looking for some solutions? You are welcome.

SOLVED: Reverse proxy websockets (socket.io) server using NGINX - 502 (Bad Gateway)

zabumba:

My Setup

On Ubuntu 16.04.2 LTS (Amazon AWS EC2):

Nginx version

nginx -v
nginx version: nginx/1.10.0 (Ubuntu)

My app server.js

HTTPS and WebSocket server using a namespace my-sockets-namespace

Using pm2 to start the service. pm2 start server.json

server.json

{
  "script"          : "server.js",
  "error_file"      : "err.log",
  "out_file"        : "out.log",
  "merge_logs"      : true,
  "log_date_format" : "YYYY-MM-DD HH:mm Z"
}

server.js

const express = require('express');
const app = express();
const fs = require('fs');
const https = require('https');
const io = require('socket.io');
const request = require('request');

const port = 3000;

const options = {
    key: fs.readFileSync('./config/ssl/server.key'),
    cert: fs.readFileSync('./config/ssl/server.crt')
};

const httpsServer = https.createServer(options, app)
const ioServer = io(httpsServer, {
    path: '/my-app/socket.io'
});

app.set('view engine', 'ejs');
httpsServer.listen(port, function() {
    console.log("Listening on port " + port);
});

app.get('/index', function(req, res) {
    res.render(path.join(__dirname + '/views/index'));
});

app.get('/my-app/:var', function(req, res) {
   ... some code ...
}

/*
 * SocketIO server with namespace 
 */ 
var nsp = ioServer.of('my-sockets-namespace');

nsp.on('connection', function(socket) {
   ... more code ...
}

For the WebSocket connections, loading this Javascript in my HTML page

var mlSocket = io.connect("http://ift.tt/2qM9Rwm", {
    path: '/my-app/socket.io'
});

Where my-sockets-namespace is the namespace set in server.js

My NGINX configuration nginx.conf

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include            mime.types;
    default_type       application/octet-stream;
    sendfile           on;
    keepalive_timeout  65;

    upstream app_server {
        server 127.0.0.1:3000;
    }

    upstream another_server {
        server http://ift.tt/1iLAEmh;
    }

    # HTTPS server
    #
    server {
        listen       443 ssl;
        server_name  localhost;

        ssl_certificate      /etc/ssl/self-signed-certs/server.crt;
        ssl_certificate_key  /etc/ssl/self-signed-certs/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
          proxy_set_header X-Real-IP 127.0.0.1;
          proxy_set_header Host $hosts;
          proxy_pass https://another_server/;

          # WebSocket support
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
        }

        #
        # my-app
        #
        location ~ ^/(my-app|index) {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass https://app_server;
            proxy_redirect off;

            # WebSocket support
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }

        location ~ ^/(images/|javascript/|js/|css/|stylesheets/|flash/|media/|static/|robots.txt|humans.txt|favicon.ico) {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass https://127.0.0.1:3000;
            #proxy_pass https://app_server;
            proxy_redirect off;
        }
    }

    include servers/*;
}

502 (Bad Gateway) errors

I have tried both to set up NGINX on Windows 2012 Server R2 and Ubuntu 16.04 LTS.

On Windows, the same NGINX configuration file works fine. I am not getting these WebSocket connection errors below.

1. Failed to load resource - 502 (Bad Gateway)

From Chrome Version 58.0.3029.110 (64-bit), I can access the web app file, but I am getting error for the websocket connections

/my-app/http://ift.tt/2qM9Nwt Failed to load resource: the server responded with a status of 502 (Bad Gateway)

2. GET 502 (Bad Gateway)

universalModuleDefinition:2 POST http://ift.tt/2pZVdEI 502 (Bad Gateway)
i.create @ universalModuleDefinition:2
i @ universalModuleDefinition:2
o.request @ universalModuleDefinition:2
o.doWrite @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
o @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
e.encodePacket @ universalModuleDefinition:2
i @ universalModuleDefinition:2
i @ universalModuleDefinition:2
c @ universalModuleDefinition:2
e.encodePayload @ universalModuleDefinition:2
n.write @ universalModuleDefinition:2
n.send @ universalModuleDefinition:2
n.flush @ universalModuleDefinition:2
n.onDrain @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
n.emit @ universalModuleDefinition:2
r @ universalModuleDefinition:2
n.emit @ universalModuleDefinition:2
i.onSuccess @ universalModuleDefinition:2
i.onData @ universalModuleDefinition:2
i.onLoad @ universalModuleDefinition:2
hasXDR.r.onreadystatechange @ universalModuleDefinition:2

3. POST 502 (Bad Gateway)

POST http://ift.tt/2pZVdEI 502 (Bad Gateway)
i.create @ universalModuleDefinition:2
i @ universalModuleDefinition:2
o.request @ universalModuleDefinition:2
o.doWrite @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
o @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
e.encodePacket @ universalModuleDefinition:2
i @ universalModuleDefinition:2
i @ universalModuleDefinition:2
c @ universalModuleDefinition:2
e.encodePayload @ universalModuleDefinition:2
n.write @ universalModuleDefinition:2
n.send @ universalModuleDefinition:2
n.flush @ universalModuleDefinition:2
n.onDrain @ universalModuleDefinition:2
(anonymous) @ universalModuleDefinition:2
n.emit @ universalModuleDefinition:2
r @ universalModuleDefinition:2
n.emit @ universalModuleDefinition:2
i.onSuccess @ universalModuleDefinition:2
i.onData @ universalModuleDefinition:2
i.onLoad @ universalModuleDefinition:2
hasXDR.r.onreadystatechange @ universalModuleDefinition:2

Any pointers on what I may be doing wrong?

Different articles seems to concur that I am doing the correct thing to upgrade HTTP connections to a WebSocket and so does the NGINX doc.

LEADS / IDEAS

  • 502 caused by CDN - I haven't set up any CDN.

  • tried adding proxy_buffering off, but that didn't help

  • cleared my browser cache

  • More about the 502 error

  • Installed valid certificates (instead of self-signed). The SSL related errors are gone, but still getting connect() failed (111: Connection refused) while connecting to upstream in the NGINX err.log

  • Checked that I am working on a recent version of NGINX as suggested in this thread

Tried

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

with

        # WebSocket support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        #proxy_set_header Connection "upgrade";
        proxy_set_header Connection $connection_upgrade;

but that didn't help.

NGINX error.log

2017/05/22 12:39:32 [error] 6269#6269: *780 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNLhgG HTTP/1.1", upstream: "http://ift.tt/2rLAr87", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:32 [error] 6269#6269: *781 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qO58fD HTTP/1.1", upstream: "http://ift.tt/2rLSCdJ", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:34 [error] 6269#6269: *783 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "GET /my-app/http://ift.tt/2qNNyIz HTTP/1.1", upstream: "http://ift.tt/2rLV8Rt", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:34 [error] 6269#6269: *781 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNwBOz HTTP/1.1", upstream: "http://ift.tt/2rM0Jao", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:34 [error] 6269#6269: *783 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNEBiI HTTP/1.1", upstream: "http://ift.tt/2rLQNxH", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:36 [error] 6269#6269: *781 upstream prematurely closed connection while reading response header from upstream, client: 87.143.84.63, server: localhost, request: "GET /my-app/http://ift.tt/2qNJWGI HTTP/1.1", upstream: "http://ift.tt/2rLK06U", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:36 [error] 6269#6269: *781 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNSm0R HTTP/1.1", upstream: "http://ift.tt/2rLSlaN", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:36 [error] 6269#6269: *577 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNJIzv HTTP/1.1", upstream: "http://ift.tt/2rLMVwC", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:37 [error] 6269#6269: *577 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "GET /my-app/http://ift.tt/2qO58MF HTTP/1.1", upstream: "http://ift.tt/2rLRQO1", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:37 [error] 6269#6269: *781 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNJI2s HTTP/1.1", upstream: "http://ift.tt/2rLQPFP", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:37 [error] 6269#6269: *577 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNNJ75 HTTP/1.1", upstream: "http://ift.tt/2rLVdoj", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:40 [error] 6269#6269: *580 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "GET /my-app/http://ift.tt/2qNOwou HTTP/1.1", upstream: "http://ift.tt/2rLS1Jd", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:40 [error] 6269#6269: *577 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qO5a7f HTTP/1.1", upstream: "http://ift.tt/2rLZjMV", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"
2017/05/22 12:39:40 [error] 6269#6269: *580 connect() failed (111: Connection refused) while connecting to upstream, client: 87.143.84.63, server: localhost, request: "POST /my-app/http://ift.tt/2qNyYkm HTTP/1.1", upstream: "http://ift.tt/2rM0JXW", host: "my.domain.com", referrer: "http://ift.tt/2q29uki"

Interestingly, the connection gets through, as I am logging a message on connection

console.info("Websocket connection");

I can see that message in the out.log

2017-05-22 18:44 +00:00: Express server listening on port 3000
2017-05-22 18:44 +00:00: Websocket connection
2017-05-22 18:44 +00:00: >> join room: 887771
2017-05-22 18:44 +00:00: Express server listening on port 3000
2017-05-22 18:44 +00:00: Websocket connection
2017-05-22 18:44 +00:00: >> join room: 887771
2017-05-22 18:44 +00:00: Express server listening on port 3000
2017-05-22 18:44 +00:00: Websocket connection
2017-05-22 18:44 +00:00: >> join room: 887771
2017-05-22 18:44 +00:00: Express server listening on port 3000
2017-05-22 18:44 +00:00: Websocket connection
2017-05-22 18:44 +00:00: >> join room: 887771
2017-05-22 18:44 +00:00: Express server listening on port 3000
2017-05-22 18:45 +00:00: Websocket connection
2017-05-22 18:45 +00:00: >> join room: 887771
2017-05-22 18:45 +00:00: Express server listening on port 3000
2017-05-22 18:45 +00:00: Websocket connection

but I can also see that it's printing the Express server listening on port 3000 message.



Posted in S.E.F
via StackOverflow & StackExchange Atomic Web Robots
This Question have been answered
HERE
Share:

No comments:

Recent