Graylog2/nginx/docker-compose web issue


(Josh Trow) #1

I’m trying to add in graylog into a docker-compose config, and while I can get the server in and the UI to show up, it throws an error on the page that “We are experiencing problems connecting to the Graylog server running on [http]://172.18.0.8:9000/api/. Please verify that the server is healthy and working correctly.” The flow of the application is:

  1. Namecheap DNS (dynamic, updating with ddclient)
  2. xFinity modem in bridge mode
  3. Netgear router with port forwarding of 80 and 443 to server
  4. server with docker-compose running - fronted by ‘jwilder/nginx-proxy’ with the SSL companion ‘JrCs/docker-letsencrypt-nginx-proxy-companion’ as well, routing via ‘host’ name to this server

Net traffic seems to work fine in general (forwarding rules, etc are configured correctly). I can get the GrayLog webpage to load, and my other docker images load fine as well.

docker-compose (.env file has URLBASE value):

version: '2'

services:
#############################
## Infrastructure stuff
#############################
  nginx-proxy:
    image: jwilder/nginx-proxy
    environment:
      - DEFAULT_HOST=redirector.${URLBASE}
    ports:
      - "8080:80"
      - "8443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./sslcerts:/etc/nginx/certs:ro
      - /etc/nginx/vhost.d
      - /usr/share/nginx/html

  certmanager:
    image: jrcs/letsencrypt-nginx-proxy-companion
    volumes_from:
      - nginx-proxy:rw
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./sslcerts:/etc/nginx/certs:rw
    environment:
      - LETSENCRYPT_EMAIL=[my email]

  graylog-mongo:
    image: "mongo:3"
    volumes:
      - ./graylog/data/mongo:/data/db
  graylog-elasticsearch:
    image: "elasticsearch:2"
    volumes:
      - ./graylog/data/elasticsearch:/usr/share/elasticsearch/data
    command: "elasticsearch -Des.cluster.name='graylog'"

#############################
## Here begin the routed apps
#############################
  redirector:
    image: trowj/redirector:1
    environment:
      - REDIRECT_URL=http://www.${URLBASE}
      - VIRTUAL_HOST=redirector.${URLBASE}

  personalsite:
    image: trowj/personalsite:1
    environment:
      - VIRTUAL_HOST=www.${URLBASE}
      - LETSENCRYPT_HOST=www.${URLBASE}

  graylog:
    image: graylog2/server:2.1.1-1
    expose:
      - "9000"
    volumes:
      - ./graylog/data/journal:/usr/share/graylog/data/journal
      - ./graylog/config:/usr/share/graylog/data/config
    environment:
      GRAYLOG_PASSWORD_SECRET: [secret]
      GRAYLOG_ROOT_PASSWORD_SHA2: [sha2]
      GRAYLOG_WEB_ENDPOINT_URI: "https://logs.${URLBASE}:443/api/"
      GRAYLOG_REST_ENDPOINT_URI: "https://logs.${URLBASE}:443/api/"
    links:
      - graylog-mongo:mongo
      - graylog-elasticsearch:elasticsearch
    ports:
      - "9000"
      - "12201/udp:12201/udp"
      - "1514/udp:1514/udp"
    environment:
      - VIRTUAL_HOST=logs.${URLBASE}
      - VIRTUAL_PORT=9000
      - LETSENCRYPT_HOST=logs.${URLBASE}

The long way around this is I would expect to get the webUI making requests back to ‘https://logs.{URL}/api/’ - but it’s not. It is making requests to ‘http://{the internal IP of the container}:9000/api/’ and I don’t understand why that is.

I can see from chrome Dev tools that the config.js call returns:

window.appConfig = {
  gl2ServerUrl: 'http://172.18.0.8:9000/api/',
  gl2AppPathPrefix: '',
  rootTimeZone: 'UTC',
};

Any help is much appreciated!


(Josh Trow) #2

One quick note - if on that page i then run in console an override to what i expect the gl2serverurl value to be (the real URL), then it works and I can login and search logs as expected.


(system) #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.