Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Application reachable from outside, but not from inside the container

See original GitHub issue

Hello,

I have problem with my application container unable to reach another container behind the nginx reverse proxy.

I have 2 applications running each on different subdomain (and different containers):

app1: app1.domain.com app2: app2.domain.com

I can reach both of them from outside world, it works perfectly. But when I try to reach app2 from app1, it times out. Ping works just fine, DNS records seem to be OK. But wget http://app2.domain.com or wget https://app2.domain.com fails. I think it doesn’t reach the nginx proxy correctly for some reason.

Host machine can access both app1.domain.com and app2.domain.com without any problems. There must be something with docker networking.

I’m running Ubuntu 18.04.4 LTS with Docker 19.03.12, build 48a66213fe

version: "3.1"
services:
  # Nginx proxy - the webserver user will directly face
  # Reverse proxy for all apps, redirects HTTP requests to app
  nginx-proxy:
    image: nginx:1.15-alpine
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs:ro
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy"
    restart: always

  # Generator for nginx configuration
  docker-gen:
    image: jwilder/docker-gen
    command: -notify-sighup nginx-proxy -watch /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
    container_name: nginx-proxy-gen
    depends_on:
      - nginx-proxy
    volumes:
      - conf:/etc/nginx/conf.d
      - vhost:/etc/nginx/vhost.d
      - certs:/etc/nginx/certs:ro
      - ./docker/nginx/nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.docker_gen"
    restart: always

  # Container to generate SSL certificates
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: nginx-proxy-le
    depends_on:
      - nginx-proxy
      - docker-gen
    volumes:
      - vhost:/etc/nginx/vhost.d
      - html:/usr/share/nginx/html
      - certs:/etc/nginx/certs
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: always

  # Actual app
  app:
    image: registry.gitlab.com/klinki/docker-registry/app:latest
    expose:
      - "80"
    environment:
      VIRTUAL_HOST: app1.domain.com
      LETSENCRYPT_HOST: app1.domain.com
      LETSENCRYPT_EMAIL: admin@domain.com

  app_pse:
    image: registry.gitlab.com/klinki/docker-registry/app2:latest
    environment:
      VIRTUAL_HOST: app2.domain.com
      LETSENCRYPT_HOST: app2.domain.com
      LETSENCRYPT_EMAIL: admin@domain.com

volumes:
  conf:
  vhost:
    driver: local
    driver_opts:
      type: "none"
      o: "bind"
      device: "/root/inviser/docker/nginx/vhost.d"
  html:
  certs:
  dbvolume:

Issue Analytics

State:
Created 3 years ago
Comments:7

Top GitHub Comments

1reaction

klinkicommented, Jul 18, 2020

@tkw1536 Firewall was good idea! I’m confused why it worked from the outside, but I was missing ports 80 and 443 in ufw. I added rule to allow all traffic on these ports and now it works.

0reactions

ugened47commented, Jul 12, 2020

@klinki Having similar issue using nginx-proxy https://github.com/nginx-proxy/nginx-proxy/issues/1469#issuecomment-657248086