Nginx proxy pass to dockerized gunicorn server

Beinje
January 28, 2021
134 views
1 vote
2 Answers

I try to deploy an app with the following architecture:

the backend is based on a dockerized Django Rest Framework with gunicorn listening on 127.0.0.1:8000
the frontend is based on VueJS (not dockerized) and make calls to my backend API routes
NginX is used to serve frontend pages and to proxy API requests to gunicorn

Here is an excerpt of my backend docker-compose file:

  server:
    build:
      context: .
      dockerfile: ./docker/server/Dockerfile
    image: myserverimage
    command: 'gunicorn --bind=127.0.0.1:8000 --workers=3 my_backend.wsgi:application'
    ports:
      - 8000:8000

docker-compose up tells me everything looks fine for this part (server started and gunicorn is listening on 127.0.0.1:8000)

And here is the server block from nginx config:

upstream backend {
                server 127.0.0.1:8000;
        }

server {
                listen 443 default_server ssl;
                server_name  mydomain.com;
                ssl_certificate /etc/nginx/ssl/nginx.crt;
                ssl_certificate_key /etc/nginx/ssl/nginx.key;

                access_log /var/log/nginx/mydomain.access.log;

                location / {
                        root   /path/to/vue/project/dist;
                        index  index.html;
                        try_files $uri $uri/ /index.html;
                }

                location /backend/ {
                        proxy_pass http://backend/;
                        proxy_http_version 1.1;
                        proxy_set_header Upgrade $http_upgrade;
                        proxy_set_header Connection "upgrade";

                        proxy_set_header Host $host;
                        proxy_set_header X-Real-IP $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_set_header X-Forwarded-Host $server_name;
                }

  }

I can access to my frontend pages at mydomain.com but requests to mydomain.com/backend return 502 bad gateway error.

If I change 127.0.0.1:8000 to backend-container-ip:8000 in both nginx upstream declaration and gunicorn command, it works.

So my question is: is there a way to configure such architecture whitout having to know the container ip (I don’t want to hardcode it, especially in the docker-compose declaration) ?
Should I create an additional container with nginx, even if my frontend is not based on the docker-compose definition ?

Answers

- Tombart
- January 28, 2021 at 6:54 pm
- 0 votes
0
Looks like you sending the request inside the same nginx container instead of sending it to the gunicorn container.

Instead of:
```
proxy_pass http://backend/;
```
you should refer to another container
```
proxy_pass http://server:8000;
```
Where server would be the DNS of the other container which would be running e.g. on 172.17.0.2 and might be substituted by Docker compose.
Login or Signup to reply.

- JMicheli
- July 17, 2021 at 8:33 am
- 0 votes
0
It’s a bit late to answer this, but I believe I can explain the problem. You have gunicorn listening on 127.0.0.1 – the localhost or loopback IP.

Just like a development build served on localhost isn’t accessible outside your machine, gunicorn bound to localhost is not accessible from outside the container. To solve this, bind to 0.0.0.0 instead.

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.