New bug with running SP-7 on Docker

Hello,
I have been using a containerized version of SP-7 (all in one) for several months with Docker without issues. I stopped using Docker last automne to explore Podman. However, for specific needs in need to redeploy SP-7 with Docker again… but I can’t get it to work properly as before. I get a 502 Bad Gateway error message in my web browser. All containers are running… but NGINX has some error messages in the logs.

2024-02-01 10:46:55 2024/02/01 15:46:55 [error] 22#22: *1 connect() failed (111: Connection refused) while connecting to upstream, client: 172.21.0.1, server: localhost, request: “GET /web_asset_store.xml HTTP/1.1”, upstream: “http://0.0.0.0:8080/web_asset_store.xml”, host: “host.docker.internal:8090”
2024-02-01 10:46:57 2024/02/01 15:46:57 [error] 26#26: *3 connect() failed (111: Connection refused) while connecting to upstream, client: 172.21.0.1, server: localhost, request: “GET /web_asset_store.xml HTTP/1.1”, upstream: “http://0.0.0.0:8080/web_asset_store.xml”, host: “host.docker.internal:8090”
2024-02-01 10:47:00 2024/02/01 15:47:00 [error] 21#21: *5 connect() failed (111: Connection refused) while connecting to upstream, client: 172.21.0.1, server: localhost, request: “GET / HTTP/1.1”, upstream: “http://0.0.0.0:8000/”, host: “localhost:8090”

I reviewed all my code and all seems ok. Any idea of what could be going wrong here?
Thanks

Hi @Heryk,

Can you share your docker-compose.yml file (and potentially your web_asset_store.xml and any other files you might be mounting in Docker)?

The “connection refused” errors you are seeing are typically caused by misconfigured environment settings that control the communication between Specify 7 and the Web Asset Server.

As we work to resolve this, if you need to resume working in Specify without attachments, you can comment out the lines related to the asset server under the Specify 7 service to stop the attempted connection.

1 Like

Your logs are trying to go to http://0.0.0.0 but should be going to either an alias or 127.0.0.1 if running on the same instance.

Your composition file is very much needed to diagnose further

1 Like

Hi,
Checked and my IP has not changed and I’m using the same .env file as before.
I don’t get why it stopped working.

My MariaDB is still accessible with DBeaver.
But the portal continues to generate an nginx error message and I keep on getting the same nginx container log error message as pasted in my previous post.

image

Here is my docker-compose.yml

version: '3.7'
services:

  mariadb:
    restart: unless-stopped
    image: mariadb:10.11
    command: --max_allowed_packet=1073741824
    ports:
      - "${MYSQL_EXTERNAL_PORT}:3306"
    volumes:
#      - "database:/var/lib/mysql"       #- "/c/Users/hjulien/DockerMounts/mariadb-specify:/var/lib/mysql"
      - type: bind
        source: ${DB_VOLUME}
        target: /var/lib/mysql
      - "./seed-database:/docker-entrypoint-initdb.d"
    environment:
      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
      - MYSQL_DATABASE=${MYSQL_DATABASE}
      - MYSQL_USER=${MYSQL_USER}
      - MYSQL_PASSWORD=${MYSQL_PASSWORD}

  specify7:
    restart: unless-stopped
    image: specifyconsortium/specify7-service:v7
    init: true
    volumes:
      - "specify6:/opt/Specify:ro"
      - "static-files:/volumes/static-files"
    environment:
      - DATABASE_HOST=mariadb
      - DATABASE_PORT=3306
      - DATABASE_NAME=${MYSQL_DATABASE}
      - MASTER_NAME=${MYSQL_USER}
      - MASTER_PASSWORD=${MYSQL_PASSWORD}
      - SECRET_KEY=${SPECIFY_SECRET_KEY}
      - ASSET_SERVER_URL=http://host.docker.internal:${SPECIFY_EXTERNAL_PORTAL_PORT}/web_asset_store.xml
      - ASSET_SERVER_KEY=${ASSET_SERVER_KEY}
      - REPORT_RUNNER_HOST=report-runner
      - REPORT_RUNNER_PORT=8080
      - CELERY_BROKER_URL=redis://redis/0
      - CELERY_RESULT_BACKEND=redis://redis/1
      - LOG_LEVEL=WARNING
      - SP7_DEBUG=false
    extra_hosts:
      - "host.docker.internal:host-gateway"

  specify7-worker:
    restart: unless-stopped
    image: specifyconsortium/specify7-service:v7
    command: ve/bin/celery -A specifyweb worker -l INFO --concurrency=1
    init: true
    volumes:
      - "specify6:/opt/Specify:ro"
      - "static-files:/volumes/static-files"
    environment:
      - DATABASE_HOST=mariadb
      - DATABASE_PORT=3306
      - DATABASE_NAME=${MYSQL_DATABASE}
      - MASTER_NAME=${MYSQL_USER}
      - MASTER_PASSWORD=${MYSQL_PASSWORD}
      - SECRET_KEY=${SPECIFY_SECRET_KEY}
      - ASSET_SERVER_URL=http://host.docker.internal:${SPECIFY_EXTERNAL_PORTAL_PORT}/web_asset_store.xml
      - ASSET_SERVER_KEY=${ASSET_SERVER_KEY}
      - REPORT_RUNNER_HOST=report-runner
      - REPORT_RUNNER_PORT=8080
      - CELERY_BROKER_URL=redis://redis/0
      - CELERY_RESULT_BACKEND=redis://redis/1
      - LOG_LEVEL=WARNING
      - SP7_DEBUG=false

  asset-server:
    restart: unless-stopped
    image: specifyconsortium/specify-asset-service
    init: true
    volumes:
#      - "attachments:/home/specify/attachments" #- "/c/Users/hjulien/DockerMounts/attachments-specify:/home/specify/attachments"
      - type: bind
        source: ${ATTACHMENTS_VOLUME}
        target: /home/specify/attachments
    environment:
      - SERVER_NAME=${YOUR_IP_HERE}
      - SERVER_PORT=${SPECIFY_EXTERNAL_PORTAL_PORT}
      - ATTACHMENT_KEY=${ASSET_SERVER_KEY}
      - DEBUG_MODE=false

  specify6:
    image: specifyconsortium/specify6-service:6.8.02
    volumes:
      - "specify6:/volumes/Specify"

  nginx:
    restart: unless-stopped
    image: nginx
    ports:
      - "${SPECIFY_EXTERNAL_PORTAL_PORT}:80"
    volumes:
      - "static-files:/volumes/static-files:ro"
      - "specify6:/volumes/specify6:ro"
      - "./nginx/specify.conf:/etc/nginx/conf.d/default.conf:ro"

  report-runner:
    restart: unless-stopped
    image: specifyconsortium/report-runner

  redis:
    restart: unless-stopped
    image: redis:6.0

volumes:
  specify6: # provides Specify 6 files to Specify 7 and the web server
  static-files: # provides Specify 7 static files to the web server
#  attachments: # the asset-servers attachment files
#  database: # the data directory for mariadb

The nginx specify.conf file:

server {
    listen 80;
    server_name localhost;
    root /usr/share/nginx;

    # serve static files directly
    location /static/ {
        root /volumes;
        rewrite ^/static/config/(.*)$ /specify6/config/$1 break;
        rewrite ^/static/depository/(.*)$ /static-files/depository/$1 break;
        rewrite ^/static/(.*)$ /static-files/frontend-static/$1 break;
    }

    # proxy these urls to the asset server
    location ~ ^/(fileget|fileupload|filedelete|getmetadata|testkey|web_asset_store.xml) {
        client_max_body_size 0;
        resolver 127.0.0.11 valid=30s;
        set $backend "http://0.0.0.0:8080";
        proxy_pass $backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    # proxy everything else to specify 7
    location / {
        resolver 127.0.0.11 valid=30s;
        set $backend "http://0.0.0.0:8000";
        proxy_pass $backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Could it be that one of the SP-7 images that I am using in my docker-compose has been modified/updated since last automne?

I got it to work again! I modified my $backend urls in the nginx specify.conf file to match the ones in this page and it worked: docker-compositions/all-in-one/nginx/specify.conf at production · specify/docker-compositions (github.com)

Not sure why I had http://0.0.0.0 in there in the first place and why it worked before. But now all seems to be back online.

Thanks @wphillip for your idea

Cheers
Héryk

server {
    listen 80;
    server_name localhost;
    root /usr/share/nginx;

    # serve static files directly
    location /static/ {
        root /volumes;
        rewrite ^/static/config/(.*)$ /specify6/config/$1 break;
        rewrite ^/static/depository/(.*)$ /static-files/depository/$1 break;
        rewrite ^/static/(.*)$ /static-files/frontend-static/$1 break;
    }

    # proxy these urls to the asset server
    location ~ ^/(fileget|fileupload|filedelete|getmetadata|testkey|web_asset_store.xml) {
        client_max_body_size 0;
        resolver 127.0.0.11 valid=30s;
        #set $backend "http://0.0.0.0:8080";
        set $backend "http://asset-server:8080";
        proxy_pass $backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    # proxy everything else to specify 7
    location / {
        resolver 127.0.0.11 valid=30s;
        #set $backend "http://0.0.0.0:8000";
        set $backend "http://specify7:8000";
        proxy_pass $backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}
1 Like

Because 0.0.0.0:8080 was a solution specific for Podman!