
* Rebuilt URL to: *.*.*.*:80/
*   Trying *.*.*.*...
* TCP_NODELAY set
* Connected to *.*.*.* (*.*.*.*) port 80 (#0)
> GET / HTTP/1.1
> Host: *.*.*.*
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 502 Bad Gateway
< Server: nginx/1.14.0 (Ubuntu)
< Date: Mon, 21 Jun 2021 01:50:00 GMT
< Content-Type: text/html
< Content-Length: 182
< Connection: keep-alive
<
<html>
<head><title>502 Bad Gateway</title></head>
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.14.0 (Ubuntu)</center>
</body>
</html>
* Connection #0 to host *.*.*.* left intact


Open in new window

 
Now I get 502 Bad gateway request.  why curl and telnet are throwing different errors?

Then  I checked with the ping command

C:\WINDOWS\system32>ping ntdldev.librariesnt.net

Pinging ntdldev.librariesnt.net [54.252.*.*] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 54.252.*.*:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

Open in new window


I found 54.252.*.* is an old IP address it is not the new ipaddress,

How to change the server point to new ipaddress.  This is an old EC2 instance IP address.  Now new IP address for the EC2 instance is different.  I think once it refers to new ipaddress my application will work.

Please help me in resolving this.



ASKER CERTIFIED SOLUTION
Avatar of noci
noci

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of coder

ASKER

Hi Noci,
     Thanks for providing me with this information.  It needs to be changed in AWS as DNS is pointing to an old IP address, instead of new ipaddress.   Thanks for providing me the detailed information
Avatar of coder

ASKER

There are two things one is updating the DNS to refer to the new address and the second is to update the hosts file(c:\windows\system32\drivers\etc\hosts) on the windows machine, in which it was referring to the old IP address.  Now ping is referring to new IP address