Apache HTTPD proxy pass local DNS failure
As you've created the two containers with default settings for networking, there are some things to take into account.
- By default they can only communicate using IP addresses.
- If you want name resolution, you should use the
--link
option when creating the containers and you need to create a link in each direction. - The containers default to using the settings from the host's
/etc/hosts
file as well as its/etc/resolv.conf
file but stripping out some configurations like references to the loopback address. - One possible solution is to add a third docker container running a DNS server, and adding the
--dns
option to both containers. But this would be introducing more software than needed.
You can populate the /etc/hosts
file on the host with the DNS names and IP addresses of the containers, reference the other container via IP address instead of DNS name, or reference them by ALIAS only and use the --link
command.
See also: - Configuring container DNS - Docker container networking
Related videos on Youtube
Gavin
Updated on September 18, 2022Comments
-
Gavin over 1 year
I am running an Apache Tomcat and Apache HTTP using Docker in an Ubuntu VM on my Windows machine. I have configured my HTTP server (running on port 80) to reverse proxy requests to the Tomcat (running on port 8080).
/etc/hosts:
127.0.0.1 localapp.com localhost
HTTP /conf/httpd.conf
<IfModule mod_proxy.c> ProxyRequests Off ProxyPass /app/api/ http://localapp.com:8080/api/ ProxyPassReverse /app/api/ http://localapp.com:8080/api/ </IfModule>
HTTP /conf/extra/httpd-vhosts.conf
<VirtualHost *:80> DocumentRoot "/usr/local/apache2/htdocs/app" ServerName localapp.com <Directory "/usr/local/apache2/htdocs/app"> Require all granted </Directory> </VirtualHost> <VirtualHost *:80> DocumentRoot "/usr/local/apache2/htdocs" ServerName localhost <Directory "/usr/local/apache2/htdocs"> Require all granted </Directory> </VirtualHost>
When I run the HTTP application, or try to hit localapp.com/api directory, I get a 502 response that DNS lookup failed.
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>502 Proxy Error</title> </head><body> <h1>Proxy Error</h1> <p>The proxy server received an invalid response from an upstream server.<br /> The proxy server could not handle the request <em><a href="/api">GET /api</a></em>.<p> Reason: <strong>DNS lookup failure for: localapp.com</strong></p></p> </body></html>
It seems like Apache HTTP for whatever reason can't proxy itself to localapp.com. The Tomcat application will work if I hit localapp.com:8080/api directly from the browser, so it seems like just an issue of the Apache HTTP server not resolving the DNS correctly.
For reference, my nsswitch.conf is:
passwd: compat group: compat shadow: compat gshadow: files hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
-
Tommiie over 5 yearsAre both Tomcat and the HTTP server running in separate docker containers? this isn't really clear to me.
-
Gavin over 5 years@Tom yes they are running in separate containers. Tomcat port 8080, HTTP port 80
-
Tommiie over 5 yearsCan you share how you created the containers? With the default
bridge
network you need to--link
them together for the name resolution to work. Upon creation, dockers strips all127.0.0.1
entries from the host's/etc/hosts
file so that won't work either. -
Gavin over 5 yearsBoth containers are created similarly:
docker run -d --name httpd_container -p 80:80 --restart=always httpd_image
docker run -d --name tomcat_container -p 8080:8080 --restart=always tomcat_image
-
Gavin over 5 years@TOM sorry, reply got posted early. Updated now.
-
-
Gavin over 5 yearsThanks for all that great info! I've stumbled upon a solution but not sure its the best one... I was able to get this to work by adding --add-host localapp.com:<tomcat_ip_address> to the docker run command for the httpd container.