Question

How to configure NGINX to avoid 502 Bad Gateway when communicates with a Docker container?

Hi, my case is that after having set up a new Droplet with an Ubuntu 18.04 server and have followed the DO tutorials to:

  1. Install Nginx
  2. Secure Nginx with Let’s Encrypt
  3. Install Jenkins
  4. Configure Jenkins with an SSL behind an Nginx reverse proxy
  5. Set up continuous integration pipeline with Jenkins (this doc says for Ubuntu 16.04)
  6. Install docker

So the goal is to manage the deployment of a React application to my testdomain.com later, by now, I just want to create the dist folder generated, after the ‘npm build’, within the /var/lib/jenkins/workspace/ , just that. For the purpose, I will run it in a Jenkins pipeline with docker.

So by now, I’m able to access my jenkins.testdomain.com alright, trigger the pipeline to start the process after pushing to my repo, and start to run the stages; but it’s here when start to fail nginx, when the pipeline reaches the Deliver phase (let’s read ‘npm build’ phase). It’s at this point reading the Jenkins console output I see when it gets stuck in that phase to eventually show a 502 Bad Gateway. After this, I will need to make a systemctl restart Jenkins to have access again. After restarting the pipeline resume the work and seems to get the job done :/

In the /var/log/nginx/error.log for nginx I can read:

*1 connect() failed (111: Connection refused) while connecting to upstream, client: 85.146.85.194, server: jenkins.testdomain.com, request: “GET /job/Basic%20NodeJS-React%20app/8/console HTTP/1.1”, upstream: “https://127.0.0.1:8080/job/Basic NodeJS-React app/8/console”, host: “jenkins.testdomain.com”, referrer: “https://jenkins.testdomain.com/job/Basic NodeJS-React app/8/

*1 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client: 85.146.85.194, server: jenkins.testdomain.com, request: “GET /favicon.ico HTTP/1.1”, upstream: “https://127.0.0.1:8080/favicon.ico”, host: “jenkins.testdomain.com”, referrer: “https://jenkins.testdomain.com/job/Basic NodeJS-React app/8/console” …

In the Jenkinsfile of my node-js-react app, the agent looks like this (pass tests from nginx -t)

pipeline {
    agent {
        docker {
            image 'node:6-alpine' 
            args '-p 3000:80' 
        }
    }
    environment {
            CI = 'true'
    }
    stages {
            // Build, Test, and Deliver stages
    }
}

And my jenkins.testdomain.com configuration (/etc/nginx/sites-available/jenkins.testdomain.com) is like this:

server {
    listen 80;

    root /var/www/jenkins.testdomain.com/html;
    server_name jenkins.testdomain.com www.jenkins.testdomain.com;

    location / {
      proxy_set_header    Host $host;
      proxy_set_header    X-Real-IP $remote_addr;
      proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;

      # Fix the "It appears that your reverse proxy set up is broken" error.
      proxy_pass          http://localhost:8080;

      # High timeout for testing
      proxy_connect_timeout 1200s;
      proxy_send_timeout 1200s;
      proxy_read_timeout 1200s;

      proxy_redirect      http://localhost:8080 https://jenkins.testdomain.com;

      # Required for new HTTP-based CLI
      proxy_http_version 1.1;
      proxy_request_buffering off;
  
      # Required for HTTP-based CLI to work over SSL
      proxy_buffering off;
    }

    # Certbot auto-generated lines...
}

Please, any help on this it would really helpful, after 2-3 days I’ve tried several things to avoid that error, but it gets back at some point.

Thanks in advance!


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

OK just add an update that some days after my latest post, I realized that the main and only reason the server was going down was a lack of resources in the droplet. So I was using a droplet with 1GB of RAM, 25GB HD, etc… (the most basic one), so I chose to update it to use at least 2GB of RAM and indeed, that made it work as I was expecting. Everything until now works fine and that issue didn’t happen again.

Hope it helps if someone experiences the same issue.

I am having a similar issue. We have many jenkins masters for different BUs but all with same verion of jenkins and configs. Only for some, Jenkins just start throwing 502 error when accessing URL. This happens once in 2 weeks or so and also to few of the jenkins installations. Even, nothing shows up in the jenkins.log untill a restart of jenkins service. And then works fine till when it next gets stuck. I have also noted that this mostly happens when there is no jobs running for some prolonged time.

To anybody else ending here, make sure to doublecheck wether the variables are with - or _

Nginx for kubernetes uses - in configmap etc, so might be

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.