Cpanel x Apache Proxy Redirect x Docker

Operating System & Version
CENTOS 7.8 kvm
cPanel & WHM Version
11.88.0.13

nunolopes

Registered
Aug 4, 2020
4
1
3
Brazil
cPanel Access Level
Root Administrator
Hi

I have 2 servers with CPanel (latest version) on CentOs7 and I need to have docker installed. We are not resellers, the whole server is for our usage, for our one accounts.

In one of the servers all is working well, with mod proxy redirecting requests made on port 80 from one customer account to docker running locally with another port exposed.

But on the new server I can't get it to work. It just doesn't redirect properly. If I access the server's <IP address/account domain>:<docker port> it works, but using mod_proxy I get a 502 bad gateway.

I remember that on the older server I had to disable something on the account's configuration so it would work (this "something" when enabled resulted in the proxying not working). I disabled it and all was fine. But I can't remember what is was and so I can't solve this issue :)

Can someone help me with this?

Thanks in advance,
Nuno Lopes
 

cPAdminsMichael

Well-Known Member
Dec 19, 2016
129
40
103
Denmark
cPanel Access Level
Root Administrator
First - in general I'd recommend having dedicated servers for Docker/Kubernetes environment and not mixing that with cPanel :)
When that is said... how do you use mod_proxy, can you share the ProxyPass lines? Or maybe the whole .htaccess file would help.
 

nunolopes

Registered
Aug 4, 2020
4
1
3
Brazil
cPanel Access Level
Root Administrator
Hi
I use CPanel to be able to, easier, add new accounts pointing to docker applications, using WHM. So, if I want to add redmine, I just add a docker container with redmine, when using "docker run" I pass the database directives/configuration (username, pwd, etc...), map the directories I don't want inside the container (files for example) and that's it. On the other server it just works.

My setup is like this:

- on WHM add a new account;
- on the registrar I point that domain/subdomain (the one used in the account's) to the server IP (I use the registrar's DNS configuration, not the server's);
- after it is working, I add the docker container, exposing to the outside, a none used port (let's say 3000, 3001, etc...), but inside pointing to the correct port used by the application (on this redmine example it would be the port 3000);
- then I add 2 files to the apache configuration, on these locations:

/etc/apache2/conf.d/userdata/std/2_4/<account name>/<account domain>/<anything>.conf
/etc/apache2/conf.d/userdata/ssl/2_4/<account name>/<account domain>/<anything>.conf

Bellow, I substitute what is inside "<" and ">" with the correct values, for example:

<domain> by redmine.mydomain.com
and
<port> by 3000

Inside the 1st:


Code:
<Proxy *>
    Order deny,allow
    Allow from all
</Proxy>

ProxyPass / http://<domain>:<port>/
ProxyPassReverse / http://<domain>:<port>/
<Location />
    Order allow,deny
    Allow from all
</Location>
Inside the 2nd:

Code:
ProxyPass / http://<domain>:<port>/
- Then, I run the script bellow to rebuild the apache configuration, acknowledging the new account's configuration files:

Code:
/usr/local/cpanel/scripts/rebuildhttpdconf
- And restart the apache server:

Code:
/usr/local/cpanel/scripts/restartsrv_httpd
On the old server, it just works.

On the new server, as stated, if I go through apache I get a 502 bad gateway, but directly on http://<domain>:<port> it works.
 

cPAdminsMichael

Well-Known Member
Dec 19, 2016
129
40
103
Denmark
cPanel Access Level
Root Administrator
Hm...
502 Bad Gateway is usually because the proxy don't get anything back from the destination.
Have you tried writing ip-address instead of hostname/domain? Having any enabled redirect rules? Forcing SSL?

What does your Apache log files say?
 

nunolopes

Registered
Aug 4, 2020
4
1
3
Brazil
cPanel Access Level
Root Administrator
Yes, tried with the server's public IP address and 127.0.0.1 and the docker container IP... none of them worked. The thing is that on the other server works. I thought maybe someone had had the same problem and knew what we needed to disable/enable to make it work on CPanel. I'll do some more digging on my side. Thanks anyway for your help.