0

Infra

I have an EC2 instance running Ubuntu 20.04. Within this ec2 instance I have 2 docker containers, one running a NGINX server and another one running a rails application. For the NGINX server which Im using as a reverse proxy, I'm redirect using HTTPS to localhost:3000. When I navigate to the website godomus.com Im able to see that NGINX is reached via port 80 but never hits the localhost:3000 endpoint.

CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS                                                                      NAMES
93ae0dc6d2d4   14be8ae4f5b7   "nginx -g 'daemon of…"   23 minutes ago   Up 23 minutes   0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp   musing_tesla
3140275043b6   015289924038   "rails server -e pro…"   30 minutes ago   Up 30 minutes   0.0.0.0:3000->3000/tcp, :::3000->3000/tcp                                  naughty_benz

The above shows 2 containers running on the EC2 instance. The rails app running on PORT 3000 and the NGINX container running on port 80 and 443. However, when I navigate to the site, I see the following requests. enter image description here

From the above image it seems that the server returns Cloudflare instead of NGINX. However, the NGINX configuration seems to be returning 204 for the favicon but it doesn't not redirect to the localhost:3000.

#user  nobody;
worker_processes  1;

error_log  logs/error.log  notice;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    access_log  logs/access.log;

    sendfile        on;

    keepalive_timeout  65;

    server {
        listen 80;
        server_name  godomus.com www.godomus.com;
        if ($http_x_forwarded_proto = "http") {
            return 301 https://$server_name$request_uri;
        }

        location = /favicon.ico {
            return 204;
            access_log     off;
            log_not_found  off;
        }
    }

    # HTTPS server
    #
    server {
        listen       443 ssl;
        server_name  godomus.com www.godomus.com;

        ssl_certificate      /etc/nginx/certs/domus.pem;
        ssl_certificate_key  /etc/nginx/private/domus.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            proxy_pass http://localhost:3000;
        }
    }

    include servers/*;
}

As you can see from the above configuration it doesn't seem that the proxy_pass http://localhost:3000; is ever reached. When I check the logs from NGINX I don't get any errors. I also tried using --network host to run the NGINX container without success. How I run the NGINX container:

docker run -d --network host  -v /etc/ssl/certs:/etc/nginx/certs -v /etc/ssl/private:/etc/nginx/private 14be8ae4f5b7

HOw I run the rails app container:

docker run -dp 3000:3000 015289924038
steven aguilar
  • 11
  • 2
  • Containers are isolated from each other. So, the `localhost:3000` you specify on nginx side requires the web apps to be available inside that nginx container, which isn't true. If you want to connect different containers together, please refer to https://docs.docker.com/network/network-tutorial-standalone/ – Lex Li Jan 10 '23 at 03:42

0 Answers0