502 Error's Thrown in Dockerized network

TheGlitchr · May 3, 2018, 3:48pm

Here is a link to my relevant configuration

I’m trying to create a deployable webstack for my own user that’s easy to migrate and recreate without data loss while being really secure. So what I am doing is creating a network in docker, where each container is labeled in dns (managed by docker). I have already tried specifying differing IPs in my caddyfile, the only one that seems to work is my public ip, that is the only way caddy can reach the container (despite being within the same docker subnet)

Specific Error
2018-05-03T15:21:48.050103440Z 03/May/2018:15:21:48 +0000 [ERROR 502 /] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:50.103522028Z 03/May/2018:15:21:50 +0000 [ERROR 502 /] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:50.351625626Z 03/May/2018:15:21:50 +0000 [ERROR 502 /index.php] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:50.841226782Z 03/May/2018:15:21:50 +0000 [ERROR 502 /] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:51.030022667Z 03/May/2018:15:21:51 +0000 [ERROR 502 /index.php] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:51.320559407Z 03/May/2018:15:21:51 +0000 [ERROR 502 /] dial tcp 172.18.0.8:8080: connect: connection refused
2018-05-03T15:21:51.453915152Z 03/May/2018:15:21:51 +0000 [ERROR 502 /index.php] dial tcp 172.18.0.8:8080: connect: connection refused

By the log above, I can tell the dns is working, because I have the containers listed by their dns name, and here it’s shown resolved as the ip, I believe it’s a communication error either between docker containers themselves or the way caddy is trying to proxy these services.

Whitestrake · May 3, 2018, 11:50pm

Hi @TheGlitchr, welcome to the Caddy community.

dial tcp 172.18.0.8:8080: connect: connection refused

Caddy’s not having any DNS issues; it’s trying to connect but the connection is being dropped deliberately.

It could be that the target host is not accepting connections, or the Docker network is not correctly configured to carry that traffic, or perhaps the Caddy host is not routing the request through the correct network interface.

We might be able to try help you here, but you’ll probably have much better luck on a Docker-specific forum. Unless you can successfully curl http://172.18.0.8:8080/ from inside the Caddy container, it’s almost definitely not something you can fix with Caddy.

TheGlitchr · May 5, 2018, 3:00am

Within docker, you can specify dns names per container, so you don’t need to know what address it might be at, just specify

proxy / wordpress {
transparent
}
And it’ll pick up the wordpress container on port 80. I knew caddy was seeing the container, put figured out that you don’t need to even port map when you contain the containers within a docker network, they all can communicate with each other in a safe isolated way. It was the fact that I was telling it to listen on a published port 8080 when it was broadcasting normally on it’s own internal network at 80 like normal. From there caddy handles proxying to an outside connection. 80 & 443.

system · August 3, 2018, 3:00am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.