New RC Nginx Issues


#1

I am deploying RC in Docker EE 18.09, UCP 3.1.2. I have deployed my compose file with no issues in the old Docker EE and UCP. Now i am getting

[emerg] bind() to 0.0.0.0_443 failed (98_ Address in use)

I am confused I never had this problem before until i updated Docker

version: ‘3.3’
services:
nginx:
image: nginx:alpine
deploy:
replicas: 1
mode: replicated
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
#Change the URL to your URL
com.docker.lb.hosts: rc.com
com.docker.lb.network: rc-network
com.docker.lb.port: 3000
com.docker.lb.ssl_passthrough: “true”
restart_policy:
condition: on-failure
environment:
METADATA: end-to-end-TLS
networks:
- rc-network
secrets:
#Change file names to your file names if needed.
- card.crt
- card.key
- rc-site.conf
- card.crt
command: sh -c “cp -f /run/secrets/rc-site.conf /etc/nginx/conf.d/default.conf && exec nginx -g ‘daemon off;’”
rocket-chat:
image: rocketchat/rocket.chat:0.73.2
deploy:
mode: replicated
replicas: 1
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
restart_policy:
condition: on-failure
environment:
#Change ROOT_URL to your URL
- ROOT_URL=https://rc.com
- ROCKETCHAT_URL=https://rc.com
- MONGO_OPLOG_URL=mongodb://db1,db2,db3/local?replicaSet=rs0
- MONGO_URL=mongodb://db1,db2,db3/meteor?replicaSet=rs0
- http_proxy=http://proxy/
- https_proxy=http://proxy/
- no_proxy=localhost, 127.0.0.1, /var/run/docker.sock
- MAIL_URL=:mail
secrets:
- card.crt
networks:
- rc-network
db1:
image: mongo:3.6
command: mongod --smallfiles --oplogSize 128 --replSet rs0
deploy:
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
restart_policy:
condition: on-failure
volumes:
- db1-data:/data/db
networks:
- rc-network
db2:
image: mongo:3.6
command: mongod --smallfiles --oplogSize 128 --replSet rs0
deploy:
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
restart_policy:
condition: on-failure
volumes:
- db2-data:/data/db
networks:
- rc-network
db3:
image: mongo:3.6
command: mongod --smallfiles --oplogSize 128 --replSet rs0
deploy:
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
restart_policy:
condition: on-failure
volumes:
- db3-data:/data/db
networks:
- rc-network
mongo-init-replica:
image: mongo:3.6
#You have to change db names to what you will be naming your stack. Example: _db1, db2, or db3:27017
command: ‘mongo db1/meteor --eval “rs.initiate({_id: ‘‘rs0’’,version: 1,members: [{ _id: 0, host : ‘‘db1:27017’’ },{ _id: 1, host : ‘‘db2:27017’’ },{ _id: 2, host : ‘‘db3:27017’’ }]})”’
deploy:
labels:
#Change docker collection group if needed. Example: /Shared/
com.docker.ucp.access.label: /Shared/Rocket.Chat
restart_policy:
condition: on-failure
networks:
- rc-network
networks:
rc-network:
external: true
volumes:
db1-data:
external: true
db2-data:
external: true
db3-data:
external: true
secrets:
card.crt:
external: true
card.key:
external: true
rc-site.conf:
external: true
card.crt:
external: true

upstream backend {
server rocket-chat:3000;
}
server {
listen 443 ssl;
server_name rc.com;
error_log /var/log/nginx/rocketchat.access.log;
ssl_certificate /run/secrets/card.crt;
ssl_certificate_key /run/secrets/card.key;
ssl_client_certificate /run/secrets/card.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}


#2

Your error seems to be about a bind issue. But I don’t see where you are attempting to bind to 8443 anywhere in your docker-compose.

I’d double check you’re stopping containers and stuff before bringing up new copy.


#3

Yea I do not know why it is given me this error inside the nginx container. I have never ran into this issue before. I have deployed RC many of times testing the compose file. I think it might be an issue with the new Docker 18.09.1. I am still trying to figure it out.


#4

This is all ran inside the nginx container…
When run nginx i get

nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Address in use) ```

When I run nginx -t i get 
```/ # nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful```

When I run netstat -tulpn i get
```/ # netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.11:33291        0.0.0.0:*               LISTEN      -
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1/nginx: master pro
udp        0      0 127.0.0.11:46370        0.0.0.0:*                           -```
Why am I having this issue? I have never ran into this issue. 

#5

Solution: I was putting the incorrect port in com.docker.lb.port. Since, nginx uses 443 in the config file that is how docker communicates with the container.