Multiple processes dns resolution

I have a configuration of the main process being an nginx server, and two other processes that are exposed on ports 3000 and 3001. If I ssh in to the two sub processes, I can curl and get from their endpoints. If I try curling by using the internal dns, it doesn’t work (when ssh’ing and through my nginx server I just get bad gateway).

My fly.toml has:

[processes]
    nginx = "nginx -c /app/nginx.conf -g \"daemon off;\""
    web = "npm run deploy"
    rust_htmx = "./rust_htmx"

[[services]]
  protocol = "tcp"
  internal_port = 80 
  processes = ["nginx"]

In case it might help, my nginx config is

http {
    server {
        listen 80;
        listen [::]:80;

        location /htmx/rust {
            proxy_pass http://rust_htmx.process.<app>.internal:3001;
            proxy_set_header Host $host;
        }
 
        location / {
            proxy_pass http://web.process.<app>.internal:3000;
            proxy_set_header Host $host;
        }
    }
}

Here is curling and getting some response but I can’t through the internal dns, only localhost for some reason. This is on the “web” process vm. (I replaced my machineid and app name for privacy/security, not sure if someone can do something with them).

root@<machineid>:/app# curl <app>.internal
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.18.0</center>
</body>
</html>


root@<machineid>:/app# curl <app>.internal:3000
curl: (7) Failed to connect to <app>.internal port 3000: Connection refused


root@<machineid>:/app# curl web.process.<app>.internal:3000
curl: (7) Failed to connect to web.process.<app>.internal port 3000: Connection refused


root@<machineid>:/app# curl localhost:3000
<!DOCTYPE html>
<html lang="en">
    <head>

I just want this nginx server to work as a reverse proxy for my two processes, any help is appreciated!

Hey, you need to set the resolver directive on NGINX to fly’s dns server (fdaa::3):

• Module ngx_http_core_module
• Private Networking · Fly Docs

By the way, if I’m not mistaken you should set the app url as a variable to force nginx re-resolve the DNS periodically - otherwise nginx wont find new/updated machines (at least for the free version)

Hey thank you for your input!

It seems like it is properly resolving the apps, but they just refuse any connections via .process..internal for some reason even with curl. I changed my fly.toml to expose some of their ports (which is not what I want to end up doing, I want them private), and I was able to hit the endpoints via their exposed public ports- but still when I curl, it says connection refused (rather than could not resolve host)

If I add

resolver fdaa::3;

To my nginx config, it says invalid port for “fdaa::3”. I haven’t worked with nginx before or networking, so I think I’m adding it wrong (I added it under server).

It looks like it was just my bad I wasn’t exposing those processes ports on ipv4 and ipv6, I exposed them on ipv6 and it works now! Thank you for your help

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.