Wildlfy with Nginx not working properly

1
votes

We had installed wildfly for a couple of time working correctly. We configured right now Nginx as reverse proxy for wildfly.

We're getting on OPTIONS method 405 Method Not Allowed. Here is the configuration of nginx.

  • /etc/nginx/conf.d/wildfly.conf

    upstream wildfly {
     server 127.0.0.1:8081;
}

server {
    listen 8080;
    server_name guest1;

    location/ {  
        proxy_pass http://wildfly;
     }
}
    • Error obtained after installing nginx:

enter image description here

This is the error got by nginx:

2017/06/23 08:16:54 [crit] 1386#0: *9 connect() to 127.0.0.1:8081 failed (13: Permission denied) while connecting to upstream, client: 172.28.128.1, server: guest1, request: "OPTIONS /commty/cmng/users HTTP/1.1", upstream: "http://127.0.0.1:8081/commty/cmng/users", host: "guest1:8080"

What I'm missing?

1
nginxwildfly
What does the nginx log say? Does it forward the options request to wildfly? Based on your pic it us not possible to say. Also how does wildfly handle the request to url commty/cmgt/users? Do you have a rest endpoint there or servlet? - yntelectual
Sorry, I couldn't answer since now. I have rest endpoint. I updated the answer with the nginx error log. - Lechucico
ok, now what about your wildfly log? Did the nginx manage to get through to it? If yes, what does your wifldly say. If no, try to check if SElinux is enabled, try running sudo cat /var/log/audit/audit.log | grep nginx | grep denied. - yntelectual
nothing appears on wildfly. Same for audit. The only place that I can see something is on /var/log/nginx/error.log. If I try a normal acces (for example, accessing with guest1:8080) I can see the wildfly default webpage and all works ok. If I try guest1:8080/commty/cmng/users it doesn't work - Lechucico
In audit I found this message: type=AVC msg=audit(1498207468.887:68): avc: denied { name_connect } for pid=876 comm="nginx" dest=8081 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:transproxy_port_t:s0 tclass=tcp_socket - Lechucico

1 Answers

-1
votes

I've done the following to finally make it work on CentOS7 + Wildfly.

  • Vagrant up

  • Install NGINX

    • yum install epel-release
    • yum install nginx

  • Configure /etc/nginx/nginx.conf (default configuration)

  • Configure /etc/nginx/conf.d/wildfly.conf (using port 80 for nginx and 8080 for wildfly)

    upstream wildfly {
    server 127.0.0.1:8080;
}

server {
    listen 80;
    server_name guest1;

    location / {  
        proxy_pass http://wildfly;
     }
}

Also set SELinux permissive for let nginx work.

$ setenforce permissive

After that wildfly is working properly through nginx.