Nginx + dnsmasq = 'could not be resolved (5: Operation refused)'

I’m trying to set up a django site using docker, nginx and uwsgi:
I have a nginx docker container working as a reverse proxy (called ceca-nginx-proxy) where dnsmasq is running and another nginx (ceca-nginx) container that communicates with an uwsgi container (ceca-uwsgi), I can connect using curl (with curl --resolve http://test.ceca.com http://172.17.0.7) to the ceca-nginx container and I get the django site running in the ceca-uwsgi container, the problem is when I want to get the site via ceca-nginx-proxy: I’m getting this error in my ceca-nginx-proxy error log:

ceca-nginx could not be resolved (5: Operation refused), client: 172.17.0.1, server: *.ceca.com, request: “GET / HTTP/1.1”, host: “172.17.0.8”

  • How to dynamically modify the startup parameters of a running container?
  • Restarting named container assigns different IP
  • Docker Compose 3 controlling resources (memory, cpu)
  • Docker Garbage collector not finding anything to delete
  • How to create privilege (per user) in Kibana
  • unexpected “permission denied” with 3.13 host
    • 172.17.0.1 is the docker ip assigned
    • *.ceca.com is the server_name defined in the ceca-nginx-proxy’s nginx config
    • 172.17.0.8 is the ceca-nginx-proxy ip
    • The server block of ceca-nginx-proxy reverse proxy is:

      server {
          listen 80;
          server_name *.ceca.com;
          error_log   /tmp/proxy_error_nginx.log warn;
          access_log  /tmp/proxy_access_nginx.log;
      
          location / {
              set $example ceca-nginx;
              resolver 127.0.0.1;
              proxy_pass http://$example;
          }
      } 
      

      And I’m running dnsmasq in the same machine to resolve hostnames in /etc/hosts (hostnames from docker linked containers) like this:

      dnsmasq -q -8 /tmp/dnsmasq.log --port 53 -R -u root
      

      For what I see in dnsmasq.log, the hostname is resolving ok [1] but nginx is complaining and returning a “502 Bad Gateway” page.
      If anyone can help me with this, I’ll be eternally grateful and buy lots of beer and fernet if we met.

      [1]
      
      Jun  6 21:39:47 dnsmasq[321]: query[A] ceca-nginx from 127.0.0.1
      Jun  6 21:39:48 dnsmasq[321]: /etc/hosts ceca-nginx is 172.17.0.7
      Jun  6 21:39:48 dnsmasq[321]: query[AAAA] ceca-nginx from 127.0.0.1
      

  • connect robomongo to mongo instance running inside docker container
  • How to make docker to stop container when host process attached to tty terminates
  • Multiple docker using VPN
  • Docker not supported on 32-bit OS
  • How to write a bash script which automate entering “docker container” and doing other things?
  • How to forward upstream from nginx to upstream server
  • One Solution collect form web for “Nginx + dnsmasq = 'could not be resolved (5: Operation refused)'”

    Your problem seems to be related to Nginx resolver directive configuration.
    By default, Nginx will try to resolve both IPv4 and IPV6 addresses. It will pick up first response from DNS server (dnsmasq in your case), cache it and fall down with an exception Operation refused, as it couldn’t resolve DNS name to IPv6 address. The solution is add ipv6=off to your resolver directive, so it should look like this:

    ...
    resolver 127.0.0.1 ipv6=off;
    ...
    

    This will force Nginx to stop resolving DNS records to IPv6.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.