hoping you can help with this issue. I’ve got a somewhat unique (maybe not, but unique to me) architecture here for some home apps that variously require PHP 5.6 and PHP 7.1. This is the architecture recommended to me by /r/docker:
- One container acting as Apache Reverse Proxy that will ingest a DNS request on port 80 and then pass it to one of the below containers’ ports.
- One container running Apache with PHP 5.6, listening on port 8081.
- One container running Apache with PHP 7.1, listening on port 8080.
I’ve been able to get domainname.com to work this way, by setting up the following domainname.com.conf in /etc/apache2/sites-available:
<VirtualHost *:80> ServerName domainname.com <Proxy *> Allow from localhost </Proxy> ProxyPass "/" "http://public.ip.address:8080/" retry=0 ProxyPreserveHost On </VirtualHost>
However, one of my subdomains needs to push to an application on the PHP 5.6 side. So I’ve set up this subdomain.domainname.com.conf:
<VirtualHost *:80> ServerName subdomain.domainname.com <Proxy *> Allow from localhost </Proxy> ProxyPass "/" "http://public.ip.address:8081/subdomain/" retry=0 ProxyPreserveHost On </VirtualHost>
Indeed, going directly to http://public.ip.address:8081/subdomain/ loads the application just fine, but for whatever reason, going to http://subdomain.domain.com gives a 503. Originally it was just showing the Apache on Ubuntu page, which is when I realized I needed to a2ensite and reload Apache, which has since been done.
The logs show this:
[Wed Jul 10 21:36:59.049131 2019] [proxy:error] [pid 2298:tid 139882856969984] (113)No route to host: AH00957: HTTP: attempt to connect to public.ip.address:8081 (184.108.40.206) failed [Wed Jul 10 21:36:59.049182 2019] [proxy_http:error] [pid 2298:tid 139882856969984] [client 220.127.116.11:58611] AH01114: HTTP: failed to make connection to backend: public.ip.address
We know that the system can access 8080 just fine, so I’m not sure why it’s struggling with this traffic. As mentioned above, hitting the ProxyPass URL directly from the outside loads the page fine, so traffic inbound to that container is fine. SELinux is disabled. This is in AWS and Security Groups are configured properly as far as I can tell (see: traffic works from outside).
Using the public IP address is the only way I’ve been able to get inter-container traffic to work, because using Docker’s bridge IPs didn’t work previously.
On the old system, when all my apps were just PHP 5.6, I had a standard VirtualHost statement that just took in the subdomain.domain.com and pointed it to a specific DocumentRoot. I can’t do that here since the reverse proxy container needs to hand off the traffic to the container with the right PHP version.
Many thanks for any tips or tricks here.