Nginx + dnsmasq = 'could not be resolved (5: Operation refused)'

I’m trying to set up a django site using docker, nginx and uwsgi:
I have a nginx docker container working as a reverse proxy (called ceca-nginx-proxy) where dnsmasq is running and another nginx (ceca-nginx) container that communicates with an uwsgi container (ceca-uwsgi), I can connect using curl (with curl --resolve http://test.ceca.com http://172.17.0.7) to the ceca-nginx container and I get the django site running in the ceca-uwsgi container, the problem is when I want to get the site via ceca-nginx-proxy: I’m getting this error in my ceca-nginx-proxy error log:

ceca-nginx could not be resolved (5: Operation refused), client: 172.17.0.1, server: *.ceca.com, request: “GET / HTTP/1.1”, host: “172.17.0.8”

  • Can I run windows containers using docker-toolbox on windows 7?
  • The docker compose will remain legacy volumes and couldn't now clear them
  • docker.py: why pass the volumes parameter twice?
  • Docker build error - OSError: [Errno 2] No such file or directory
  • What benefits does Docker Compose have over Docker Swarm and Docker Stack?
  • Docker Swarm, Compose V3 and exposed IP address
    • 172.17.0.1 is the docker ip assigned
    • *.ceca.com is the server_name defined in the ceca-nginx-proxy’s nginx config
    • 172.17.0.8 is the ceca-nginx-proxy ip
    • The server block of ceca-nginx-proxy reverse proxy is:

      server {
          listen 80;
          server_name *.ceca.com;
          error_log   /tmp/proxy_error_nginx.log warn;
          access_log  /tmp/proxy_access_nginx.log;
      
          location / {
              set $example ceca-nginx;
              resolver 127.0.0.1;
              proxy_pass http://$example;
          }
      } 
      

      And I’m running dnsmasq in the same machine to resolve hostnames in /etc/hosts (hostnames from docker linked containers) like this:

      dnsmasq -q -8 /tmp/dnsmasq.log --port 53 -R -u root
      

      For what I see in dnsmasq.log, the hostname is resolving ok [1] but nginx is complaining and returning a “502 Bad Gateway” page.
      If anyone can help me with this, I’ll be eternally grateful and buy lots of beer and fernet if we met.

      [1]
      
      Jun  6 21:39:47 dnsmasq[321]: query[A] ceca-nginx from 127.0.0.1
      Jun  6 21:39:48 dnsmasq[321]: /etc/hosts ceca-nginx is 172.17.0.7
      Jun  6 21:39:48 dnsmasq[321]: query[AAAA] ceca-nginx from 127.0.0.1
      

  • How to access a Process running on docker on a host from a remote host
  • How I can create docker-machine from Command-Line on Docker for Mac without VirtualBox?
  • Migrating Established TCP connection with docker containers
  • How can I reflect the data in one container to another?
  • The requested URL was not found on this server but works local
  • return from docker-compose up in jenkins
  • One Solution collect form web for “Nginx + dnsmasq = 'could not be resolved (5: Operation refused)'”

    Your problem seems to be related to Nginx resolver directive configuration.
    By default, Nginx will try to resolve both IPv4 and IPV6 addresses. It will pick up first response from DNS server (dnsmasq in your case), cache it and fall down with an exception Operation refused, as it couldn’t resolve DNS name to IPv6 address. The solution is add ipv6=off to your resolver directive, so it should look like this:

    ...
    resolver 127.0.0.1 ipv6=off;
    ...
    

    This will force Nginx to stop resolving DNS records to IPv6.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.