I've installed Docker on an AWS EC2 instance and deployed Nginx and PHP-FPM containers.
[ec2-user@ip-172-31-80-56 ~]$ sudo docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS
PORTS NAMES
e8cb988f47ff jeremycanfield/php:latest "docker-php-entrypoi…" 12 days ago Up 12
days 0.0.0.0:9000->9000/tcp php
8ac5a82f84f2 jeremycanfield/nginx:latest "/docker-entrypoint.…" 2 weeks ago Up 2
weeks 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:18080-18085->18080-18085/tcp nginx
At http://ec2-23-22-195-223.compute-1.amazonaws.com/index.html, "Welcome to Nginx" is displayed. When I go to http://ec2-23-22-195-223.compute-1.amazonaws.com/index.php, index.php is downloaded instead of being displayed in the web browser and the browser displays 502 Bad Gateway.
/etc/nginx/conf.d/default.conf in the Nginx container has fastcgi_pass 172.31.29.217:9000.
server {
server_name localhost;
index index.php;
listen 80;
root /var/www/www;
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 172.31.29.217:9000;
include fastcgi_params;
}
}
172.31.29.217 is the IP address bound to the eth0 interface of the EC2 instance.
[ec2-user@ip-172-31-29-217 ~]$ ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP group default
qlen 1000
link/ether 0a:4a:bb:2e:e2:41 brd ff:ff:ff:ff:ff:ff
inet 172.31.29.217/20 brd 172.31.31.255 scope global dynamic eth0
valid_lft 3207sec preferred_lft 3207sec
inet6 fe80::84a:bbff:fe2e:e241/64 scope link
valid_lft forever preferred_lft forever
The PHP-FPM container is listening on port 9000.
[ec2-user@ip-172-31-29-217 ~]$ sudo docker exec php grep ^listen /usr/local/etc/php-fpm.d/www.conf
listen = 127.0.0.1:9000
I restart the PHP container and verify it is up and running.
[ec2-user@ip-172-31-29-217 ~]$ sudo docker restart php
[ec2-user@ip-172-31-29-217 ~]$ sudo docker logs php
[09-Dec-2022 22:08:10] NOTICE: fpm is running, pid 1
[09-Dec-2022 22:08:10] NOTICE: ready to handle connections
Using OpenSSL, I am able to make a connection from the Nginx container to the PHP-FPM container using 172.31.29.217:9000.
[ec2-user@ip-172-31-29-217 ~]$ sudo docker exec nginx openssl s_client -connect 172.31.29.217:9000
write:errno=0
CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 283 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
Or using curl from the Nginx container, I am able to connect to 172.31.29.217:9000.
[ec2-user@ip-172-31-29-217 ~]$ sudo docker exec nginx curl --silent 172.31.29.217:9000 -v
* Trying 172.31.29.217:9000...
* Connected to 172.31.29.217 (172.31.29.217) port 9000 (#0)
> GET / HTTP/1.1
> Host: 172.31.29.217:9000
> User-Agent: curl/7.74.0
> Accept: */*
>
* Empty reply from server
* Connection #0 to host 172.31.29.217 left intact
When I go to http://ec2-23-22-195-223.compute-1.amazonaws.com/index.php, no events appear in the php container logs, almost as if to suggest that the request for index.php is not being forwarded from the Nginx container to the PHP container.
[ec2-user@ip-172-31-29-217 ~]$ sudo docker logs php --tail=2
[09-Dec-2022 22:08:10] NOTICE: fpm is running, pid 1
[09-Dec-2022 22:08:10] NOTICE: ready to handle connections
It is also noteworthy that when I setup a similar Docker server in my lab at home, I do not have this issue. The index.php page loads perfectly in my lab at home.
I am not sure what my next move is.
